Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.mft
File:                     skFYMFfyBWPJOCuJTx_OrKVfvaM.mft (raw, json)
Hash identifier:          Tf7fAfI5bGHuVLbu9nUoXbbErsKAHcCBso1+MUpeZFA=
Subject key identifier:   1B:C1:B2:7E:00:AD:28:E7:B6:04:3A:5E:36:04:9D:96:55:A6:94:23
Authority key identifier: B2:41:58:30:57:F2:05:63:C9:38:2B:89:4F:1F:CE:AC:A5:5F:BD:A3
Certificate issuer:       /CN=b241583057f20563c9382b894f1fceaca55fbda3
Certificate serial:       01977075A51FEFD3E9CA3E7B9D03F9EB9C79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/skFYMFfyBWPJOCuJTx_OrKVfvaM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 22:00:47 +0000
Manifest this update:     Sat 14 Jun 2025 22:00:47 +0000
Manifest next update:     Sun 15 Jun 2025 22:00:47 +0000
Files and hashes:         1: skFYMFfyBWPJOCuJTx_OrKVfvaM.crl (hash: 0BIsONBA3C0Q3AZLXQSDOXbI9t2LY3lM6T/gelXd1K4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/skFYMFfyBWPJOCuJTx_OrKVfvaM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:75:a5:1f:ef:d3:e9:ca:3e:7b:9d:03:f9:eb:9c:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b241583057f20563c9382b894f1fceaca55fbda3
        Validity
            Not Before: Jun 14 22:00:47 2025 GMT
            Not After : Jun 15 22:00:47 2025 GMT
        Subject: CN=1bc1b27e00ad28e7b6043a5e36049d9655a69423
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:7e:87:04:fe:fd:4a:19:26:ff:7f:b1:ef:9d:
                    44:26:d1:84:f4:cf:2d:49:2b:f4:6f:64:f2:41:39:
                    df:2e:81:b0:bd:f4:59:63:84:6a:60:dd:e5:9e:d2:
                    98:49:72:b8:0f:ba:0e:f4:90:7d:5f:6e:2d:8e:f5:
                    c6:5f:0e:0c:b6:99:b7:0b:b4:5b:10:1d:23:a4:c6:
                    db:a9:f2:ea:a6:7d:ec:8f:9b:de:0c:dd:7a:ef:bd:
                    ac:d2:18:bf:8f:f5:27:73:65:8f:2d:ac:01:e4:a1:
                    45:8f:45:75:dc:b7:2b:32:f0:85:df:aa:f2:d0:2b:
                    2a:2e:bf:31:4e:b4:97:14:8e:1c:c7:1c:e3:e8:2b:
                    a2:23:e7:dd:92:33:ba:13:7e:b2:9d:f5:56:73:17:
                    6d:d4:2a:82:e4:bb:e8:3c:ed:16:20:bf:37:0c:14:
                    2a:fc:e1:18:09:57:c2:46:ad:21:13:09:59:ea:a8:
                    8d:6b:cb:74:ce:3f:8a:6b:d6:8b:b6:53:cb:5f:cb:
                    40:6d:49:0e:fd:10:60:f4:aa:c1:8e:48:40:eb:d6:
                    d4:1c:6f:73:2d:fe:f8:37:50:ca:0f:59:dd:c2:e5:
                    2a:ac:ce:b9:a2:21:58:6d:24:f2:cb:c2:77:a5:5d:
                    2d:bd:39:f6:02:ab:63:23:f0:4b:9f:01:e1:56:86:
                    a1:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:C1:B2:7E:00:AD:28:E7:B6:04:3A:5E:36:04:9D:96:55:A6:94:23
            X509v3 Authority Key Identifier:
