Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
File:                     aU0ylbrOkvvFQHllxly2WWm60Cg.mft (raw, json)
Hash identifier:          Q9tiiecab7BGSqHhuys5jGHLY/QcflVPYzXQvN+AoB8=
Subject key identifier:   D4:FB:D6:64:7B:77:90:8D:C6:BE:ED:BD:BC:1F:30:82:1C:F2:AE:1F
Authority key identifier: 69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28
Certificate issuer:       /CN=694d3295bace92fbc5407965c65cb65969bad028
Certificate serial:       0198D6986C597272BD2C81C2F029CE6DC77F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
Manifest number:          0148
Signing time:             Sat 23 Aug 2025 11:02:50 +0000
Manifest this update:     Sat 23 Aug 2025 11:02:50 +0000
Manifest next update:     Sun 24 Aug 2025 11:02:50 +0000
Files and hashes:         1: aU0ylbrOkvvFQHllxly2WWm60Cg.crl (hash: aGZnvCjhysMT0EL7Q26XAu2ndDZ+jawzhuqggRSgjNI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 11:02:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:98:6c:59:72:72:bd:2c:81:c2:f0:29:ce:6d:c7:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=694d3295bace92fbc5407965c65cb65969bad028
        Validity
            Not Before: Aug 23 11:02:50 2025 GMT
            Not After : Aug 24 11:02:50 2025 GMT
        Subject: CN=d4fbd6647b77908dc6beedbdbc1f30821cf2ae1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:87:7a:b9:3d:a5:19:06:5d:99:0b:fd:cb:2e:
                    a4:59:57:11:29:48:fb:f6:15:d4:b7:b4:dd:83:f1:
                    28:27:81:f3:cd:26:aa:7f:19:54:2a:b6:a1:58:38:
                    e7:78:ef:87:7a:cb:5f:b0:f1:24:a4:62:2f:ef:8e:
                    4f:d1:7d:38:86:fb:9d:06:b3:26:e3:d0:7b:24:5a:
                    9d:cc:cb:70:ee:35:e2:8e:7d:90:64:f5:6d:6c:e9:
                    cc:0a:e7:88:f6:2b:cf:10:f7:cb:cc:1c:2f:73:28:
                    78:9c:53:e5:72:f5:3e:2c:f4:2c:f6:93:ce:f7:ed:
                    99:20:8a:21:69:9a:f0:bc:5e:b4:e3:e8:08:ea:27:
                    15:26:61:c0:45:f5:9b:97:84:aa:af:3e:4f:c7:52:
                    55:2c:04:a9:ae:46:05:be:c0:a1:b1:31:b2:aa:91:
                    52:38:ca:e2:e5:03:ed:cc:c1:fc:e3:44:fb:d8:d0:
                    7c:07:32:00:21:f0:7d:65:e2:95:09:e2:a4:17:ee:
                    18:6a:b7:c5:11:c9:7d:3b:bd:d4:6b:3f:c2:33:bc:
                    e5:58:90:ad:5c:77:13:7a:22:c6:0f:af:de:cf:47:
                    e0:3c:d7:85:2f:ba:58:e7:fc:84:76:64:82:94:4e:
                    1a:8c:e8:ef:c0:5d:6e:a1:b6:17:c1:c0:15:87:3d:
                    e8:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:FB:D6:64:7B:77:90:8D:C6:BE:ED:BD:BC:1F:30:82:1C:F2:AE:1F
            X509v3 Authority Key Identifier:
                keyid:69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:bf:16:56:3f:d9:a0:b6:c7:75:3c:74:e0:68:9d:01:7e:d1:
         6c:35:11:17:7f:ff:69:d0:05:f6:3c:10:96:ba:93:b8:3f:48:
         6a:07:97:29:4d:98:4d:39:61:32:74:36:51:99:c5:46:0c:e4:
         0e:72:40:dd:fc:c2:c5:68:81:07:a0:52:85:00:e1:52:db:17:
         f3:36:31:3a:08:2e:d3:27:21:f6:73:e5:ea:39:e5:21:e2:c6:
         e6:e0:15:06:d3:93:fd:d9:95:60:3e:e3:a6:06:b3:4e:8d:c4:
         f2:93:0e:fb:30:a1:89:1e:5f:46:6c:1c:b3:fb:ea:94:93:a9:
         b2:a6:97:02:0b:77:0a:a0:5d:76:fc:7f:d4:ce:03:ff:37:1d:
         0a:24:87:37:af:f3:97:fe:fe:82:79:8f:67:83:ae:89:d1:e3:
         1a:7b:a0:78:92:3d:37:03:7e:ff:4f:e7:9e:22:d5:58:6b:95:
         bb:92:a1:42:fe:82:73:5f:cc:a4:87:9e:52:17:d4:79:d6:01:
         ca:84:ee:e8:2f:15:f6:99:6f:10:b8:9e:94:61:fd:b7:22:8f:
         8b:ef:39:5c:bb:ef:65:d8:5c:d2:c1:fd:b9:44:c5:63:1a:b6:
         82:6a:51:85:98:1b:c9:94:34:0e:1b:0c:e4:a7:a3:6a:92:1c:
         08:2d:9d:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWmGxZcnK9LIHC8CnObcd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGQzMjk1YmFjZTkyZmJjNTQwNzk2NWM2NWNiNjU5Njli
YWQwMjgwHhcNMjUwODIzMTEwMjUwWhcNMjUwODI0MTEwMjUwWjAzMTEwLwYDVQQD
EyhkNGZiZDY2NDdiNzc5MDhkYzZiZWVkYmRiYzFmMzA4MjFjZjJhZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuId6uT2lGQZdmQv9yy6kWVcRKUj7
9hXUt7Tdg/EoJ4HzzSaqfxlUKrahWDjneO+HestfsPEkpGIv745P0X04hvudBrMm
49B7JFqdzMtw7jXijn2QZPVtbOnMCueI9ivPEPfLzBwvcyh4nFPlcvU+LPQs9pPO
9+2ZIIohaZrwvF604+gI6icVJmHARfWbl4Sqrz5Px1JVLASprkYFvsChsTGyqpFS
OMri5QPtzMH840T72NB8BzIAIfB9ZeKVCeKkF+4YarfFEcl9O73Uaz/CM7zlWJCt
XHcTeiLGD6/ez0fgPNeFL7pY5/yEdmSClE4ajOjvwF1uobYXwcAVhz3oRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNT71mR7d5CNxr7tvbwfMIIc8q4fMB8GA1UdIwQY
MBaAFGlNMpW6zpL7xUB5ZcZctllputAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgt
MjdlOTZiOTA0N2E4LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgtMjdlOTZiOTA0N2E4
LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjL8WVj/Z
oLbHdTx04GidAX7RbDURF3//adAF9jwQlrqTuD9IageXKU2YTTlhMnQ2UZnFRgzk
DnJA3fzCxWiBB6BShQDhUtsX8zYxOggu0ych9nPl6jnlIeLG5uAVBtOT/dmVYD7j
pgazTo3E8pMO+zChiR5fRmwcs/vqlJOpsqaXAgt3CqBddvx/1M4D/zcdCiSHN6/z
l/7+gnmPZ4OuidHjGnugeJI9NwN+/0/nniLVWGuVu5KhQv6Cc1/MpIeeUhfUedYB
yoTu6C8V9plvELielGH9tyKPi+85XLvvZdhc0sH9uUTFYxq2gmpRhZgbyZQ0DhsM
5KejapIcCC2dTQ==
-----END CERTIFICATE-----