Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
File:                     2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft (raw, json)
Hash identifier:          80TTQEvvKF+iJaVjveEBGpkHlA+dEvUuqflskkqX6R0=
Subject key identifier:   35:77:F2:EE:F2:88:B0:99:10:2F:A8:AE:66:8A:A1:AA:45:72:58:B4
Authority key identifier: DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F
Certificate issuer:       /CN=dae57631f60adb13f0ae368671ce0f8742f5977f
Certificate serial:       01976D74617B49BF259088FA833D1D187ADF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
Manifest number:          158A
Signing time:             Sat 14 Jun 2025 08:00:32 +0000
Manifest this update:     Sat 14 Jun 2025 08:00:32 +0000
Manifest next update:     Sun 15 Jun 2025 08:00:32 +0000
Files and hashes:         1: 2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl (hash: aHt01Hz5pO9Zs1uc6Ph55vQYlBFBcdBDtH80ULyPwFM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:74:61:7b:49:bf:25:90:88:fa:83:3d:1d:18:7a:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dae57631f60adb13f0ae368671ce0f8742f5977f
        Validity
            Not Before: Jun 14 08:00:32 2025 GMT
            Not After : Jun 15 08:00:32 2025 GMT
        Subject: CN=3577f2eef288b099102fa8ae668aa1aa457258b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:eb:b5:13:2c:03:5e:c4:32:cf:7f:c3:c1:3a:
                    24:4b:b7:1b:fc:d4:9b:0e:93:84:81:76:eb:82:0b:
                    17:ba:d6:85:f9:72:43:eb:64:08:cf:66:98:66:19:
                    47:c5:5d:38:b7:84:ca:f6:33:1e:c7:fe:c6:72:9d:
                    54:3b:50:b3:a0:1c:bd:25:a9:e4:1d:83:2c:f9:e7:
                    8f:bf:92:1b:eb:86:39:d4:48:a7:31:b9:d0:99:1b:
                    99:9d:4e:21:da:2e:d1:ab:d3:03:4d:da:c3:0d:61:
                    99:5e:ec:2d:fc:22:b6:28:2a:89:ca:89:07:f7:08:
                    28:51:05:2b:5e:97:70:d3:0c:82:b1:f3:de:f8:b8:
                    19:24:04:6d:25:19:69:f3:55:17:28:1c:18:58:64:
                    fe:97:53:c1:bd:86:7e:0e:6a:27:46:79:47:70:be:
                    2a:d4:c1:a2:09:e5:9f:46:0f:23:ea:4d:9b:fe:ee:
                    fd:ae:0c:e9:24:76:7d:20:26:d4:47:fe:73:db:b8:
                    4c:86:3e:76:77:d4:22:f1:e8:e6:50:28:c5:fe:e1:
                    17:e1:f3:55:9c:f6:b8:01:d9:a4:fa:b4:96:82:b7:
                    c8:ec:91:0b:2a:cd:8e:de:e0:f9:2f:68:c5:01:e8:
                    ae:d8:83:6d:c4:b5:54:4b:62:6c:0b:cb:7e:55:40:
                    4e:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:77:F2:EE:F2:88:B0:99:10:2F:A8:AE:66:8A:A1:AA:45:72:58:B4
            X509v3 Authority Key Identifier:
                keyid:DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:74:a6:49:d3:6a:aa:f8:10:ec:e0:1b:b8:dd:a3:95:00:af:
         27:e9:62:40:5c:4b:ae:a9:6f:02:c5:7a:68:9d:a3:42:4e:ff:
         31:1c:d8:65:9f:8b:8e:37:8c:d6:bf:96:18:ad:ec:32:e6:bb:
         62:d2:17:0b:b6:50:ff:87:60:25:fd:d9:1e:29:76:21:d5:76:
         eb:79:e9:48:1d:12:27:17:55:18:e7:bb:6d:7a:23:e5:a2:c9:
         5b:59:ff:2f:3a:6e:cd:9d:ea:3a:fd:cc:74:81:f2:ba:b6:dc:
         b6:59:21:6a:46:f2:35:29:0d:39:3c:f5:0c:2f:cd:42:21:c3:
         97:d3:ac:5d:de:71:81:02:83:47:ba:0f:8d:65:fb:11:fc:6a:
         64:13:c4:a4:60:dd:38:23:7f:54:2d:6e:78:94:34:05:db:03:
         92:28:44:1b:6e:5d:8c:61:db:0c:34:ef:c6:48:70:a1:e2:ef:
         a7:27:e6:39:3e:fd:b5:7e:ee:7a:be:58:66:89:15:be:82:62:
         cd:d7:ea:58:06:be:09:83:08:ac:e8:2b:81:1f:85:3b:04:cb:
         61:c7:6f:17:f8:fd:f7:75:d6:e2:8a:71:65:ba:5e:5e:1e:3b:
         d2:11:03:da:0a:be:ee:24:70:da:56:42:4a:50:0c:0a:33:d5:
         df:62:72:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtdGF7Sb8lkIj6gz0dGHrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTU3NjMxZjYwYWRiMTNmMGFlMzY4NjcxY2UwZjg3NDJm
NTk3N2YwHhcNMjUwNjE0MDgwMDMyWhcNMjUwNjE1MDgwMDMyWjAzMTEwLwYDVQQD
EygzNTc3ZjJlZWYyODhiMDk5MTAyZmE4YWU2NjhhYTFhYTQ1NzI1OGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuu1EywDXsQyz3/DwTokS7cb/NSb
DpOEgXbrggsXutaF+XJD62QIz2aYZhlHxV04t4TK9jMex/7Gcp1UO1CzoBy9Jank
HYMs+eePv5Ib64Y51EinMbnQmRuZnU4h2i7Rq9MDTdrDDWGZXuwt/CK2KCqJyokH
9wgoUQUrXpdw0wyCsfPe+LgZJARtJRlp81UXKBwYWGT+l1PBvYZ+DmonRnlHcL4q
1MGiCeWfRg8j6k2b/u79rgzpJHZ9ICbUR/5z27hMhj52d9Qi8ejmUCjF/uEX4fNV
nPa4Admk+rSWgrfI7JELKs2O3uD5L2jFAeiu2INtxLVUS2JsC8t+VUBOEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDV38u7yiLCZEC+ormaKoapFcli0MB8GA1UdIwQY
MBaAFNrldjH2CtsT8K42hnHOD4dC9Zd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEt
NDM5ZjM2ZTE2NTNhLzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEtNDM5ZjM2ZTE2NTNh
LzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVnSmSdNq
qvgQ7OAbuN2jlQCvJ+liQFxLrqlvAsV6aJ2jQk7/MRzYZZ+LjjeM1r+WGK3sMua7
YtIXC7ZQ/4dgJf3ZHil2IdV263npSB0SJxdVGOe7bXoj5aLJW1n/LzpuzZ3qOv3M
dIHyurbctlkhakbyNSkNOTz1DC/NQiHDl9OsXd5xgQKDR7oPjWX7EfxqZBPEpGDd
OCN/VC1ueJQ0BdsDkihEG25djGHbDDTvxkhwoeLvpyfmOT79tX7uer5YZokVvoJi
zdfqWAa+CYMIrOgrgR+FOwTLYcdvF/j993XW4opxZbpeXh470hED2gq+7iRw2lZC
SlAMCjPV32Jy8A==
-----END CERTIFICATE-----