                keyid:B2:41:58:30:57:F2:05:63:C9:38:2B:89:4F:1F:CE:AC:A5:5F:BD:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/skFYMFfyBWPJOCuJTx_OrKVfvaM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d528d3-2a93-460c-926d-40d15f36ea43/1/skFYMFfyBWPJOCuJTx_OrKVfvaM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:59:fe:fd:0f:c5:22:6e:01:5f:44:c3:0d:92:9f:18:a1:86:
         46:52:45:37:cd:b4:84:86:e2:6a:c3:31:eb:ee:94:a3:91:e6:
         05:a1:4d:86:ec:a7:4c:a2:1a:8b:10:57:13:70:53:09:30:22:
         c9:e6:f4:99:c1:d8:a9:2d:42:e6:d4:18:a2:3d:b4:d1:8a:78:
         69:5c:db:79:38:9c:55:e1:37:81:da:27:dd:c3:50:27:10:2d:
         9a:27:33:17:23:99:47:f9:69:4b:78:d9:8d:06:de:b5:e9:35:
         73:55:bf:99:92:1e:9c:ec:1f:d4:30:1b:83:e0:31:23:44:49:
         4f:4c:93:33:14:dd:e6:ed:26:46:b7:21:ee:7d:87:70:ea:20:
         ab:cd:1a:74:82:af:7a:25:48:d7:51:69:b1:28:b9:58:a9:aa:
         07:8e:d0:55:f2:b2:8c:bd:65:e8:a5:30:86:3b:1f:ed:35:b2:
         fb:26:a4:2a:05:aa:b2:53:34:6c:19:52:17:53:57:db:af:99:
         17:10:28:ad:9b:8c:bd:84:20:78:42:47:a2:7b:d3:d7:6b:4b:
         61:2f:5a:a8:77:25:6f:9a:9c:97:0e:48:f0:d4:62:53:1d:96:
         18:de:fe:ce:d3:58:f5:61:14:b8:2e:bf:e6:43:f8:31:80:89:
         a9:ac:ac:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwdaUf79Ppyj57nQP565x5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNDE1ODMwNTdmMjA1NjNjOTM4MmI4OTRmMWZjZWFjYTU1
ZmJkYTMwHhcNMjUwNjE0MjIwMDQ3WhcNMjUwNjE1MjIwMDQ3WjAzMTEwLwYDVQQD
EygxYmMxYjI3ZTAwYWQyOGU3YjYwNDNhNWUzNjA0OWQ5NjU1YTY5NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8X6HBP79Shkm/3+x751EJtGE9M8t
SSv0b2TyQTnfLoGwvfRZY4RqYN3lntKYSXK4D7oO9JB9X24tjvXGXw4Mtpm3C7Rb
EB0jpMbbqfLqpn3sj5veDN16772s0hi/j/Unc2WPLawB5KFFj0V13LcrMvCF36ry
0CsqLr8xTrSXFI4cxxzj6CuiI+fdkjO6E36ynfVWcxdt1CqC5LvoPO0WIL83DBQq
/OEYCVfCRq0hEwlZ6qiNa8t0zj+Ka9aLtlPLX8tAbUkO/RBg9KrBjkhA69bUHG9z
Lf74N1DKD1ndwuUqrM65oiFYbSTyy8J3pV0tvTn2AqtjI/BLnwHhVoahiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBvBsn4ArSjntgQ6XjYEnZZVppQjMB8GA1UdIwQY
MBaAFLJBWDBX8gVjyTgriU8fzqylX72jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2tGWU1GZnlCV1BKT0N1SlR4X09yS1ZmdmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNTI4ZDMtMmE5My00NjBjLTkyNmQt
NDBkMTVmMzZlYTQzLzEvc2tGWU1GZnlCV1BKT0N1SlR4X09yS1ZmdmFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNTI4ZDMtMmE5My00NjBjLTkyNmQtNDBkMTVmMzZlYTQz
LzEvc2tGWU1GZnlCV1BKT0N1SlR4X09yS1ZmdmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlln+/Q/F
Im4BX0TDDZKfGKGGRlJFN820hIbiasMx6+6Uo5HmBaFNhuynTKIaixBXE3BTCTAi
yeb0mcHYqS1C5tQYoj200Yp4aVzbeTicVeE3gdon3cNQJxAtmiczFyOZR/lpS3jZ
jQbetek1c1W/mZIenOwf1DAbg+AxI0RJT0yTMxTd5u0mRrch7n2HcOogq80adIKv
eiVI11FpsSi5WKmqB47QVfKyjL1l6KUwhjsf7TWy+yakKgWqslM0bBlSF1NX26+Z
FxAorZuMvYQgeEJHonvT12tLYS9aqHclb5qclw5I8NRiUx2WGN7+ztNY9WEUuC6/
5kP4MYCJqaysYw==
-----END CERTIFICATE-----