Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.mft
File:                     C1XbSaXB_JAcoahcjSXxPxhuL_o.mft (raw, json)
Hash identifier:          Ah1eFrQGWhFwo0tkXNMMEb879Deykse411zeEHNajDM=
Subject key identifier:   17:F3:C9:C6:3F:B2:A5:13:C2:E9:87:A1:AD:44:DF:75:1C:D2:FA:E9
Authority key identifier: 0B:55:DB:49:A5:C1:FC:90:1C:A1:A8:5C:8D:25:F1:3F:18:6E:2F:FA
Certificate issuer:       /CN=0b55db49a5c1fc901ca1a85c8d25f13f186e2ffa
Certificate serial:       01976DAB6DD50FB30C78AAD130CC8B1D0669
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C1XbSaXB_JAcoahcjSXxPxhuL_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.mft
Manifest number:          158C
Signing time:             Sat 14 Jun 2025 09:00:40 +0000
Manifest this update:     Sat 14 Jun 2025 09:00:40 +0000
Manifest next update:     Sun 15 Jun 2025 09:00:40 +0000
Files and hashes:         1: C1XbSaXB_JAcoahcjSXxPxhuL_o.crl (hash: A3ICxlhLm4LtPxAfd1CQY29QZPgBGpabs2kMNeM6IfU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/C1XbSaXB_JAcoahcjSXxPxhuL_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:6d:d5:0f:b3:0c:78:aa:d1:30:cc:8b:1d:06:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b55db49a5c1fc901ca1a85c8d25f13f186e2ffa
        Validity
            Not Before: Jun 14 09:00:40 2025 GMT
            Not After : Jun 15 09:00:40 2025 GMT
        Subject: CN=17f3c9c63fb2a513c2e987a1ad44df751cd2fae9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:86:c9:e4:26:6f:e0:8a:cb:2d:65:3a:a7:45:
                    55:dc:65:87:cf:5d:cd:21:83:bc:ef:f0:c4:55:07:
                    f1:d6:48:d5:f3:d2:46:f9:75:69:f7:83:62:c7:aa:
                    d5:6d:a0:45:ff:07:bf:b1:52:65:1f:15:82:8a:d6:
                    30:3c:43:6f:b2:ae:f0:56:48:de:fc:07:4c:fd:a1:
                    37:78:ca:66:21:92:5f:a9:d6:52:9b:15:3c:f2:72:
                    6a:3e:06:05:93:e9:92:98:9e:65:19:b6:7c:60:c7:
                    64:3c:72:23:27:ea:44:f2:d6:75:a6:13:5a:af:6d:
                    d8:df:0d:3b:ab:9f:6e:52:e8:dd:ed:b0:ad:a5:72:
                    e6:5c:c2:2f:b6:bb:5b:32:92:5f:3f:a0:ab:16:25:
                    d2:42:3c:86:1e:49:42:7a:7a:d8:95:e6:b4:d6:8f:
                    56:fa:13:57:74:9f:9d:c7:4b:8f:d6:d0:d4:50:82:
                    1c:ea:6d:64:33:54:25:5a:56:ee:a6:04:d0:49:e3:
                    8f:e2:cd:44:9a:d4:2e:9e:ed:4d:d7:e0:2e:15:3b:
                    7e:2c:b8:9c:b1:dd:2b:5b:8d:55:1c:50:0a:5e:29:
                    1e:c5:f7:f6:10:c5:72:ff:48:9a:b5:df:f1:ae:5f:
                    e0:42:9b:72:1f:82:b4:24:45:ef:80:d4:55:90:c2:
                    27:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:F3:C9:C6:3F:B2:A5:13:C2:E9:87:A1:AD:44:DF:75:1C:D2:FA:E9
            X509v3 Authority Key Identifier:
