Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          J4jXrF7Znt46XxWztsafwQZvK6llFpZXZRtFYgxPXSI=
Subject key identifier:   32:FD:1B:EE:04:83:6F:3F:42:EC:12:45:2B:BE:77:48:64:95:06:84
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       0197B9D92F39E3FA87D24EFF14D5D0488D68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          15B4
Signing time:             Sun 29 Jun 2025 04:01:47 +0000
Manifest this update:     Sun 29 Jun 2025 04:01:47 +0000
Manifest next update:     Mon 30 Jun 2025 04:01:47 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: lvN7JyC6zNsKKkmfv+0R68ET44ZAVJmF345A3vuTlzg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 00:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b9:d9:2f:39:e3:fa:87:d2:4e:ff:14:d5:d0:48:8d:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Jun 29 04:01:47 2025 GMT
            Not After : Jun 30 04:01:47 2025 GMT
        Subject: CN=32fd1bee04836f3f42ec12452bbe774864950684
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:89:d2:67:f9:84:1d:f6:0e:59:fe:57:4c:c9:
                    f1:9f:5b:30:0a:8f:81:05:f0:67:8e:e9:8a:00:63:
                    3b:48:d4:af:6e:ad:28:cf:07:43:6c:9e:7b:2e:b7:
                    e3:03:3c:b8:dc:d7:4a:ff:c6:dd:a0:96:11:7d:d1:
                    9f:06:16:58:5d:cc:2b:9f:14:ce:e7:66:70:db:9a:
                    e6:84:b8:d6:f3:f8:ac:c0:bb:69:4d:1b:8e:57:a0:
                    be:31:07:14:4f:a2:c3:6c:c1:2a:33:90:ec:a6:34:
                    e3:f0:6c:94:7b:64:cb:13:e1:08:3b:3d:09:fd:e5:
                    7b:19:a3:64:11:3b:1f:4a:cb:16:77:03:bb:1a:b6:
                    c9:6d:40:05:36:a8:b2:83:51:e9:cc:12:6d:38:cf:
                    93:9c:45:36:15:90:14:8f:40:f7:fe:23:17:e8:bc:
                    22:f8:00:b4:b8:dc:70:6c:08:6b:df:1f:93:a7:d1:
                    92:b9:60:59:4a:9a:32:a7:35:71:d8:2a:c6:bc:44:
                    93:ca:75:03:53:9a:57:22:b6:e7:de:9f:15:ed:f7:
                    4b:07:b7:a4:04:d5:50:64:09:30:4e:fc:7b:16:50:
                    9e:b1:52:ae:01:b9:70:52:7c:25:40:a1:2e:d9:82:
                    a6:99:51:d6:16:b5:ea:e5:b1:c1:8f:fd:70:23:b8:
                    27:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:FD:1B:EE:04:83:6F:3F:42:EC:12:45:2B:BE:77:48:64:95:06:84
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:60:26:04:e1:44:ab:b9:eb:ef:ca:93:17:0f:d4:9f:2a:db:
         c2:fa:7b:f5:01:ed:91:0a:d0:f2:a9:14:b1:91:73:63:55:46:
         11:46:b4:cf:87:4e:1c:4f:b1:37:5a:07:5e:0c:81:e4:8d:bd:
         91:5c:23:50:e4:91:cf:cb:63:e3:59:bf:ce:68:79:51:13:df:
         8f:b6:f9:6e:da:fb:c9:da:b3:6c:6a:c7:ca:dd:bc:2e:8b:e4:
         6b:98:97:9e:04:6b:80:d1:a7:83:20:c4:42:44:59:b2:d8:27:
         1e:60:ae:2d:23:99:7f:c5:76:f5:5c:a6:47:87:c0:ee:b1:2d:
         15:53:63:36:8a:d6:19:ba:fa:4a:81:87:70:ae:c3:9e:b8:55:
         0e:fb:58:e4:c0:56:e5:de:e8:9b:d5:6c:23:9a:48:36:21:20:
         45:f2:ea:17:f8:f2:cd:62:3c:6b:07:a8:4f:d9:9b:ee:3d:f1:
         f5:08:a0:64:9a:05:6e:ea:38:82:54:70:a3:10:c0:8d:5f:d3:
         e1:3b:fe:e2:a5:7b:42:02:76:06:e0:74:e8:95:80:93:10:b3:
         21:e1:02:cc:11:33:8e:a4:88:d9:8a:06:34:39:a6:8a:ed:b2:
         fc:2b:b3:6d:d1:1e:14:ed:81:e4:25:4a:c6:6a:91:a5:ca:63:
         cc:bb:ab:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe52S854/qH0k7/FNXQSI1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjUwNjI5MDQwMTQ3WhcNMjUwNjMwMDQwMTQ3WjAzMTEwLwYDVQQD
EygzMmZkMWJlZTA0ODM2ZjNmNDJlYzEyNDUyYmJlNzc0ODY0OTUwNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4nSZ/mEHfYOWf5XTMnxn1swCo+B
BfBnjumKAGM7SNSvbq0ozwdDbJ57LrfjAzy43NdK/8bdoJYRfdGfBhZYXcwrnxTO
52Zw25rmhLjW8/iswLtpTRuOV6C+MQcUT6LDbMEqM5DspjTj8GyUe2TLE+EIOz0J
/eV7GaNkETsfSssWdwO7GrbJbUAFNqiyg1HpzBJtOM+TnEU2FZAUj0D3/iMX6Lwi
+AC0uNxwbAhr3x+Tp9GSuWBZSpoypzVx2CrGvESTynUDU5pXIrbn3p8V7fdLB7ek
BNVQZAkwTvx7FlCesVKuAblwUnwlQKEu2YKmmVHWFrXq5bHBj/1wI7gn8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDL9G+4Eg28/QuwSRSu+d0hklQaEMB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALmAmBOFE
q7nr78qTFw/Unyrbwvp79QHtkQrQ8qkUsZFzY1VGEUa0z4dOHE+xN1oHXgyB5I29
kVwjUOSRz8tj41m/zmh5URPfj7b5btr7ydqzbGrHyt28Lovka5iXngRrgNGngyDE
QkRZstgnHmCuLSOZf8V29VymR4fA7rEtFVNjNorWGbr6SoGHcK7DnrhVDvtY5MBW
5d7om9VsI5pINiEgRfLqF/jyzWI8aweoT9mb7j3x9QigZJoFbuo4glRwoxDAjV/T
4Tv+4qV7QgJ2BuB06JWAkxCzIeECzBEzjqSI2YoGNDmmiu2y/CuzbdEeFO2B5CVK
xmqRpcpjzLurvg==
-----END CERTIFICATE-----