Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
File:                     A2hHspcjX68HFob-0sHpEL9gBIY.mft (raw, json)
Hash identifier:          K+smHoL9LljaTqBTcELmgYoZ27aoqpPNoS562nsXBI4=
Subject key identifier:   19:89:29:0D:66:CD:6B:4D:02:4C:B1:BA:C2:54:CA:14:E4:C9:EB:AF
Authority key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Certificate issuer:       /CN=036847b297235faf071686fed2c1e910bf600486
Certificate serial:       0197B6A07C233014D334ECF4633AC369D8F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
Manifest number:          1245
Signing time:             Sat 28 Jun 2025 13:01:00 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:00 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:00 +0000
Files and hashes:         1: A2hHspcjX68HFob-0sHpEL9gBIY.crl (hash: 0/cc8uAj1KvgZCST1xT77O9ohuYJmFFOJKRLQiMyX6o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:7c:23:30:14:d3:34:ec:f4:63:3a:c3:69:d8:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036847b297235faf071686fed2c1e910bf600486
        Validity
            Not Before: Jun 28 13:01:00 2025 GMT
            Not After : Jun 29 13:01:00 2025 GMT
        Subject: CN=1989290d66cd6b4d024cb1bac254ca14e4c9ebaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4f:dc:da:b9:5a:ba:63:c1:88:a5:05:ae:ca:
                    d0:a1:3b:9f:75:ee:e9:e1:62:f4:44:0e:07:52:83:
                    a8:ed:39:e8:e1:d7:f5:80:7d:32:3d:25:f4:58:32:
                    32:8b:81:e2:8a:11:23:01:cf:d0:81:e4:fd:ae:6d:
                    bd:6b:2b:cd:0c:1d:4d:8d:4b:7a:24:a0:df:0f:81:
                    ca:ca:66:83:ad:78:e0:de:95:d9:05:7e:ea:b2:45:
                    e4:f2:99:a9:d0:35:7b:2d:4e:27:dc:8d:14:f5:22:
                    c0:cd:1e:9a:73:3d:eb:62:4f:7f:df:5e:3b:08:72:
                    e6:30:17:b5:70:71:a5:bc:b3:ac:d2:6f:34:9f:09:
                    ca:54:e2:9f:62:38:76:d2:7e:3e:33:4f:67:b2:b2:
                    37:27:6f:64:a0:ef:ab:17:c7:15:8a:26:80:d7:31:
                    8e:37:e4:bc:c4:48:c8:3a:77:bb:b7:4c:ed:e2:aa:
                    ce:3e:a8:4d:77:0b:b9:a7:30:91:73:a3:a4:eb:db:
                    65:71:a6:93:36:2c:e1:ac:34:83:d5:df:83:97:27:
                    a3:e1:a5:05:0b:eb:30:5e:f4:64:07:55:76:f5:ae:
                    1d:20:7a:ca:94:1a:98:e3:25:4b:35:24:20:46:bd:
                    32:e5:75:cc:74:04:79:6c:74:d9:dc:c9:57:45:48:
                    75:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:89:29:0D:66:CD:6B:4D:02:4C:B1:BA:C2:54:CA:14:E4:C9:EB:AF
            X509v3 Authority Key Identifier:
                keyid:03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:f6:33:b4:0a:cc:8b:42:03:82:0c:96:0a:77:fe:7a:5d:e8:
         a3:e2:70:83:00:3e:51:b6:82:bf:ab:cc:73:22:b8:9b:dd:e5:
         43:8f:b8:dd:85:07:bf:b2:a8:ca:6c:a2:6d:ec:8e:23:a3:55:
         2d:f6:bc:5a:14:36:d3:b5:8d:c5:ea:47:9d:f2:d1:72:42:56:
         df:05:9b:47:6b:ce:88:82:c8:9a:b7:83:46:c2:31:21:12:fb:
         d6:cc:d9:99:e2:2d:b2:dc:a3:ca:ec:e5:07:98:06:62:4c:96:
         77:88:de:b1:a3:f9:7e:41:33:a2:c3:cb:cf:78:a2:9b:cd:02:
         42:e2:03:af:71:41:e4:77:4b:e9:02:13:ed:d6:c3:49:af:ea:
         d7:ce:99:0c:4b:94:37:e6:c6:c3:92:4e:c6:3d:ce:38:fa:ae:
         27:cf:a0:04:cf:64:76:49:89:17:76:cd:51:3f:88:5c:3c:d1:
         49:2f:9a:f4:10:dc:0f:87:4b:21:f8:86:98:a8:0d:2c:a5:fc:
         30:19:48:02:1d:e0:23:15:37:62:a0:d9:50:86:f4:42:44:36:
         f2:ad:b0:00:b5:eb:1f:a7:b6:fa:b7:74:fb:23:25:17:01:aa:
         52:78:c4:fe:06:ae:02:0d:38:46:05:5c:6b:b5:e7:5e:28:07:
         d3:86:df:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oHwjMBTTNOz0YzrDadj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjg0N2IyOTcyMzVmYWYwNzE2ODZmZWQyYzFlOTEwYmY2
MDA0ODYwHhcNMjUwNjI4MTMwMTAwWhcNMjUwNjI5MTMwMTAwWjAzMTEwLwYDVQQD
EygxOTg5MjkwZDY2Y2Q2YjRkMDI0Y2IxYmFjMjU0Y2ExNGU0YzllYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE/c2rlaumPBiKUFrsrQoTufde7p
4WL0RA4HUoOo7Tno4df1gH0yPSX0WDIyi4HiihEjAc/QgeT9rm29ayvNDB1NjUt6
JKDfD4HKymaDrXjg3pXZBX7qskXk8pmp0DV7LU4n3I0U9SLAzR6acz3rYk9/3147
CHLmMBe1cHGlvLOs0m80nwnKVOKfYjh20n4+M09nsrI3J29koO+rF8cViiaA1zGO
N+S8xEjIOne7t0zt4qrOPqhNdwu5pzCRc6Ok69tlcaaTNizhrDSD1d+Dlyej4aUF
C+swXvRkB1V29a4dIHrKlBqY4yVLNSQgRr0y5XXMdAR5bHTZ3MlXRUh1swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmJKQ1mzWtNAkyxusJUyhTkyeuvMB8GA1UdIwQY
MBaAFANoR7KXI1+vBxaG/tLB6RC/YASGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjIt
YmRkNzMyOGU5NGNiLzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjItYmRkNzMyOGU5NGNi
LzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD/YztArM
i0IDggyWCnf+el3oo+JwgwA+UbaCv6vMcyK4m93lQ4+43YUHv7KoymyibeyOI6NV
Lfa8WhQ207WNxepHnfLRckJW3wWbR2vOiILImreDRsIxIRL71szZmeItstyjyuzl
B5gGYkyWd4jesaP5fkEzosPLz3iim80CQuIDr3FB5HdL6QIT7dbDSa/q186ZDEuU
N+bGw5JOxj3OOPquJ8+gBM9kdkmJF3bNUT+IXDzRSS+a9BDcD4dLIfiGmKgNLKX8
MBlIAh3gIxU3YqDZUIb0QkQ28q2wALXrH6e2+rd0+yMlFwGqUnjE/gauAg04RgVc
a7XnXigH04bftA==
-----END CERTIFICATE-----