Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
File:                     XtGkql_QUBs-ptafQzwvFkIRYIk.mft (raw, json)
Hash identifier:          n7wnSVlG8l89oqyqRp7Z9tkaDMtYJ/DI1sLx8ceoSX4=
Subject key identifier:   7B:3F:90:2F:9B:12:A1:5E:87:12:A4:BE:5B:BC:C9:13:1E:0D:D6:B2
Authority key identifier: 5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89
Certificate issuer:       /CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
Certificate serial:       01976F9A2A8F139EA8A3DB21FA7D3D963987
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 18:01:03 +0000
Manifest this update:     Sat 14 Jun 2025 18:01:03 +0000
Manifest next update:     Sun 15 Jun 2025 18:01:03 +0000
Files and hashes:         1: XtGkql_QUBs-ptafQzwvFkIRYIk.crl (hash: 8yBkTBVRSnyyp49j9n5URrAcUBuw2tTAK3u1n021xvQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 18:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:9a:2a:8f:13:9e:a8:a3:db:21:fa:7d:3d:96:39:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ed1a4aa5fd0501b3ea6d69f433c2f1642116089
        Validity
            Not Before: Jun 14 18:01:03 2025 GMT
            Not After : Jun 15 18:01:03 2025 GMT
        Subject: CN=7b3f902f9b12a15e8712a4be5bbcc9131e0dd6b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0f:01:f0:d3:13:14:13:01:81:7f:ec:bc:e6:
                    21:ce:75:a7:75:4f:8f:52:b0:e8:fd:61:fe:96:9c:
                    95:5e:b8:71:1d:3f:b0:3e:14:70:7b:51:fa:19:3f:
                    00:a4:eb:b3:2c:90:84:2f:ce:b1:ec:28:10:80:18:
                    b8:06:75:f8:f4:4c:a1:a6:17:19:20:36:96:35:ea:
                    0b:ba:9d:b7:fb:36:fd:f9:66:dd:e9:53:4c:4a:60:
                    e3:59:9f:1e:bd:db:cb:3c:05:d1:a0:fe:83:35:b8:
                    85:31:53:21:5d:56:93:69:8d:54:b0:29:60:e6:0d:
                    07:c7:75:fa:67:3a:94:a8:d6:95:ed:df:3f:5a:32:
                    3e:6e:72:65:47:02:2d:2b:79:21:68:c6:8c:0b:e1:
                    6e:3f:8e:86:ee:87:91:ff:aa:ab:0e:c0:d4:de:90:
                    3d:97:9c:38:72:9b:dc:e0:83:85:e2:58:5b:da:17:
                    eb:51:b2:b4:50:02:88:7a:1b:c3:cc:25:1e:60:3c:
                    07:4b:71:0e:ef:5e:df:b4:d5:f7:4a:43:d6:f0:76:
                    ee:52:69:f4:e8:c0:70:1d:cf:18:d1:fe:2f:a5:c2:
                    30:31:97:96:38:06:2e:a6:7b:8d:c3:0e:5d:44:e1:
                    96:a4:b6:fe:7e:4f:da:a4:ec:11:06:02:56:52:d3:
                    de:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:3F:90:2F:9B:12:A1:5E:87:12:A4:BE:5B:BC:C9:13:1E:0D:D6:B2
            X509v3 Authority Key Identifier:
