Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
File:                     AhaSppUBf7XEv4wjgHjzA9j78Ic.mft (raw, json)
Hash identifier:          iW+8GawYlq/S9WtQ1Umx8jtawCkwzCd2O6tN/pFkctw=
Subject key identifier:   F5:37:E5:30:00:E0:AE:AF:1B:C6:87:E3:07:4B:99:D9:6F:A2:A0:BF
Authority key identifier: 02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87
Certificate issuer:       /CN=021692a695017fb5c4bf8c238078f303d8fbf087
Certificate serial:       01976F2CACBB419055FF2225D4095F36C9C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 16:01:28 +0000
Manifest this update:     Sat 14 Jun 2025 16:01:28 +0000
Manifest next update:     Sun 15 Jun 2025 16:01:28 +0000
Files and hashes:         1: AhaSppUBf7XEv4wjgHjzA9j78Ic.crl (hash: 6hHiEKFq7Q2W4TOr5j6WGI4CLSG/BHZ34+s3+lbgdW4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 16:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:ac:bb:41:90:55:ff:22:25:d4:09:5f:36:c9:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=021692a695017fb5c4bf8c238078f303d8fbf087
        Validity
            Not Before: Jun 14 16:01:28 2025 GMT
            Not After : Jun 15 16:01:28 2025 GMT
        Subject: CN=f537e53000e0aeaf1bc687e3074b99d96fa2a0bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:26:9d:74:55:d6:b4:0b:8d:63:9b:30:d6:54:
                    d0:44:6a:fe:68:19:50:14:92:bd:64:96:07:d8:80:
                    1d:f0:38:d3:a1:92:27:dd:ee:91:43:26:e5:d3:ab:
                    d9:dc:59:d8:53:eb:f2:a1:77:52:8c:b7:bd:f2:61:
                    76:b5:71:78:e8:be:fb:b3:0f:34:23:e9:e1:ea:a4:
                    c6:1c:b9:b8:22:1c:4f:7e:26:81:17:5f:5a:c4:4d:
                    6a:df:1e:d1:b8:ab:cf:38:72:a9:7a:8b:63:32:9e:
                    f7:aa:3a:05:17:7a:b2:9b:94:7a:0b:65:9c:0c:3f:
                    24:33:7e:ab:4b:c1:81:76:3e:a3:f0:46:16:4d:4d:
                    46:7e:47:b2:2e:20:b9:bb:35:7b:32:26:cf:f2:76:
                    92:54:71:65:90:b5:d3:84:38:ad:b1:a4:e9:11:73:
                    b1:65:04:90:5f:4a:dc:6e:bf:8e:5e:50:b1:d9:dc:
                    73:a1:96:f9:91:c8:17:78:b1:23:a2:e5:66:2f:c3:
                    1e:c3:3a:3d:89:5f:b9:9a:a7:db:71:64:c8:ed:16:
                    b1:79:5c:41:b3:51:74:e3:01:fc:d3:d9:e5:10:b6:
                    6a:bc:f3:e4:4c:09:1f:ce:c5:8e:b4:95:c6:29:34:
                    2f:bf:5e:51:dc:b1:22:d0:d5:b5:59:39:16:11:71:
                    5c:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:37:E5:30:00:E0:AE:AF:1B:C6:87:E3:07:4B:99:D9:6F:A2:A0:BF
            X509v3 Authority Key Identifier:
