Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
File:                     kVijd10MXrOPIPDvmjYRBhpRlbM.mft (raw, json)
Hash identifier:          GhNajbGUSHGQvbtSfasI12VB5X42PtlRtRIdZw0Gp3c=
Subject key identifier:   65:57:9B:30:49:CA:1A:0C:65:C4:DE:71:13:BA:92:6A:AB:04:35:FE
Authority key identifier: 91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3
Certificate issuer:       /CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3
Certificate serial:       019768BBE776A0D157DB4F06EB50F973FDD6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 10:00:34 +0000
Manifest this update:     Fri 13 Jun 2025 10:00:34 +0000
Manifest next update:     Sat 14 Jun 2025 10:00:34 +0000
Files and hashes:         1: kVijd10MXrOPIPDvmjYRBhpRlbM.crl (hash: adkBpCUBr+ODlyf2qMKiwQS4zu0dI3HaNckdIgWrecw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 10:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:bb:e7:76:a0:d1:57:db:4f:06:eb:50:f9:73:fd:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3
        Validity
            Not Before: Jun 13 10:00:34 2025 GMT
            Not After : Jun 14 10:00:34 2025 GMT
        Subject: CN=65579b3049ca1a0c65c4de7113ba926aab0435fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:32:8d:4d:d4:ce:11:bb:af:10:43:62:51:c9:
                    bc:af:2a:d6:c4:28:0d:a5:38:ea:84:9a:7a:6b:b9:
                    d5:03:31:b1:23:2f:4c:09:94:32:10:47:b0:12:5b:
                    f4:11:0f:ad:f0:21:dc:6f:ac:e8:ea:35:ba:d4:34:
                    37:f7:9d:75:02:70:b2:f8:81:89:79:77:87:67:56:
                    bb:33:0b:4e:ad:df:3e:27:e6:ff:d0:69:73:7e:fd:
                    11:e8:86:54:11:4d:1b:8e:35:34:f4:c2:91:3f:a7:
                    4d:85:a1:8b:af:1d:8e:3f:e2:9c:48:ca:ee:69:7e:
                    3a:cd:ac:61:61:6a:cd:35:f7:01:aa:8c:60:e4:38:
                    94:84:46:1e:4e:a0:c2:7f:e5:55:14:48:c4:d8:29:
                    61:39:c9:fd:4e:c9:87:f6:53:10:7f:db:fb:b3:f6:
                    c2:c2:66:54:7b:94:9a:1f:ad:f5:f5:df:86:54:30:
                    eb:70:fb:d6:7b:25:a4:07:26:e0:ef:08:5f:8d:37:
                    b4:74:99:5d:3c:58:7b:69:b9:6d:c3:a8:3b:b9:d1:
                    f6:e1:03:83:69:be:e8:a1:9e:49:b3:99:33:2f:04:
                    78:c7:3c:41:40:1b:12:41:b4:17:b1:9a:1a:55:32:
                    9a:67:ea:f7:fe:1c:01:fa:2c:f3:4a:0b:95:e4:ae:
                    2b:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:57:9B:30:49:CA:1A:0C:65:C4:DE:71:13:BA:92:6A:AB:04:35:FE
            X509v3 Authority Key Identifier:
                keyid:91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:15:a3:cc:1e:c1:0b:7b:9b:e1:f4:87:61:be:88:f5:a3:f6:
         13:cd:61:4a:ce:3f:a3:22:03:fd:33:04:62:68:76:e2:be:10:
         e5:b5:9d:c4:78:f0:22:3c:53:92:2d:08:4b:68:3e:fd:63:d1:
         bb:53:1c:2b:72:8b:73:8f:6e:0a:0e:79:89:c8:28:f6:6c:77:
         8e:91:d9:0d:36:cb:e7:f4:d5:df:93:6e:57:e3:b6:86:7f:9a:
         a9:c6:f4:a3:2e:08:1e:a8:d5:e6:f7:86:77:7a:c7:00:0a:03:
         3b:9c:a0:4c:64:89:34:91:12:d0:ff:5e:1e:5c:1b:ce:e5:2b:
         57:37:0d:64:0c:1e:6e:0d:2f:07:cd:75:4e:83:46:c8:45:9f:
         e5:6c:98:c0:74:64:5c:ab:f2:e7:eb:a5:f5:90:70:0c:a5:28:
         52:56:05:50:f3:97:4b:08:1c:3f:b5:f5:f1:50:61:cd:e2:40:
         ac:13:d1:88:b3:0b:a3:52:cc:db:02:ef:86:5e:cd:77:53:79:
         19:af:22:8f:b0:cb:75:fb:a4:a7:4d:0d:d2:d8:76:f8:50:ea:
         7c:85:cf:c5:ef:cf:e6:6e:76:36:98:a1:e9:db:d3:f5:d7:72:
         b8:6c:4f:84:2d:c0:84:e1:b0:54:d2:00:e5:99:ca:2c:87:46:
         d4:45:d1:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdou+d2oNFX208G61D5c/3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNThhMzc3NWQwYzVlYjM4ZjIwZjBlZjlhMzYxMTA2MWE1
MTk1YjMwHhcNMjUwNjEzMTAwMDM0WhcNMjUwNjE0MTAwMDM0WjAzMTEwLwYDVQQD
Eyg2NTU3OWIzMDQ5Y2ExYTBjNjVjNGRlNzExM2JhOTI2YWFiMDQzNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDKNTdTOEbuvEENiUcm8ryrWxCgN
pTjqhJp6a7nVAzGxIy9MCZQyEEewElv0EQ+t8CHcb6zo6jW61DQ39511AnCy+IGJ
eXeHZ1a7MwtOrd8+J+b/0Glzfv0R6IZUEU0bjjU09MKRP6dNhaGLrx2OP+KcSMru
aX46zaxhYWrNNfcBqoxg5DiUhEYeTqDCf+VVFEjE2ClhOcn9TsmH9lMQf9v7s/bC
wmZUe5SaH6319d+GVDDrcPvWeyWkBybg7whfjTe0dJldPFh7abltw6g7udH24QOD
ab7ooZ5Js5kzLwR4xzxBQBsSQbQXsZoaVTKaZ+r3/hwB+izzSguV5K4rdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVXmzBJyhoMZcTecRO6kmqrBDX+MB8GA1UdIwQY
MBaAFJFYo3ddDF6zjyDw75o2EQYaUZWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAt
OGQwNGY4Nzc5NDIzLzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAtOGQwNGY4Nzc5NDIz
LzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPBWjzB7B
C3ub4fSHYb6I9aP2E81hSs4/oyID/TMEYmh24r4Q5bWdxHjwIjxTki0IS2g+/WPR
u1McK3KLc49uCg55icgo9mx3jpHZDTbL5/TV35NuV+O2hn+aqcb0oy4IHqjV5veG
d3rHAAoDO5ygTGSJNJES0P9eHlwbzuUrVzcNZAwebg0vB811ToNGyEWf5WyYwHRk
XKvy5+ul9ZBwDKUoUlYFUPOXSwgcP7X18VBhzeJArBPRiLMLo1LM2wLvhl7Nd1N5
Ga8ij7DLdfukp00N0th2+FDqfIXPxe/P5m52Npih6dvT9ddyuGxPhC3AhOGwVNIA
5ZnKLIdG1EXRHQ==
-----END CERTIFICATE-----