Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
File:                     aajmjRKuKTryNpBDzVmgINrCQGI.mft (raw, json)
Hash identifier:          QZAgJJlV19f6diV38wJ+jMNehttzoBpkOizaQlZFink=
Subject key identifier:   7E:41:EB:A7:15:A2:57:C4:75:2D:F0:76:2B:CD:F2:8D:24:DB:DA:61
Authority key identifier: 69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62
Certificate issuer:       /CN=69a8e68d12ae293af2369043cd59a020dac24062
Certificate serial:       0196BDEE70ABDDA23DA9218B2A62B7ED4F55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
Manifest number:          0A26
Signing time:             Sun 11 May 2025 06:00:42 +0000
Manifest this update:     Sun 11 May 2025 06:00:42 +0000
Manifest next update:     Mon 12 May 2025 06:00:42 +0000
Files and hashes:         1: aajmjRKuKTryNpBDzVmgINrCQGI.crl (hash: QF+B4tulQgYQj+d7/nCfNzUjRuf+vYCfzH7SwW9oWDM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 06:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:ee:70:ab:dd:a2:3d:a9:21:8b:2a:62:b7:ed:4f:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a8e68d12ae293af2369043cd59a020dac24062
        Validity
            Not Before: May 11 06:00:42 2025 GMT
            Not After : May 12 06:00:42 2025 GMT
        Subject: CN=7e41eba715a257c4752df0762bcdf28d24dbda61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d2:5c:17:be:44:55:fd:e3:bf:a9:51:39:15:
                    6b:ba:db:fa:35:64:c2:67:8e:a3:11:bf:49:79:01:
                    1c:8d:86:ef:79:eb:f0:5a:fc:55:86:78:ff:12:1e:
                    18:64:77:c5:04:bc:46:c0:d7:e1:1d:b7:d5:c6:5a:
                    37:20:ac:cd:d6:06:94:87:79:03:94:43:ed:f8:74:
                    e8:85:14:11:6b:40:b2:ab:85:e2:b0:c1:5c:62:5d:
                    ac:62:94:13:1f:9a:a8:b7:6a:14:6c:3e:ba:10:8e:
                    c4:33:2e:74:c7:ad:a0:6a:e3:05:47:20:54:85:d7:
                    47:29:17:09:10:43:a7:a9:5e:09:11:6a:51:69:e6:
                    b0:43:71:4a:10:6d:a0:6d:46:8f:2e:5b:d2:85:90:
                    9d:60:a5:de:02:cd:ac:6a:10:a4:42:aa:7e:b1:78:
                    55:75:bd:a5:c0:81:a8:a1:46:66:47:d4:3a:6d:e8:
                    cb:e8:1c:77:ac:f3:b7:bb:26:c9:22:1c:a5:91:57:
                    25:49:51:a9:96:b7:a1:8a:e2:d8:ba:24:2d:f5:96:
                    2c:ce:7d:90:a2:bc:60:7f:6c:34:62:5f:76:94:09:
                    f8:29:ec:ba:5f:09:34:02:5f:71:28:5e:2a:c7:be:
                    eb:39:43:f6:21:08:2c:67:cc:57:fe:72:88:19:ce:
                    44:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:41:EB:A7:15:A2:57:C4:75:2D:F0:76:2B:CD:F2:8D:24:DB:DA:61
            X509v3 Authority Key Identifier:
                keyid:69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:71:60:e5:4b:e4:29:26:e3:95:aa:a4:ee:64:9c:82:29:9e:
         a2:a2:ad:c1:75:8f:0d:98:9b:5d:0c:f1:70:61:6f:03:5f:6f:
         05:41:49:08:ba:ef:39:61:92:31:1c:1e:c1:0f:b9:5e:89:33:
         9f:e1:0c:d2:19:1d:9b:e3:3a:25:35:38:91:4f:92:d8:f7:b5:
         34:c7:94:51:a0:88:70:93:1b:1b:b1:c1:a5:dc:6e:31:02:c5:
         ed:25:50:f2:74:8b:cf:a8:65:2f:c0:05:2d:52:af:c4:43:fb:
         75:67:3d:f3:66:c9:d8:06:9e:c4:44:a0:8a:d6:a9:f0:99:1e:
         20:00:83:c2:86:28:dc:4f:fc:6f:73:69:ee:81:db:3f:9c:b4:
         c1:ec:d5:ca:13:29:30:30:68:2f:f7:50:2b:29:af:1f:3e:84:
         be:c7:2c:8b:5d:a6:09:2a:8c:15:3a:b2:e2:ec:f0:1a:41:e0:
         4d:ec:67:11:dc:22:f5:0a:c3:31:46:a8:96:5a:9b:1b:5b:51:
         e1:17:de:25:b6:8a:73:12:06:7d:9e:99:d0:90:02:25:19:f8:
         ab:97:d4:68:18:db:4a:54:02:61:20:f9:9b:b5:06:ae:12:2d:
         c5:a0:55:fb:2a:e8:5f:e0:cb:59:11:7a:1a:59:95:e4:0d:11:
         a7:11:e3:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa97nCr3aI9qSGLKmK37U9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YThlNjhkMTJhZTI5M2FmMjM2OTA0M2NkNTlhMDIwZGFj
MjQwNjIwHhcNMjUwNTExMDYwMDQyWhcNMjUwNTEyMDYwMDQyWjAzMTEwLwYDVQQD
Eyg3ZTQxZWJhNzE1YTI1N2M0NzUyZGYwNzYyYmNkZjI4ZDI0ZGJkYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNJcF75EVf3jv6lRORVrutv6NWTC
Z46jEb9JeQEcjYbveevwWvxVhnj/Eh4YZHfFBLxGwNfhHbfVxlo3IKzN1gaUh3kD
lEPt+HTohRQRa0Cyq4XisMFcYl2sYpQTH5qot2oUbD66EI7EMy50x62gauMFRyBU
hddHKRcJEEOnqV4JEWpRaeawQ3FKEG2gbUaPLlvShZCdYKXeAs2sahCkQqp+sXhV
db2lwIGooUZmR9Q6bejL6Bx3rPO3uybJIhylkVclSVGplrehiuLYuiQt9ZYszn2Q
orxgf2w0Yl92lAn4Key6Xwk0Al9xKF4qx77rOUP2IQgsZ8xX/nKIGc5E8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5B66cVolfEdS3wdivN8o0k29phMB8GA1UdIwQY
MBaAFGmo5o0Srik68jaQQ81ZoCDawkBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQt
Mzg4MjA1NDg3NTVjLzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQtMzg4MjA1NDg3NTVj
LzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn3Fg5Uvk
KSbjlaqk7mScgimeoqKtwXWPDZibXQzxcGFvA19vBUFJCLrvOWGSMRwewQ+5Xokz
n+EM0hkdm+M6JTU4kU+S2Pe1NMeUUaCIcJMbG7HBpdxuMQLF7SVQ8nSLz6hlL8AF
LVKvxEP7dWc982bJ2AaexESgitap8JkeIACDwoYo3E/8b3Np7oHbP5y0wezVyhMp
MDBoL/dQKymvHz6Evscsi12mCSqMFTqy4uzwGkHgTexnEdwi9QrDMUaollqbG1tR
4RfeJbaKcxIGfZ6Z0JACJRn4q5fUaBjbSlQCYSD5m7UGrhItxaBV+yroX+DLWRF6
GlmV5A0RpxHjtw==
-----END CERTIFICATE-----