Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          M3tYqEYJVYSWohuyljrR1q9vZa2Q/OS7ePX+7XUzMtc=
Subject key identifier:   59:97:1B:51:FA:57:DA:49:0B:60:6D:E0:ED:6C:78:73:CE:B6:E7:8C
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       0196A79DAE5E08148A99F60ACCAD9BEE14A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          1526
Signing time:             Tue 06 May 2025 22:00:50 +0000
Manifest this update:     Tue 06 May 2025 22:00:50 +0000
Manifest next update:     Wed 07 May 2025 22:00:50 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: ldKqKivPS+2ntWdDpsoG1DuZ3kkYiTlE3iX07jr0Q/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 22:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a7:9d:ae:5e:08:14:8a:99:f6:0a:cc:ad:9b:ee:14:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: May  6 22:00:50 2025 GMT
            Not After : May  7 22:00:50 2025 GMT
        Subject: CN=59971b51fa57da490b606de0ed6c7873ceb6e78c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:4e:bc:f6:46:98:16:b3:91:fa:c6:46:a4:34:
                    3a:8f:cd:4a:39:5a:fd:9c:96:22:5f:4f:0a:79:ca:
                    b9:df:98:0b:1a:31:a8:3a:18:72:5a:58:25:da:8f:
                    69:e3:c1:46:f9:be:51:c2:b6:b8:31:9e:4d:26:ff:
                    c9:68:d6:37:8c:92:0c:a6:e2:49:6e:26:d6:4a:57:
                    1c:e7:88:b5:19:03:bb:6d:41:01:4d:58:89:27:c6:
                    0e:5b:ac:ce:78:54:c7:9e:90:0e:5e:d0:9f:06:64:
                    85:33:0d:66:32:80:86:ea:14:a8:75:d7:12:a5:71:
                    49:d0:eb:3d:1c:20:83:43:29:81:69:52:cb:88:f1:
                    c1:f5:00:77:36:41:17:e6:27:95:e2:19:9e:af:6b:
                    eb:0b:4b:1a:4c:5e:ae:3a:62:2f:03:67:4f:c7:5f:
                    d4:89:72:65:e6:74:46:03:67:45:c3:8d:47:50:49:
                    e1:d5:13:02:9e:fc:1e:74:d1:2c:2f:ea:85:a3:0f:
                    21:10:20:e5:de:62:1c:9a:b6:8e:a8:0d:0e:af:69:
                    9e:43:e6:04:64:de:94:8f:0a:78:e4:ca:ca:ba:f5:
                    3c:86:87:0a:95:fe:e4:f8:bf:3c:be:e7:67:5a:4e:
                    9c:d1:d1:fd:aa:8c:f9:a1:b7:e5:aa:7f:e3:b0:1a:
                    c5:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:97:1B:51:FA:57:DA:49:0B:60:6D:E0:ED:6C:78:73:CE:B6:E7:8C
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:cb:a8:cf:53:61:59:c4:4e:6b:82:0f:99:71:50:95:f7:17:
         ca:07:14:c2:9d:5b:5d:0d:60:6d:e8:20:de:ee:a7:f6:84:c3:
         54:e6:a5:8e:b0:0f:b9:60:b3:cf:51:46:02:35:1a:d8:d9:f5:
         40:77:be:69:fd:ee:79:e9:32:30:a2:ad:50:65:80:0a:6c:e8:
         4d:92:8b:b5:6d:21:0d:11:b8:49:de:40:65:f4:b9:fb:d9:a1:
         47:8d:3b:e5:88:22:c5:02:64:b0:4d:2c:f4:3b:ee:86:6b:f3:
         6a:d2:d4:a7:0d:ae:7f:56:1f:9d:5c:21:8a:93:82:a4:5d:36:
         8b:8f:df:e9:e6:5c:12:1c:7b:fc:f9:9b:94:dc:1f:1c:2d:0e:
         fe:e8:35:4d:2b:57:bd:07:6b:14:78:08:3b:f4:72:83:71:b4:
         48:97:3a:3c:a5:28:11:70:13:5e:61:26:be:a5:15:75:2c:60:
         9d:20:20:fb:58:41:1c:70:15:8d:b4:33:eb:6d:75:2f:7b:1d:
         10:f9:0e:d3:8f:95:9d:a5:a2:c9:a2:8c:d8:c4:8f:54:83:10:
         b8:41:d9:53:ed:50:c7:69:78:53:ed:8e:bb:17:a4:b4:31:1a:
         39:86:13:9c:05:7b:39:43:8a:a7:f4:6e:8b:bf:a6:b7:7a:c3:
         48:36:4f:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZanna5eCBSKmfYKzK2b7hSkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjUwNTA2MjIwMDUwWhcNMjUwNTA3MjIwMDUwWjAzMTEwLwYDVQQD
Eyg1OTk3MWI1MWZhNTdkYTQ5MGI2MDZkZTBlZDZjNzg3M2NlYjZlNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0689kaYFrOR+sZGpDQ6j81KOVr9
nJYiX08Kecq535gLGjGoOhhyWlgl2o9p48FG+b5Rwra4MZ5NJv/JaNY3jJIMpuJJ
bibWSlcc54i1GQO7bUEBTViJJ8YOW6zOeFTHnpAOXtCfBmSFMw1mMoCG6hSoddcS
pXFJ0Os9HCCDQymBaVLLiPHB9QB3NkEX5ieV4hmer2vrC0saTF6uOmIvA2dPx1/U
iXJl5nRGA2dFw41HUEnh1RMCnvwedNEsL+qFow8hECDl3mIcmraOqA0Or2meQ+YE
ZN6Ujwp45MrKuvU8hocKlf7k+L88vudnWk6c0dH9qoz5obflqn/jsBrFjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFmXG1H6V9pJC2Bt4O1seHPOtueMMB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKsuoz1Nh
WcROa4IPmXFQlfcXygcUwp1bXQ1gbegg3u6n9oTDVOaljrAPuWCzz1FGAjUa2Nn1
QHe+af3ueekyMKKtUGWACmzoTZKLtW0hDRG4Sd5AZfS5+9mhR4075YgixQJksE0s
9DvuhmvzatLUpw2uf1YfnVwhipOCpF02i4/f6eZcEhx7/PmblNwfHC0O/ug1TStX
vQdrFHgIO/Ryg3G0SJc6PKUoEXATXmEmvqUVdSxgnSAg+1hBHHAVjbQz6211L3sd
EPkO04+VnaWiyaKM2MSPVIMQuEHZU+1Qx2l4U+2OuxektDEaOYYTnAV7OUOKp/Ru
i7+mt3rDSDZPsA==
-----END CERTIFICATE-----