Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          hX2UqP+w4XrS4LzNcqgUr8vXtUE5MSRqBXXoXtfwV/0=
Subject key identifier:   4B:50:8C:E9:C4:25:CD:A6:AB:CF:79:56:15:12:FF:2D:47:CB:42:A2
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       0197B77C8583C9C56EF32F842969DE5442CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          11B4
Signing time:             Sat 28 Jun 2025 17:01:20 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:20 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:20 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: ThQn80ljEgbj/3LK9PqSDAOCwOKUqG53EwTClzhlQZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:85:83:c9:c5:6e:f3:2f:84:29:69:de:54:42:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Jun 28 17:01:20 2025 GMT
            Not After : Jun 29 17:01:20 2025 GMT
        Subject: CN=4b508ce9c425cda6abcf79561512ff2d47cb42a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:5b:18:74:2d:c7:89:93:eb:82:76:f0:4b:c7:
                    fb:ec:c3:8c:c7:ce:fb:59:48:cb:a8:68:bc:26:2e:
                    f7:de:fa:2c:d2:be:c9:8e:4b:80:ea:f1:93:2e:7b:
                    2c:c0:46:fe:4e:95:e0:d0:d9:d4:02:d0:39:18:15:
                    06:3d:48:76:3b:5b:bc:b8:55:ce:ad:84:ef:af:c6:
                    de:4e:9c:3b:9c:f7:73:2d:ae:fe:05:b0:88:72:9f:
                    9b:98:f7:56:33:7d:5b:ef:30:09:07:58:02:11:14:
                    56:68:e3:30:da:44:e5:60:7e:8b:4f:18:41:82:a3:
                    61:b2:0d:0d:46:71:e4:79:70:a9:7f:f9:0a:ae:da:
                    c6:45:ee:ff:db:2c:2f:7c:05:5b:5d:23:a9:3a:be:
                    2f:60:6a:15:dd:2b:91:d2:9c:ed:3d:fa:3c:a2:e2:
                    1c:fd:c1:69:6a:37:2a:f7:6f:55:4d:a4:a4:38:bd:
                    01:c8:a7:69:62:e6:4c:db:8a:ad:d5:96:f3:9d:36:
                    77:f1:0f:0d:df:cb:82:95:c9:8c:e7:1a:ec:ae:59:
                    43:53:93:76:b8:4c:19:21:18:a2:04:9f:24:5f:83:
                    75:da:65:03:24:50:b2:95:fd:13:c0:cc:b7:c1:c8:
                    b1:32:f3:61:9d:51:6b:ca:02:47:74:40:fc:fb:c4:
                    bd:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:50:8C:E9:C4:25:CD:A6:AB:CF:79:56:15:12:FF:2D:47:CB:42:A2
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:1c:e4:0b:b2:18:ee:f6:25:06:79:75:ba:85:7a:15:94:d4:
         a3:3e:28:5d:d9:98:67:56:15:d5:a3:c9:1a:ea:4f:ef:a3:d0:
         6e:5b:00:1a:3e:77:e3:02:02:7c:d1:f7:c0:8f:86:5c:0f:04:
         33:95:d2:51:1d:54:40:94:f1:eb:85:7a:06:7b:3c:96:54:18:
         66:ca:af:f2:c6:4f:76:21:a0:3f:6e:a7:c9:09:68:75:e1:74:
         70:56:f6:0a:03:41:bf:e0:a8:d6:82:3b:0e:fd:88:e5:e6:d7:
         75:ec:e4:31:6e:99:64:f1:cc:c6:35:6d:e6:6e:3b:de:40:33:
         b6:f9:11:fa:14:68:d7:dc:a0:af:7d:c4:11:4a:ad:f5:31:4f:
         eb:c5:48:98:f0:e4:3f:46:82:ef:a8:09:ee:bc:eb:0a:ce:57:
         0e:fb:7a:07:3b:19:84:de:92:ad:ac:7e:72:28:90:90:d4:2c:
         2e:01:48:f4:62:1f:f2:c6:b6:38:8e:3a:2f:d8:d9:ac:a8:e1:
         44:28:e6:1f:82:09:c4:21:16:f2:44:48:61:69:78:76:1a:90:
         66:09:55:57:b4:90:3d:ec:fb:00:9e:94:5b:3c:4a:b2:fb:7b:
         f2:b6:d1:2e:33:bd:ad:7d:78:fd:0d:14:24:23:47:8f:d7:b4:
         dd:5f:7c:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fIWDycVu8y+EKWneVELKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjUwNjI4MTcwMTIwWhcNMjUwNjI5MTcwMTIwWjAzMTEwLwYDVQQD
Eyg0YjUwOGNlOWM0MjVjZGE2YWJjZjc5NTYxNTEyZmYyZDQ3Y2I0MmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVsYdC3HiZPrgnbwS8f77MOMx877
WUjLqGi8Ji733vos0r7JjkuA6vGTLnsswEb+TpXg0NnUAtA5GBUGPUh2O1u8uFXO
rYTvr8beTpw7nPdzLa7+BbCIcp+bmPdWM31b7zAJB1gCERRWaOMw2kTlYH6LTxhB
gqNhsg0NRnHkeXCpf/kKrtrGRe7/2ywvfAVbXSOpOr4vYGoV3SuR0pztPfo8ouIc
/cFpajcq929VTaSkOL0ByKdpYuZM24qt1ZbznTZ38Q8N38uClcmM5xrsrllDU5N2
uEwZIRiiBJ8kX4N12mUDJFCylf0TwMy3wcixMvNhnVFrygJHdED8+8S9vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEtQjOnEJc2mq895VhUS/y1Hy0KiMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAehzkC7IY
7vYlBnl1uoV6FZTUoz4oXdmYZ1YV1aPJGupP76PQblsAGj534wICfNH3wI+GXA8E
M5XSUR1UQJTx64V6Bns8llQYZsqv8sZPdiGgP26nyQlodeF0cFb2CgNBv+Co1oI7
Dv2I5ebXdezkMW6ZZPHMxjVt5m473kAztvkR+hRo19ygr33EEUqt9TFP68VImPDk
P0aC76gJ7rzrCs5XDvt6BzsZhN6Srax+ciiQkNQsLgFI9GIf8sa2OI46L9jZrKjh
RCjmH4IJxCEW8kRIYWl4dhqQZglVV7SQPez7AJ6UWzxKsvt78rbRLjO9rX14/Q0U
JCNHj9e03V98kA==
-----END CERTIFICATE-----