Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft
File:                     9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft (raw, json)
Hash identifier:          PtEEpmyYP/bsfvzBhPKOle1jq6c7TaFNTFrTmAFSgSw=
Subject key identifier:   1F:86:2C:0B:A8:4F:28:67:7D:6C:AA:63:1C:18:14:72:E6:49:B0:A0
Authority key identifier: F4:FA:75:8E:E1:D3:2A:1C:BD:94:64:6F:AF:43:6D:7B:8D:80:9E:A4
Certificate issuer:       /CN=f4fa758ee1d32a1cbd94646faf436d7b8d809ea4
Certificate serial:       0197B88FEF631175495CF65CCA21A8953ABA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9Pp1juHTKhy9lGRvr0Nte42AnqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft
Manifest number:          0160
Signing time:             Sat 28 Jun 2025 22:02:09 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:09 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:09 +0000
Files and hashes:         1: 9Pp1juHTKhy9lGRvr0Nte42AnqQ.crl (hash: Y2L/HKkput+MZ2vKBSf+XA6gkSirbtPSLoTRVkJqQOg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9Pp1juHTKhy9lGRvr0Nte42AnqQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:ef:63:11:75:49:5c:f6:5c:ca:21:a8:95:3a:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4fa758ee1d32a1cbd94646faf436d7b8d809ea4
        Validity
            Not Before: Jun 28 22:02:09 2025 GMT
            Not After : Jun 29 22:02:09 2025 GMT
        Subject: CN=1f862c0ba84f28677d6caa631c181472e649b0a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e7:f2:cc:93:06:69:e6:60:41:89:dc:8d:cd:
                    78:3b:61:6d:5f:f6:be:d4:52:fe:88:83:0b:da:22:
                    3d:86:46:ac:97:be:a7:ac:8e:9f:c5:fa:d3:5e:fe:
                    1b:fb:e5:68:93:f1:10:4c:f2:9d:6e:80:03:4a:7a:
                    93:aa:e8:eb:78:e1:64:b6:f5:2b:c1:e9:bd:e4:fb:
                    32:fb:c5:24:4f:60:65:d2:55:43:94:45:e1:e7:f7:
                    31:89:10:b7:55:56:21:89:cd:1b:5c:c2:d1:15:16:
                    f1:3a:78:88:6b:d0:8a:07:2b:43:89:86:d8:83:b5:
                    97:25:98:b9:4b:80:dd:6a:4a:ac:30:37:32:72:57:
                    8a:0d:45:45:b9:65:56:19:4f:62:15:31:06:2a:ec:
                    bc:7f:dc:bb:9c:5a:5f:ce:79:e1:02:d3:53:f8:4f:
                    f6:9f:d5:67:b6:f8:8e:0c:b0:07:c5:18:8a:c7:54:
                    d3:15:94:6a:2d:e5:a5:f2:37:66:a7:ca:ce:5e:19:
                    79:49:5f:5f:34:44:50:22:ee:be:4b:d4:7d:43:ad:
                    2a:e4:8e:de:b7:09:60:94:c3:f2:97:80:65:80:04:
                    e6:83:be:1d:56:be:fd:d4:3b:ed:45:d2:ff:57:51:
                    94:33:e2:d1:89:19:90:2d:de:74:2a:4d:6b:b7:9b:
                    b0:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:86:2C:0B:A8:4F:28:67:7D:6C:AA:63:1C:18:14:72:E6:49:B0:A0
            X509v3 Authority Key Identifier:
