Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          Bs+aGSAgaEiI+GI8OdmAqvfEAdwl3mAdvilMOe4/Ixw=
Subject key identifier:   C1:76:38:E9:2F:6C:24:AA:96:E0:01:3A:A8:73:91:E6:B9:F9:78:AA
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       0198D54E7387FB5B8B9CA060D7ADE0C81C01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          1248
Signing time:             Sat 23 Aug 2025 05:02:25 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:25 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:25 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: CZSNYwF1mZTKZMArpwm86DEJ8p1a5Ik6ykz9cD5Zzb4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:73:87:fb:5b:8b:9c:a0:60:d7:ad:e0:c8:1c:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Aug 23 05:02:25 2025 GMT
            Not After : Aug 24 05:02:25 2025 GMT
        Subject: CN=c17638e92f6c24aa96e0013aa87391e6b9f978aa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:85:3b:79:74:d6:6f:99:58:80:63:3c:85:34:
                    41:62:07:5b:fe:4b:1c:05:31:86:2a:39:70:1d:99:
                    ca:51:2e:a6:68:53:0d:c2:d6:7d:f8:15:a1:dc:e7:
                    45:c4:e6:d5:da:f7:ce:17:a9:78:eb:bf:eb:f6:3c:
                    41:09:33:10:84:a8:28:c5:dd:21:a7:bd:35:d9:30:
                    69:28:c7:0b:67:95:15:0b:81:12:50:f2:4a:ee:6c:
                    60:2d:10:96:f5:5f:2e:0a:c5:89:a3:a2:36:eb:ba:
                    46:a8:83:5b:d8:03:db:8b:ce:98:64:68:a2:e4:17:
                    86:73:0f:44:6b:73:d4:b3:df:b0:1f:b9:05:45:cc:
                    20:80:ac:51:09:32:d1:fd:78:0b:c3:29:98:2c:df:
                    81:37:cf:e0:87:1e:c6:85:b4:f0:f3:ab:be:b3:03:
                    11:93:76:18:15:62:55:da:a3:d4:6f:02:54:56:dc:
                    e6:39:21:08:2c:a4:93:f0:ff:11:79:d4:29:a4:8f:
                    37:b8:da:69:00:fa:45:e0:98:55:7c:44:a3:15:f4:
                    6c:af:dc:fd:0d:a6:b6:41:f5:a6:07:85:a0:e6:74:
                    cf:cb:a9:66:5e:05:6f:4a:3a:e6:6f:4a:81:34:10:
                    71:4c:03:da:51:db:ef:b8:86:81:ee:60:c0:4f:76:
                    fd:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:76:38:E9:2F:6C:24:AA:96:E0:01:3A:A8:73:91:E6:B9:F9:78:AA
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:43:c0:29:4a:a2:8a:0f:4c:13:75:c1:48:cd:36:22:72:fc:
         c1:e5:f0:87:b1:42:d1:c6:a3:4a:7b:a0:ef:24:af:bc:7f:eb:
         bd:0b:bc:c8:f2:ac:54:fd:ac:e9:5b:5a:05:cb:bb:8d:bd:e6:
         6a:92:be:29:42:9c:ea:55:a2:2f:01:15:a5:18:8f:95:4b:2b:
         cf:c8:10:13:b3:13:d5:09:92:bf:ea:37:9e:d1:0d:78:fc:15:
         81:f2:18:71:a2:cf:bf:8c:70:ec:89:5e:cb:ee:17:2d:58:17:
         c1:b6:a6:d6:5b:6b:a7:c2:e6:dd:53:9f:6f:a5:39:45:66:fd:
         96:cd:69:06:70:f3:a0:4b:97:20:fa:3c:97:99:5c:63:07:29:
         f2:b3:11:76:7e:ae:14:ae:35:b1:1f:df:85:17:f6:28:5e:31:
         47:50:37:ae:0b:1d:40:e9:fa:8c:50:0f:76:f3:a3:4b:34:50:
         ba:49:ef:7b:ea:84:98:f5:cc:15:16:82:2a:17:a2:0c:d2:77:
         f9:5c:47:27:2d:15:f2:f4:89:72:2d:13:46:15:72:8a:ae:cb:
         32:3d:e2:c9:7e:d8:ca:ca:40:c8:cf:96:18:9d:d7:3d:61:7c:
         1e:f7:d2:cc:cb:52:c7:94:a0:1c:dd:44:c2:e4:8e:a7:52:74:
         42:92:07:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTnOH+1uLnKBg163gyBwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjUwODIzMDUwMjI1WhcNMjUwODI0MDUwMjI1WjAzMTEwLwYDVQQD
EyhjMTc2MzhlOTJmNmMyNGFhOTZlMDAxM2FhODczOTFlNmI5Zjk3OGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIU7eXTWb5lYgGM8hTRBYgdb/ksc
BTGGKjlwHZnKUS6maFMNwtZ9+BWh3OdFxObV2vfOF6l467/r9jxBCTMQhKgoxd0h
p7012TBpKMcLZ5UVC4ESUPJK7mxgLRCW9V8uCsWJo6I267pGqINb2APbi86YZGii
5BeGcw9Ea3PUs9+wH7kFRcwggKxRCTLR/XgLwymYLN+BN8/ghx7GhbTw86u+swMR
k3YYFWJV2qPUbwJUVtzmOSEILKST8P8RedQppI83uNppAPpF4JhVfESjFfRsr9z9
Daa2QfWmB4Wg5nTPy6lmXgVvSjrmb0qBNBBxTAPaUdvvuIaB7mDAT3b9gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMF2OOkvbCSqluABOqhzkea5+XiqMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxUPAKUqi
ig9ME3XBSM02InL8weXwh7FC0cajSnug7ySvvH/rvQu8yPKsVP2s6VtaBcu7jb3m
apK+KUKc6lWiLwEVpRiPlUsrz8gQE7MT1QmSv+o3ntENePwVgfIYcaLPv4xw7Ile
y+4XLVgXwbam1ltrp8Lm3VOfb6U5RWb9ls1pBnDzoEuXIPo8l5lcYwcp8rMRdn6u
FK41sR/fhRf2KF4xR1A3rgsdQOn6jFAPdvOjSzRQuknve+qEmPXMFRaCKheiDNJ3
+VxHJy0V8vSJci0TRhVyiq7LMj3iyX7YyspAyM+WGJ3XPWF8HvfSzMtSx5SgHN1E
wuSOp1J0QpIHaw==
-----END CERTIFICATE-----