Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          T7zay+BLoGt9pUzsw4piw9eE5IB4TVzeCazxiqVveiY=
Subject key identifier:   B9:9E:D7:D6:8B:54:2C:43:AA:98:22:4B:16:C7:6E:5A:49:EE:A6:1E
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       01976D3D94A68744E799E076E5A80476B89A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 07:00:41 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:41 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:41 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: lWGBqV3X+OjJR0WPoIO5tc488Dtg9Yz1yuB4nmRT0YY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:94:a6:87:44:e7:99:e0:76:e5:a8:04:76:b8:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Jun 14 07:00:41 2025 GMT
            Not After : Jun 15 07:00:41 2025 GMT
        Subject: CN=b99ed7d68b542c43aa98224b16c76e5a49eea61e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:22:5a:d9:a0:3e:62:a8:53:24:8d:e8:c6:cf:
                    e0:9d:c4:0d:7c:77:f8:8a:3c:88:fe:6b:00:20:ab:
                    ee:49:c7:91:54:be:3e:bf:85:a2:c6:55:c5:c6:2f:
                    60:0f:bc:0a:84:ea:31:45:10:77:9d:8e:88:4e:ed:
                    8d:db:4f:b3:0d:b8:e6:9f:22:ec:14:f6:6c:e1:eb:
                    53:09:de:bc:1e:d4:59:f1:c0:72:cb:39:db:a2:36:
                    1d:24:85:cf:94:26:56:93:9b:ea:c5:74:05:13:d6:
                    9d:57:3c:ee:90:c6:f3:34:9a:38:39:c7:0c:72:23:
                    1c:8b:cc:03:05:ab:65:8c:3e:0f:a2:8c:73:73:8c:
                    7a:f0:7f:99:25:79:93:51:0a:e1:a7:4d:b1:13:c7:
                    d6:2f:62:b5:28:06:56:0c:33:67:6c:99:32:23:3c:
                    78:7a:10:67:0b:04:66:e1:f8:3b:bd:7a:b4:61:83:
                    a8:c7:5e:18:27:11:35:36:cb:93:a2:1e:4c:df:2c:
                    5b:fc:ba:48:08:c2:ac:09:73:01:9e:65:4b:d3:66:
                    1d:66:0b:0f:e4:59:8b:5d:74:cd:5b:1c:d9:3b:84:
                    95:73:1d:00:18:e5:bb:f9:e2:54:39:31:9c:be:3f:
                    3a:b3:1a:13:f5:e5:fa:ad:11:b7:0d:06:10:7c:de:
                    03:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:9E:D7:D6:8B:54:2C:43:AA:98:22:4B:16:C7:6E:5A:49:EE:A6:1E
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:79:ba:3f:1e:ac:a9:79:c8:8c:35:88:f2:71:65:5a:c5:0b:
         fe:06:66:cc:a8:a9:63:36:62:45:1f:45:a2:24:9d:43:de:a2:
         54:a5:e9:1f:07:2a:f3:79:a1:8b:87:4e:4a:ec:8a:df:b8:75:
         a0:34:f1:82:21:4b:2a:a0:11:c4:27:1e:53:29:b4:2f:15:cb:
         e1:d3:d0:fe:ae:de:e8:6a:d5:fc:40:9b:06:4a:86:36:1a:e8:
         93:a5:9e:ca:99:15:51:66:fd:22:6f:ca:e8:71:9f:21:6f:28:
         37:81:cd:3f:7e:09:5f:c5:91:88:2a:31:d8:dc:ca:e5:92:05:
         ab:8f:8b:f0:f1:c4:98:79:52:2a:80:ab:9a:2f:ca:c9:00:13:
         4b:33:08:0d:35:8f:9c:a4:37:44:ae:08:05:e8:ee:57:2e:48:
         a4:53:02:94:93:55:55:c8:f2:2f:26:e2:f6:8f:69:d6:24:2f:
         9b:de:f3:14:21:72:e9:fb:fb:fe:08:ff:55:54:3a:3f:2c:13:
         cd:22:b9:d1:a1:cd:ac:d2:10:53:76:75:3c:a6:56:47:75:da:
         59:45:c9:1d:61:62:41:12:0d:a0:be:13:e4:e4:47:b2:f3:cb:
         99:07:a6:70:6b:0b:bf:61:47:9e:80:21:78:cd:87:53:fe:9a:
         f1:63:90:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPZSmh0TnmeB25agEdriaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjUwNjE0MDcwMDQxWhcNMjUwNjE1MDcwMDQxWjAzMTEwLwYDVQQD
EyhiOTllZDdkNjhiNTQyYzQzYWE5ODIyNGIxNmM3NmU1YTQ5ZWVhNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriJa2aA+YqhTJI3oxs/gncQNfHf4
ijyI/msAIKvuSceRVL4+v4WixlXFxi9gD7wKhOoxRRB3nY6ITu2N20+zDbjmnyLs
FPZs4etTCd68HtRZ8cByyznbojYdJIXPlCZWk5vqxXQFE9adVzzukMbzNJo4OccM
ciMci8wDBatljD4Pooxzc4x68H+ZJXmTUQrhp02xE8fWL2K1KAZWDDNnbJkyIzx4
ehBnCwRm4fg7vXq0YYOox14YJxE1NsuToh5M3yxb/LpICMKsCXMBnmVL02YdZgsP
5FmLXXTNWxzZO4SVcx0AGOW7+eJUOTGcvj86sxoT9eX6rRG3DQYQfN4DrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLme19aLVCxDqpgiSxbHblpJ7qYeMB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHm6Px6s
qXnIjDWI8nFlWsUL/gZmzKipYzZiRR9FoiSdQ96iVKXpHwcq83mhi4dOSuyK37h1
oDTxgiFLKqARxCceUym0LxXL4dPQ/q7e6GrV/ECbBkqGNhrok6WeypkVUWb9Im/K
6HGfIW8oN4HNP34JX8WRiCox2NzK5ZIFq4+L8PHEmHlSKoCrmi/KyQATSzMIDTWP
nKQ3RK4IBejuVy5IpFMClJNVVcjyLybi9o9p1iQvm97zFCFy6fv7/gj/VVQ6PywT
zSK50aHNrNIQU3Z1PKZWR3XaWUXJHWFiQRINoL4T5ORHsvPLmQemcGsLv2FHnoAh
eM2HU/6a8WOQHQ==
-----END CERTIFICATE-----