                keyid:02:16:92:A6:95:01:7F:B5:C4:BF:8C:23:80:78:F3:03:D8:FB:F0:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhaSppUBf7XEv4wjgHjzA9j78Ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/13bed5-8d34-4d3d-8e05-48d25c0a495f/1/AhaSppUBf7XEv4wjgHjzA9j78Ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:c3:f4:6d:47:2a:6f:7c:09:76:78:fa:2a:d4:d0:02:6a:8c:
         1f:54:6f:d5:b1:67:8f:c0:5a:d2:a3:50:d2:03:af:2e:25:9b:
         e5:78:ef:00:28:46:65:b8:86:8e:d4:74:eb:47:db:a4:8b:72:
         70:4c:78:2b:60:4d:2f:27:c2:ef:33:5b:90:80:23:53:67:c5:
         6e:f6:56:cc:92:b4:8d:2a:ae:2a:5a:8a:e5:8c:53:96:2e:24:
         cb:39:93:91:bf:71:57:a9:20:a4:63:ea:e1:b2:17:6e:ff:f7:
         17:d4:79:a4:1b:4c:f5:88:c8:40:87:d5:4d:d7:62:f7:ff:16:
         a0:ce:5e:8a:38:2e:5f:b0:28:c1:ff:8f:13:16:f7:42:29:63:
         e6:d0:02:d7:52:cc:be:1e:46:5d:50:99:77:48:e7:e8:77:86:
         be:0a:65:59:c2:04:fa:c7:b0:30:32:d7:7f:d0:89:f4:46:37:
         a2:45:83:5e:6c:bd:5e:ac:b4:98:4a:5f:df:cb:f9:05:4b:a7:
         39:bd:0e:5d:9a:2c:cb:b1:7e:f7:09:a7:be:dc:73:f1:28:02:
         05:d8:70:75:17:a1:aa:60:95:bf:c9:b1:e7:b9:5c:6a:86:7d:
         d4:46:32:e4:df:5e:1d:1f:20:1f:3a:f9:88:b7:a5:c6:af:f3:
         6a:b5:e4:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLKy7QZBV/yIl1AlfNsnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMTY5MmE2OTUwMTdmYjVjNGJmOGMyMzgwNzhmMzAzZDhm
YmYwODcwHhcNMjUwNjE0MTYwMTI4WhcNMjUwNjE1MTYwMTI4WjAzMTEwLwYDVQQD
EyhmNTM3ZTUzMDAwZTBhZWFmMWJjNjg3ZTMwNzRiOTlkOTZmYTJhMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyaddFXWtAuNY5sw1lTQRGr+aBlQ
FJK9ZJYH2IAd8DjToZIn3e6RQybl06vZ3FnYU+vyoXdSjLe98mF2tXF46L77sw80
I+nh6qTGHLm4IhxPfiaBF19axE1q3x7RuKvPOHKpeotjMp73qjoFF3qym5R6C2Wc
DD8kM36rS8GBdj6j8EYWTU1GfkeyLiC5uzV7MibP8naSVHFlkLXThDitsaTpEXOx
ZQSQX0rcbr+OXlCx2dxzoZb5kcgXeLEjouVmL8Mewzo9iV+5mqfbcWTI7RaxeVxB
s1F04wH809nlELZqvPPkTAkfzsWOtJXGKTQvv15R3LEi0NW1WTkWEXFcuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPU35TAA4K6vG8aH4wdLmdlvoqC/MB8GA1UdIwQY
MBaAFAIWkqaVAX+1xL+MI4B48wPY+/CHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUt
NDhkMjVjMGE0OTVmLzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8xM2JlZDUtOGQzNC00ZDNkLThlMDUtNDhkMjVjMGE0OTVm
LzEvQWhhU3BwVUJmN1hFdjR3amdIanpBOWo3OEljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAocP0bUcq
b3wJdnj6KtTQAmqMH1Rv1bFnj8Ba0qNQ0gOvLiWb5XjvAChGZbiGjtR060fbpIty
cEx4K2BNLyfC7zNbkIAjU2fFbvZWzJK0jSquKlqK5YxTli4kyzmTkb9xV6kgpGPq
4bIXbv/3F9R5pBtM9YjIQIfVTddi9/8WoM5eijguX7Aowf+PExb3Qilj5tAC11LM
vh5GXVCZd0jn6HeGvgplWcIE+sewMDLXf9CJ9EY3okWDXmy9Xqy0mEpf38v5BUun
Ob0OXZosy7F+9wmnvtxz8SgCBdhwdRehqmCVv8mx57lcaoZ91EYy5N9eHR8gHzr5
iLelxq/zarXk/A==
-----END CERTIFICATE-----