                keyid:F4:FA:75:8E:E1:D3:2A:1C:BD:94:64:6F:AF:43:6D:7B:8D:80:9E:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Pp1juHTKhy9lGRvr0Nte42AnqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/bf0c26-2277-4050-ac49-e79f8db313bf/1/9Pp1juHTKhy9lGRvr0Nte42AnqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:e5:65:64:8c:b5:e9:13:21:1a:9a:78:99:4b:84:62:73:e0:
         f7:f6:a0:7b:66:17:62:c9:3e:5c:8e:4c:8f:21:50:43:cf:65:
         85:38:ee:e8:8e:a2:e1:64:b0:a9:2d:4b:96:0c:34:9a:59:92:
         e7:18:a5:63:18:50:8b:94:40:d8:e8:dd:80:b6:95:d9:a3:9a:
         6e:01:65:ed:aa:b2:61:1f:ab:46:42:90:dd:ab:20:8a:cf:ae:
         93:6f:33:43:39:d0:31:e6:63:ea:c4:40:3e:67:38:40:44:c7:
         a5:e3:c3:f6:92:8c:b2:4e:20:50:a2:fc:c1:dd:60:f0:9f:26:
         b6:60:cf:98:82:b2:13:38:a2:a6:ed:47:1f:dd:38:2f:38:c4:
         32:5f:ca:fc:ea:9b:47:96:a7:1b:f3:5e:1a:c1:4c:fd:f9:a7:
         aa:ac:ec:08:1f:c2:11:d4:74:e3:61:e9:80:67:cd:0c:76:2f:
         dc:e5:b1:81:3a:e3:a3:61:32:da:37:a3:58:7b:6e:7a:ed:ef:
         4b:3a:97:38:4c:9e:00:50:79:5a:a1:cf:64:95:2d:40:f9:30:
         0b:22:fb:f2:79:dd:dc:b4:21:d8:f1:0e:43:70:c2:94:5a:d4:
         31:05:3d:a5:86:0d:24:3f:71:5d:db:41:94:12:fb:19:58:5d:
         db:57:bf:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j+9jEXVJXPZcyiGolTq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZmE3NThlZTFkMzJhMWNiZDk0NjQ2ZmFmNDM2ZDdiOGQ4
MDllYTQwHhcNMjUwNjI4MjIwMjA5WhcNMjUwNjI5MjIwMjA5WjAzMTEwLwYDVQQD
EygxZjg2MmMwYmE4NGYyODY3N2Q2Y2FhNjMxYzE4MTQ3MmU2NDliMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsefyzJMGaeZgQYncjc14O2FtX/a+
1FL+iIML2iI9hkasl76nrI6fxfrTXv4b++Vok/EQTPKdboADSnqTqujreOFktvUr
wem95Psy+8UkT2Bl0lVDlEXh5/cxiRC3VVYhic0bXMLRFRbxOniIa9CKBytDiYbY
g7WXJZi5S4DdakqsMDcycleKDUVFuWVWGU9iFTEGKuy8f9y7nFpfznnhAtNT+E/2
n9VntviODLAHxRiKx1TTFZRqLeWl8jdmp8rOXhl5SV9fNERQIu6+S9R9Q60q5I7e
twlglMPyl4BlgATmg74dVr791DvtRdL/V1GUM+LRiRmQLd50Kk1rt5uwPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+GLAuoTyhnfWyqYxwYFHLmSbCgMB8GA1UdIwQY
MBaAFPT6dY7h0yocvZRkb69DbXuNgJ6kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVBwMWp1SFRLaHk5bEdSdnIwTnRlNDJBbnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9iZjBjMjYtMjI3Ny00MDUwLWFjNDkt
ZTc5ZjhkYjMxM2JmLzEvOVBwMWp1SFRLaHk5bEdSdnIwTnRlNDJBbnFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9iZjBjMjYtMjI3Ny00MDUwLWFjNDktZTc5ZjhkYjMxM2Jm
LzEvOVBwMWp1SFRLaHk5bEdSdnIwTnRlNDJBbnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFeVlZIy1
6RMhGpp4mUuEYnPg9/age2YXYsk+XI5MjyFQQ89lhTju6I6i4WSwqS1Llgw0mlmS
5xilYxhQi5RA2OjdgLaV2aOabgFl7aqyYR+rRkKQ3asgis+uk28zQznQMeZj6sRA
Pmc4QETHpePD9pKMsk4gUKL8wd1g8J8mtmDPmIKyEziipu1HH904LzjEMl/K/Oqb
R5anG/NeGsFM/fmnqqzsCB/CEdR042HpgGfNDHYv3OWxgTrjo2Ey2jejWHtueu3v
SzqXOEyeAFB5WqHPZJUtQPkwCyL78nnd3LQh2PEOQ3DClFrUMQU9pYYNJD9xXdtB
lBL7GVhd21e/aw==
-----END CERTIFICATE-----