                keyid:5E:D1:A4:AA:5F:D0:50:1B:3E:A6:D6:9F:43:3C:2F:16:42:11:60:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XtGkql_QUBs-ptafQzwvFkIRYIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/9c7703-8d14-4bc0-88a9-b9a86ac3e8be/1/XtGkql_QUBs-ptafQzwvFkIRYIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:4e:a9:e7:e9:b1:2b:ff:0b:1c:ab:ff:cd:0d:04:3b:62:cb:
         34:53:84:43:f8:c6:3a:24:34:22:d2:3a:95:2b:0e:52:ef:07:
         d5:fb:9c:bc:57:58:13:f6:9c:d1:50:65:91:7f:1c:39:05:ef:
         ff:5c:b3:8f:b3:d7:33:e0:7f:14:73:83:1c:f0:a4:b8:c6:4f:
         37:4a:f3:e7:db:ef:6f:40:18:31:cd:30:98:d0:56:8c:06:2b:
         a0:89:ce:69:ed:50:83:21:4c:3b:a2:0d:3c:ec:33:43:e1:e2:
         c1:f4:4a:ca:c2:d0:91:95:2b:fa:92:02:73:7b:31:ed:b3:dd:
         ac:d6:72:8d:3d:64:49:b1:c4:c6:ad:24:51:53:3c:52:bd:0d:
         ff:d4:b9:ff:45:5b:17:c2:5e:13:7d:e2:72:4c:0a:63:3b:26:
         23:c8:66:51:92:a2:a2:8c:c0:fc:6c:36:d1:f6:cd:f7:75:b9:
         a9:ae:1d:bc:6f:92:fc:02:fd:dc:11:7a:06:a0:94:ec:b0:1a:
         43:43:c7:bd:fa:ca:e6:5d:bc:a1:2e:c1:49:ec:bc:8b:4a:fa:
         b6:de:45:ec:5c:e6:b0:b8:a7:9c:3c:32:4f:ad:c6:9c:44:2e:
         2b:da:34:69:a6:58:4d:98:bb:83:cf:3f:45:0d:1d:6a:52:be:
         8a:fb:eb:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmiqPE56oo9sh+n09ljmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZDFhNGFhNWZkMDUwMWIzZWE2ZDY5ZjQzM2MyZjE2NDIx
MTYwODkwHhcNMjUwNjE0MTgwMTAzWhcNMjUwNjE1MTgwMTAzWjAzMTEwLwYDVQQD
Eyg3YjNmOTAyZjliMTJhMTVlODcxMmE0YmU1YmJjYzkxMzFlMGRkNmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw8B8NMTFBMBgX/svOYhznWndU+P
UrDo/WH+lpyVXrhxHT+wPhRwe1H6GT8ApOuzLJCEL86x7CgQgBi4BnX49EyhphcZ
IDaWNeoLup23+zb9+Wbd6VNMSmDjWZ8evdvLPAXRoP6DNbiFMVMhXVaTaY1UsClg
5g0Hx3X6ZzqUqNaV7d8/WjI+bnJlRwItK3khaMaMC+FuP46G7oeR/6qrDsDU3pA9
l5w4cpvc4IOF4lhb2hfrUbK0UAKIehvDzCUeYDwHS3EO717ftNX3SkPW8HbuUmn0
6MBwHc8Y0f4vpcIwMZeWOAYupnuNww5dROGWpLb+fk/apOwRBgJWUtPezQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHs/kC+bEqFehxKkvlu8yRMeDdayMB8GA1UdIwQY
MBaAFF7RpKpf0FAbPqbWn0M8LxZCEWCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTkt
YjlhODZhYzNlOGJlLzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85Yzc3MDMtOGQxNC00YmMwLTg4YTktYjlhODZhYzNlOGJl
LzEvWHRHa3FsX1FVQnMtcHRhZlF6d3ZGa0lSWUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKU6p5+mx
K/8LHKv/zQ0EO2LLNFOEQ/jGOiQ0ItI6lSsOUu8H1fucvFdYE/ac0VBlkX8cOQXv
/1yzj7PXM+B/FHODHPCkuMZPN0rz59vvb0AYMc0wmNBWjAYroInOae1QgyFMO6IN
POwzQ+HiwfRKysLQkZUr+pICc3sx7bPdrNZyjT1kSbHExq0kUVM8Ur0N/9S5/0Vb
F8JeE33ickwKYzsmI8hmUZKioozA/Gw20fbN93W5qa4dvG+S/AL93BF6BqCU7LAa
Q0PHvfrK5l28oS7BSey8i0r6tt5F7FzmsLinnDwyT63GnEQuK9o0aaZYTZi7g88/
RQ0dalK+ivvrQQ==
-----END CERTIFICATE-----