Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          ewThuLzxq+fiCFrZx8iG/Im+hB+RwKUUQ5aHLcl5gKM=
Subject key identifier:   2B:83:21:83:B6:7D:00:32:7F:6F:DC:3F:D7:1A:B0:38:06:4A:24:BC
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       0198D5BBDEA99A3DDAA78A56D29F3D08775D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 07:01:55 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:55 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:55 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: +ULkFSHdBY0UaFxVJWXSyVjfm2umAHqe0G3H/4U8PnA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 07:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:de:a9:9a:3d:da:a7:8a:56:d2:9f:3d:08:77:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Aug 23 07:01:55 2025 GMT
            Not After : Aug 24 07:01:55 2025 GMT
        Subject: CN=2b832183b67d00327f6fdc3fd71ab038064a24bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:24:da:36:74:1d:34:81:2c:37:42:93:88:af:
                    ed:7a:91:2a:fe:8e:7e:5c:32:17:bb:a3:5a:05:87:
                    77:07:56:4e:0c:23:32:fd:d9:80:3e:ae:0c:08:a8:
                    fd:85:db:d2:53:c9:07:ba:8c:5c:46:8f:a0:28:48:
                    b9:9e:15:26:d6:9e:b3:15:93:dd:af:35:f4:89:33:
                    f6:67:07:95:6a:15:48:bf:c7:bf:2b:7f:f5:73:ff:
                    09:d3:40:33:e4:7a:33:28:af:1d:8d:0e:2e:86:32:
                    20:cf:00:c5:e6:58:f6:96:b1:90:26:e7:e5:af:65:
                    ae:fd:de:cb:74:59:9b:63:80:71:0f:4e:6e:93:3a:
                    52:32:13:72:0d:eb:55:a3:3a:dd:45:c4:02:e8:0b:
                    b6:a2:09:54:de:7b:d6:09:a6:20:6f:6e:79:df:93:
                    0b:5b:45:32:51:79:82:b1:c1:c7:be:f3:f7:d0:a7:
                    4d:80:5a:6a:f1:82:f7:21:ce:63:68:78:2f:2d:21:
                    27:c8:e8:af:a5:1d:9c:12:62:ca:a0:48:72:2e:f1:
                    8b:60:6f:8e:84:5a:41:21:7c:9c:b7:48:3f:65:aa:
                    99:c0:cb:b4:79:4f:c4:22:9d:fa:ac:cd:f5:b2:c2:
                    26:dc:6b:f5:6b:6a:30:96:b8:e1:72:39:9e:b0:e0:
                    af:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:83:21:83:B6:7D:00:32:7F:6F:DC:3F:D7:1A:B0:38:06:4A:24:BC
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:17:a1:89:10:94:a8:65:fc:a6:7f:24:8a:79:f8:ca:0f:d8:
         ce:ed:37:49:d2:75:b3:a8:18:2a:7f:c9:be:50:cd:9c:2c:6a:
         ab:5e:f4:63:a1:58:bd:3b:f4:17:2a:17:c5:ce:57:2e:df:4a:
         42:2b:60:50:13:42:b8:2c:e3:aa:3a:c6:85:77:7c:21:90:84:
         71:cf:f0:68:a8:e8:3d:01:9b:6d:ee:a0:b5:b3:dc:33:ce:3a:
         01:aa:63:84:ea:dc:a8:2c:83:b5:46:46:0d:43:47:17:53:0a:
         15:8d:ec:aa:38:79:ee:60:e9:74:17:1e:7d:33:4f:08:6f:9e:
         6b:43:0a:f5:a4:bb:54:61:85:0a:9b:da:10:06:6b:d1:88:bc:
         27:45:6c:35:32:44:72:ac:d7:83:42:d5:cd:56:f4:da:64:76:
         a8:13:61:70:b3:a3:40:62:a5:3e:1a:a1:e8:88:55:ca:7d:1c:
         cb:96:aa:34:04:c2:67:21:73:e8:2a:28:18:23:3d:53:29:8d:
         81:5e:c3:e1:24:b9:cc:53:ac:fc:71:28:75:4c:8a:8c:18:a9:
         6d:fb:86:9b:2b:0c:09:ab:44:0c:cb:73:6f:6e:ed:56:5f:d6:
         f1:a6:08:1a:7e:61:a7:64:8f:81:98:d5:dd:d1:4a:fd:15:28:
         d4:12:11:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu96pmj3ap4pW0p89CHddMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjUwODIzMDcwMTU1WhcNMjUwODI0MDcwMTU1WjAzMTEwLwYDVQQD
EygyYjgzMjE4M2I2N2QwMDMyN2Y2ZmRjM2ZkNzFhYjAzODA2NGEyNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyTaNnQdNIEsN0KTiK/tepEq/o5+
XDIXu6NaBYd3B1ZODCMy/dmAPq4MCKj9hdvSU8kHuoxcRo+gKEi5nhUm1p6zFZPd
rzX0iTP2ZweVahVIv8e/K3/1c/8J00Az5HozKK8djQ4uhjIgzwDF5lj2lrGQJufl
r2Wu/d7LdFmbY4BxD05ukzpSMhNyDetVozrdRcQC6Au2oglU3nvWCaYgb25535ML
W0UyUXmCscHHvvP30KdNgFpq8YL3Ic5jaHgvLSEnyOivpR2cEmLKoEhyLvGLYG+O
hFpBIXyct0g/ZaqZwMu0eU/EIp36rM31ssIm3Gv1a2owlrjhcjmesOCvGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuDIYO2fQAyf2/cP9casDgGSiS8MB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAChehiRCU
qGX8pn8kinn4yg/Yzu03SdJ1s6gYKn/JvlDNnCxqq170Y6FYvTv0FyoXxc5XLt9K
QitgUBNCuCzjqjrGhXd8IZCEcc/waKjoPQGbbe6gtbPcM846AapjhOrcqCyDtUZG
DUNHF1MKFY3sqjh57mDpdBcefTNPCG+ea0MK9aS7VGGFCpvaEAZr0Yi8J0VsNTJE
cqzXg0LVzVb02mR2qBNhcLOjQGKlPhqh6IhVyn0cy5aqNATCZyFz6CooGCM9UymN
gV7D4SS5zFOs/HEodUyKjBipbfuGmysMCatEDMtzb27tVl/W8aYIGn5hp2SPgZjV
3dFK/RUo1BIRUQ==
-----END CERTIFICATE-----