                keyid:0B:55:DB:49:A5:C1:FC:90:1C:A1:A8:5C:8D:25:F1:3F:18:6E:2F:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1XbSaXB_JAcoahcjSXxPxhuL_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/523988-5a00-40a6-b044-a27e74f75d26/1/C1XbSaXB_JAcoahcjSXxPxhuL_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:f4:6b:66:0e:61:cb:6d:ac:d1:37:a0:e3:30:ee:6e:57:2a:
         e2:e6:b5:b8:2c:a2:e0:5f:ac:10:cf:c3:c0:a0:5e:68:2d:9f:
         0f:22:bd:e9:e9:c0:3d:f9:5d:f8:f8:ac:a9:8a:64:69:8e:56:
         f3:dc:76:c1:8f:b9:bc:18:00:21:49:38:43:79:c8:c6:9c:72:
         cc:be:25:54:9f:68:3c:ed:3d:7a:ce:37:55:2d:8f:a2:59:43:
         68:91:23:14:54:f9:5c:13:e8:bd:d1:10:45:17:45:79:de:1b:
         43:6f:e8:d8:4b:5a:f5:a9:68:86:a1:05:e0:c9:f8:4b:70:1d:
         66:56:97:be:43:a0:75:d2:f6:93:ce:fd:8c:bf:75:d2:db:3d:
         c7:6e:67:53:87:6c:cc:30:ca:5f:2f:af:4f:2e:0e:b5:06:5a:
         07:ae:1d:24:9a:01:05:38:1b:e8:1a:0c:e3:47:1f:88:eb:98:
         2e:19:ec:cb:d5:4f:2e:a7:1e:28:fe:cd:99:34:da:4d:31:39:
         08:e2:00:68:a5:3b:ff:e0:88:c4:b4:2f:a8:56:bb:61:a7:c2:
         7a:62:0d:f4:b2:52:f1:9f:b2:e9:a1:1b:83:7b:80:c7:2e:31:
         aa:98:67:a3:a1:31:9c:a9:33:fa:db:4e:73:52:4c:cc:b3:c8:
         0b:79:a8:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq23VD7MMeKrRMMyLHQZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTVkYjQ5YTVjMWZjOTAxY2ExYTg1YzhkMjVmMTNmMTg2
ZTJmZmEwHhcNMjUwNjE0MDkwMDQwWhcNMjUwNjE1MDkwMDQwWjAzMTEwLwYDVQQD
EygxN2YzYzljNjNmYjJhNTEzYzJlOTg3YTFhZDQ0ZGY3NTFjZDJmYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4bJ5CZv4IrLLWU6p0VV3GWHz13N
IYO87/DEVQfx1kjV89JG+XVp94Nix6rVbaBF/we/sVJlHxWCitYwPENvsq7wVkje
/AdM/aE3eMpmIZJfqdZSmxU88nJqPgYFk+mSmJ5lGbZ8YMdkPHIjJ+pE8tZ1phNa
r23Y3w07q59uUujd7bCtpXLmXMIvtrtbMpJfP6CrFiXSQjyGHklCenrYlea01o9W
+hNXdJ+dx0uP1tDUUIIc6m1kM1QlWlbupgTQSeOP4s1EmtQunu1N1+AuFTt+LLic
sd0rW41VHFAKXikexff2EMVy/0iatd/xrl/gQptyH4K0JEXvgNRVkMInpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfzycY/sqUTwumHoa1E33Uc0vrpMB8GA1UdIwQY
MBaAFAtV20mlwfyQHKGoXI0l8T8Ybi/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFYYlNhWEJfSkFjb2FoY2pTWHhQeGh1TF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81MjM5ODgtNWEwMC00MGE2LWIwNDQt
YTI3ZTc0Zjc1ZDI2LzEvQzFYYlNhWEJfSkFjb2FoY2pTWHhQeGh1TF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81MjM5ODgtNWEwMC00MGE2LWIwNDQtYTI3ZTc0Zjc1ZDI2
LzEvQzFYYlNhWEJfSkFjb2FoY2pTWHhQeGh1TF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACPRrZg5h
y22s0Teg4zDublcq4ua1uCyi4F+sEM/DwKBeaC2fDyK96enAPfld+PisqYpkaY5W
89x2wY+5vBgAIUk4Q3nIxpxyzL4lVJ9oPO09es43VS2PollDaJEjFFT5XBPovdEQ
RRdFed4bQ2/o2Eta9alohqEF4Mn4S3AdZlaXvkOgddL2k879jL910ts9x25nU4ds
zDDKXy+vTy4OtQZaB64dJJoBBTgb6BoM40cfiOuYLhnsy9VPLqceKP7NmTTaTTE5
COIAaKU7/+CIxLQvqFa7YafCemIN9LJS8Z+y6aEbg3uAxy4xqphno6ExnKkz+ttO
c1JMzLPIC3mohQ==
-----END CERTIFICATE-----