Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
File:                     SpR3QFKci4QPf4kzCXmshyyj-rg.mft (raw, json)
Hash identifier:          Ek1VCxeDpEJB9RHl+xFBpD/z50sr9x499fTBRBwjLdE=
Subject key identifier:   72:E3:01:15:DA:29:99:7A:17:83:EF:F9:5F:96:81:2A:10:CD:49:03
Authority key identifier: 4A:94:77:40:52:9C:8B:84:0F:7F:89:33:09:79:AC:87:2C:A3:FA:B8
Certificate issuer:       /CN=4a947740529c8b840f7f89330979ac872ca3fab8
Certificate serial:       0197B88F905374FF6B5B93D9A5C2B65A3630
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
Manifest number:          0160
Signing time:             Sat 28 Jun 2025 22:01:45 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:45 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:45 +0000
Files and hashes:         1: SpR3QFKci4QPf4kzCXmshyyj-rg.crl (hash: 8EjPMcvHni/cZh0q82sL7w9Jf+faXOBko9PnxZAdh5k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:90:53:74:ff:6b:5b:93:d9:a5:c2:b6:5a:36:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a947740529c8b840f7f89330979ac872ca3fab8
        Validity
            Not Before: Jun 28 22:01:45 2025 GMT
            Not After : Jun 29 22:01:45 2025 GMT
        Subject: CN=72e30115da29997a1783eff95f96812a10cd4903
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:4a:ce:c9:2d:7c:7f:e6:9c:1c:2c:cd:86:a2:
                    25:7b:6f:47:1a:e0:26:04:d2:82:c2:75:a6:4c:e6:
                    9e:6f:e3:10:b4:04:1a:1b:ac:7c:7e:51:35:a9:5a:
                    eb:84:5e:f8:b9:12:39:39:d2:e1:74:05:19:36:14:
                    25:6f:b3:39:c6:02:09:6b:45:3d:97:bd:2c:31:4e:
                    2f:cf:df:22:49:5b:dd:c1:c1:25:17:df:71:b0:89:
                    42:eb:45:50:a2:7e:fd:31:27:3d:ff:0d:fa:2b:45:
                    cb:72:aa:75:4d:1c:44:65:d2:c1:3e:41:bb:0c:3d:
                    71:e5:be:78:5c:c8:8b:f0:45:05:d0:00:5a:33:0a:
                    05:cb:04:11:a6:5e:a3:2a:0d:7e:17:ae:b3:92:6a:
                    85:a6:21:8d:53:1e:9b:fc:c5:46:96:4b:f7:e5:b8:
                    55:a6:8b:81:bc:b0:3b:84:ac:3d:14:7d:29:26:80:
                    49:54:1e:b7:df:c8:ce:f6:9c:b2:48:24:6d:d0:c2:
                    4a:f3:ba:c8:a3:a9:a6:c2:ac:46:25:58:46:8c:41:
                    c0:aa:a4:82:ce:d4:bb:7a:af:a4:1c:d7:da:13:e8:
                    47:3f:b4:55:ac:5a:77:07:e3:f6:cd:5e:4c:80:8a:
                    c8:a8:fc:62:45:ee:d0:71:43:aa:d4:3a:c2:1b:d6:
                    f1:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E3:01:15:DA:29:99:7A:17:83:EF:F9:5F:96:81:2A:10:CD:49:03
            X509v3 Authority Key Identifier:
