Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
File:                     02jCohY2GiT97Jfx838uHRIHEIc.mft (raw, json)
Hash identifier:          P+jCiwFR0Ru0/xJT/jg8eTIN9iURfA2DdGh600gj5ZM=
Subject key identifier:   8E:6F:17:17:1D:A0:9B:2A:84:A8:BB:81:68:33:87:27:8A:1C:5D:32
Authority key identifier: D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87
Certificate issuer:       /CN=d368c2a216361a24fdec97f1f37f2e1d12071087
Certificate serial:       01977075E43F5DD1E8470F539A85F52CC95D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 22:01:03 +0000
Manifest this update:     Sat 14 Jun 2025 22:01:03 +0000
Manifest next update:     Sun 15 Jun 2025 22:01:03 +0000
Files and hashes:         1: 02jCohY2GiT97Jfx838uHRIHEIc.crl (hash: wvbkplYN1CDXWNIxelIA91+tYEBn53HyrWITbOvdaFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 22:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:70:75:e4:3f:5d:d1:e8:47:0f:53:9a:85:f5:2c:c9:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d368c2a216361a24fdec97f1f37f2e1d12071087
        Validity
            Not Before: Jun 14 22:01:03 2025 GMT
            Not After : Jun 15 22:01:03 2025 GMT
        Subject: CN=8e6f17171da09b2a84a8bb81683387278a1c5d32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:26:71:9d:a6:44:b4:b3:e7:9d:0e:48:b9:00:
                    82:3d:61:6c:46:aa:a1:0b:63:c4:ba:87:c1:02:f2:
                    98:29:54:63:33:9a:f9:54:d9:64:86:31:5c:47:bc:
                    64:f3:15:7a:5d:c4:e3:de:1f:ca:23:6d:aa:43:35:
                    52:27:07:d2:37:eb:21:ef:a9:bb:1c:9b:e2:2c:21:
                    1c:4c:42:bf:fd:27:a4:d8:a7:77:d6:6d:2b:1d:c2:
                    a7:46:b6:f0:c2:a8:09:36:5b:e0:d6:b8:37:fa:c0:
                    fc:32:99:70:56:70:bb:8e:20:ac:ea:82:f2:e1:5a:
                    76:ab:ad:4d:f8:fd:1c:bf:85:25:15:51:f7:7a:e4:
                    6f:00:08:6a:bd:4f:d2:a0:fe:84:d5:04:0c:6a:82:
                    79:44:03:0d:ec:f8:ba:78:69:b4:82:3a:ac:5b:3f:
                    8a:96:4a:e5:0e:1f:51:5c:94:59:89:7c:f7:ec:7c:
                    b4:a8:9e:7a:4f:ec:e2:bb:85:8e:6a:34:b1:0a:40:
                    47:d0:b3:ce:ea:5b:5e:34:35:54:fe:ec:e3:41:ee:
                    79:0d:2c:08:8d:0b:16:0f:01:21:0d:13:6e:19:f2:
                    f1:97:86:be:ca:a2:61:37:e7:19:16:50:cd:5c:4e:
                    56:51:5b:df:6c:e9:ff:19:43:85:2e:3e:f7:5f:68:
                    e8:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:6F:17:17:1D:A0:9B:2A:84:A8:BB:81:68:33:87:27:8A:1C:5D:32
            X509v3 Authority Key Identifier:
                keyid:D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:91:a8:e8:1f:cc:68:8a:45:51:54:43:cf:52:bf:3f:4b:75:
         09:9d:6a:da:fb:a5:6a:36:14:6e:11:c5:57:26:29:b5:75:6e:
         ab:21:c1:68:6c:40:4f:d0:35:2b:5b:2a:f8:d0:83:cf:3d:be:
         7f:8a:21:af:48:5a:d1:d2:a5:7c:59:7c:0a:6d:35:75:06:05:
         75:07:a8:03:60:ad:a1:3f:fd:bc:ad:65:32:4f:4b:47:25:47:
         55:89:3b:77:0a:43:63:12:a5:6e:cc:84:fc:3f:4a:c5:3b:82:
         7c:34:f5:c7:60:59:ae:1a:97:48:a2:74:fa:04:09:9b:b6:62:
         b3:84:3a:74:f4:ec:d7:08:20:ab:46:e3:60:a9:04:bc:db:7b:
         c5:d1:ea:ab:11:3e:e6:78:28:de:2a:b0:4b:46:f1:88:d3:c3:
         72:60:9b:41:de:9f:8d:3b:ad:2e:c7:f2:1a:e7:35:0f:f8:85:
         22:e7:13:cd:33:05:fb:cf:5f:a9:12:dc:32:b3:6d:25:c3:cb:
         2a:0d:04:12:19:f8:48:6c:4f:a2:8b:a6:19:74:54:82:91:e1:
         a0:a4:d8:ac:85:f6:7a:19:d1:37:44:6c:a5:b4:31:0a:ed:5b:
         86:2f:c0:58:d8:c5:2e:c1:dc:89:c9:57:3f:1a:b7:66:b2:46:
         85:66:a9:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdwdeQ/XdHoRw9TmoX1LMldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjhjMmEyMTYzNjFhMjRmZGVjOTdmMWYzN2YyZTFkMTIw
NzEwODcwHhcNMjUwNjE0MjIwMTAzWhcNMjUwNjE1MjIwMTAzWjAzMTEwLwYDVQQD
Eyg4ZTZmMTcxNzFkYTA5YjJhODRhOGJiODE2ODMzODcyNzhhMWM1ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iZxnaZEtLPnnQ5IuQCCPWFsRqqh
C2PEuofBAvKYKVRjM5r5VNlkhjFcR7xk8xV6XcTj3h/KI22qQzVSJwfSN+sh76m7
HJviLCEcTEK//Sek2Kd31m0rHcKnRrbwwqgJNlvg1rg3+sD8MplwVnC7jiCs6oLy
4Vp2q61N+P0cv4UlFVH3euRvAAhqvU/SoP6E1QQMaoJ5RAMN7Pi6eGm0gjqsWz+K
lkrlDh9RXJRZiXz37Hy0qJ56T+ziu4WOajSxCkBH0LPO6lteNDVU/uzjQe55DSwI
jQsWDwEhDRNuGfLxl4a+yqJhN+cZFlDNXE5WUVvfbOn/GUOFLj73X2jo8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5vFxcdoJsqhKi7gWgzhyeKHF0yMB8GA1UdIwQY
MBaAFNNowqIWNhok/eyX8fN/Lh0SBxCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQt
OTAyMDhlMWYzZGU2LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQtOTAyMDhlMWYzZGU2
LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB5Go6B/M
aIpFUVRDz1K/P0t1CZ1q2vulajYUbhHFVyYptXVuqyHBaGxAT9A1K1sq+NCDzz2+
f4ohr0ha0dKlfFl8Cm01dQYFdQeoA2CtoT/9vK1lMk9LRyVHVYk7dwpDYxKlbsyE
/D9KxTuCfDT1x2BZrhqXSKJ0+gQJm7Zis4Q6dPTs1wggq0bjYKkEvNt7xdHqqxE+
5ngo3iqwS0bxiNPDcmCbQd6fjTutLsfyGuc1D/iFIucTzTMF+89fqRLcMrNtJcPL
Kg0EEhn4SGxPooumGXRUgpHhoKTYrIX2ehnRN0RspbQxCu1bhi/AWNjFLsHciclX
Pxq3ZrJGhWapfA==
-----END CERTIFICATE-----