                keyid:4A:94:77:40:52:9C:8B:84:0F:7F:89:33:09:79:AC:87:2C:A3:FA:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpR3QFKci4QPf4kzCXmshyyj-rg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e90d6b-52e0-4195-88af-7db25ad7cd4c/1/SpR3QFKci4QPf4kzCXmshyyj-rg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:34:d1:c1:22:f2:25:83:84:d0:d3:c8:2a:c1:00:fd:b1:7d:
         64:f8:c4:ed:30:b0:ad:26:4b:3b:4c:6c:bf:cf:da:ce:5d:c5:
         ef:12:1f:fa:ba:62:bc:a6:31:4a:b8:30:78:27:ed:60:ee:35:
         52:ec:9f:cb:f7:b0:18:b7:c8:5d:1c:9c:34:33:2f:86:93:1b:
         7e:67:ea:95:13:c8:af:0b:b4:a4:04:8c:f8:79:6a:9d:e9:c8:
         33:3d:7a:4a:f5:18:b9:0f:dd:2b:af:12:e4:66:aa:38:ee:b9:
         85:49:68:bb:7f:1a:3e:41:bb:ff:a2:3e:72:03:db:d6:16:93:
         45:f1:3f:22:39:1f:05:88:27:d2:a7:d4:fe:43:f4:fc:88:94:
         90:57:f1:05:57:c0:65:0a:d4:0d:0f:6b:7c:1d:b9:ac:13:aa:
         fd:84:bd:04:94:6c:f8:71:0f:07:42:9d:40:10:9f:f2:f3:89:
         ac:9b:8a:d3:0c:b8:6b:18:3c:83:b7:58:73:1c:53:33:d7:41:
         a4:29:ad:4b:ea:57:07:c4:c3:4a:c4:f3:fe:9b:49:74:64:91:
         e4:1d:16:c6:85:dc:04:41:af:09:35:b7:ba:96:1c:d9:83:5f:
         9f:eb:40:04:42:2b:d2:31:f5:6e:c6:b3:ab:69:9e:79:9e:f9:
         1c:65:b8:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j5BTdP9rW5PZpcK2WjYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOTQ3NzQwNTI5YzhiODQwZjdmODkzMzA5NzlhYzg3MmNh
M2ZhYjgwHhcNMjUwNjI4MjIwMTQ1WhcNMjUwNjI5MjIwMTQ1WjAzMTEwLwYDVQQD
Eyg3MmUzMDExNWRhMjk5OTdhMTc4M2VmZjk1Zjk2ODEyYTEwY2Q0OTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1krOyS18f+acHCzNhqIle29HGuAm
BNKCwnWmTOaeb+MQtAQaG6x8flE1qVrrhF74uRI5OdLhdAUZNhQlb7M5xgIJa0U9
l70sMU4vz98iSVvdwcElF99xsIlC60VQon79MSc9/w36K0XLcqp1TRxEZdLBPkG7
DD1x5b54XMiL8EUF0ABaMwoFywQRpl6jKg1+F66zkmqFpiGNUx6b/MVGlkv35bhV
pouBvLA7hKw9FH0pJoBJVB6338jO9pyySCRt0MJK87rIo6mmwqxGJVhGjEHAqqSC
ztS7eq+kHNfaE+hHP7RVrFp3B+P2zV5MgIrIqPxiRe7QcUOq1DrCG9bx2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLjARXaKZl6F4Pv+V+WgSoQzUkDMB8GA1UdIwQY
MBaAFEqUd0BSnIuED3+JMwl5rIcso/q4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lOTBkNmItNTJlMC00MTk1LTg4YWYt
N2RiMjVhZDdjZDRjLzEvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lOTBkNmItNTJlMC00MTk1LTg4YWYtN2RiMjVhZDdjZDRj
LzEvU3BSM1FGS2NpNFFQZjRrekNYbXNoeXlqLXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmzTRwSLy
JYOE0NPIKsEA/bF9ZPjE7TCwrSZLO0xsv8/azl3F7xIf+rpivKYxSrgweCftYO41
Uuyfy/ewGLfIXRycNDMvhpMbfmfqlRPIrwu0pASM+HlqnenIMz16SvUYuQ/dK68S
5GaqOO65hUlou38aPkG7/6I+cgPb1haTRfE/IjkfBYgn0qfU/kP0/IiUkFfxBVfA
ZQrUDQ9rfB25rBOq/YS9BJRs+HEPB0KdQBCf8vOJrJuK0wy4axg8g7dYcxxTM9dB
pCmtS+pXB8TDSsTz/ptJdGSR5B0WxoXcBEGvCTW3upYc2YNfn+tABEIr0jH1bsaz
q2meeZ75HGW4Jw==
-----END CERTIFICATE-----