Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a9e8fa-41d7-4bc6-9841-05a83ed70bc3/1/A-aapu504w79uBm5yxvyHnhub6M.mft
File:                     A-aapu504w79uBm5yxvyHnhub6M.mft (raw, json)
Hash identifier:          wXroaAcVTqjzRVx/5IW2U/yjyu9/7Aa7oI7r18eQSY0=
Subject key identifier:   5D:1D:EB:A5:38:F8:50:03:92:FE:6E:6E:FF:2F:3C:15:AE:D5:94:38
Authority key identifier: 03:E6:9A:A6:EE:74:E3:0E:FD:B8:19:B9:CB:1B:F2:1E:78:6E:6F:A3
Certificate issuer:       /CN=03e69aa6ee74e30efdb819b9cb1bf21e786e6fa3
Certificate serial:       0197B821354F995130F33BB7A8234EFB37E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A-aapu504w79uBm5yxvyHnhub6M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/a9e8fa-41d7-4bc6-9841-05a83ed70bc3/1/A-aapu504w79uBm5yxvyHnhub6M.mft
Manifest number:          0452
Signing time:             Sat 28 Jun 2025 20:01:13 +0000
Manifest this update:     Sat 28 Jun 2025 20:01:13 +0000
Manifest next update:     Sun 29 Jun 2025 20:01:13 +0000
Files and hashes:         1: A-aapu504w79uBm5yxvyHnhub6M.crl (hash: 1+h2UL8se+Hy1ET71hSD8gv/WVjSdhx7EE0LpWBbPmI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/a9e8fa-41d7-4bc6-9841-05a83ed70bc3/1/A-aapu504w79uBm5yxvyHnhub6M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/a9e8fa-41d7-4bc6-9841-05a83ed70bc3/1/A-aapu504w79uBm5yxvyHnhub6M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A-aapu504w79uBm5yxvyHnhub6M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:21:35:4f:99:51:30:f3:3b:b7:a8:23:4e:fb:37:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03e69aa6ee74e30efdb819b9cb1bf21e786e6fa3
        Validity
            Not Before: Jun 28 20:01:13 2025 GMT
            Not After : Jun 29 20:01:13 2025 GMT
        Subject: CN=5d1deba538f8500392fe6e6eff2f3c15aed59438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:19:ea:c9:34:6b:30:36:e1:37:ec:15:4b:f8:
                    c5:16:a0:1e:b8:8a:bc:74:39:be:cb:4d:74:18:eb:
                    dc:73:23:dd:3e:45:93:68:51:ff:b8:99:41:24:e6:
                    f4:33:70:6a:d4:1a:1e:34:46:ae:bf:39:aa:c7:72:
                    4d:f3:5c:be:52:a5:cf:7f:ec:42:bd:14:c9:23:c2:
                    36:e4:ef:75:60:2d:2b:78:a2:0e:41:03:8a:94:d5:
                    d2:94:02:84:85:e6:c3:8d:e1:d5:92:57:f3:a1:16:
                    25:ed:ab:3d:cd:0f:9b:66:63:20:8c:30:55:48:08:
                    be:dd:ca:93:40:b4:89:a0:41:a0:8c:59:5d:91:bd:
                    91:62:1d:c5:fd:2f:47:af:c9:51:f0:2f:60:a1:09:
                    c7:0d:e3:1c:ff:b5:c1:b8:f3:bf:1a:ae:73:fa:f5:
                    6b:c3:96:1d:d0:8c:0f:73:1a:44:73:c3:cb:8f:ea:
                    94:5e:51:12:07:9c:e8:ca:06:2e:fc:c1:ae:69:32:
                    40:ee:b9:b3:f3:40:ad:d1:66:85:7d:b2:1e:5f:6d:
                    04:87:6f:fb:08:bb:cd:e9:f1:71:a8:5f:64:ab:0e:
                    4b:4e:8a:a0:9a:cf:38:03:5c:af:bd:9a:ab:19:10:
                    ce:62:64:1d:18:a4:6c:e4:da:01:d1:77:98:e3:0c:
                    95:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:1D:EB:A5:38:F8:50:03:92:FE:6E:6E:FF:2F:3C:15:AE:D5:94:38
            X509v3 Authority Key Identifier:
                keyid:03:E6:9A:A6:EE:74:E3:0E:FD:B8:19:B9:CB:1B:F2:1E:78:6E:6F:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-aapu504w79uBm5yxvyHnhub6M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a9e8fa-41d7-4bc6-9841-05a83ed70bc3/1/A-aapu504w79uBm5yxvyHnhub6M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a9e8fa-41d7-4bc6-9841-05a83ed70bc3/1/A-aapu504w79uBm5yxvyHnhub6M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:e1:3a:66:2a:0f:3b:1c:b7:cf:eb:dc:07:76:cf:72:3e:c0:
         72:5d:31:d4:2b:37:a2:a1:9b:60:56:d5:94:30:85:bf:9e:8b:
         d1:af:a4:4a:85:0f:7f:25:d2:16:7c:83:18:20:3b:de:5c:bf:
         cf:a0:75:46:7e:aa:2a:14:f1:3b:bf:9a:d2:28:cb:54:05:81:
         57:a2:eb:ec:ff:0b:17:e5:4c:78:ee:80:14:37:e8:a7:f4:e4:
         f4:4c:01:cf:76:fe:c5:81:03:7a:e1:80:81:8f:36:a5:44:a4:
         17:af:fe:b8:7b:8b:7d:72:be:3b:5a:f0:58:88:0c:19:a9:1e:
         1d:58:1d:14:7c:ce:b9:44:ce:cf:9c:48:f2:eb:94:b0:f7:db:
         d3:2d:83:dc:98:1c:f1:7a:21:a6:8e:0d:76:3d:66:b1:96:61:
         ef:59:ba:fd:c3:96:26:df:77:21:9d:6a:fb:ad:fe:d2:2d:d1:
         77:30:fe:ef:2b:d8:54:33:bf:9b:9f:21:93:f9:e4:0e:80:46:
         83:b0:a5:fe:0b:ab:27:43:b6:06:c2:58:57:9d:c3:6d:4e:b7:
         05:c8:ff:81:4c:d1:20:60:97:07:c4:b5:b9:cc:3b:0f:9f:c6:
         35:4f:3e:e8:e4:f0:fb:9f:e1:0b:ab:5a:11:c2:e5:fd:63:02:
         06:df:22:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4ITVPmVEw8zu3qCNO+zfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZTY5YWE2ZWU3NGUzMGVmZGI4MTliOWNiMWJmMjFlNzg2
ZTZmYTMwHhcNMjUwNjI4MjAwMTEzWhcNMjUwNjI5MjAwMTEzWjAzMTEwLwYDVQQD
Eyg1ZDFkZWJhNTM4Zjg1MDAzOTJmZTZlNmVmZjJmM2MxNWFlZDU5NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RnqyTRrMDbhN+wVS/jFFqAeuIq8
dDm+y010GOvccyPdPkWTaFH/uJlBJOb0M3Bq1BoeNEauvzmqx3JN81y+UqXPf+xC
vRTJI8I25O91YC0reKIOQQOKlNXSlAKEhebDjeHVklfzoRYl7as9zQ+bZmMgjDBV
SAi+3cqTQLSJoEGgjFldkb2RYh3F/S9Hr8lR8C9goQnHDeMc/7XBuPO/Gq5z+vVr
w5Yd0IwPcxpEc8PLj+qUXlESB5zoygYu/MGuaTJA7rmz80Ct0WaFfbIeX20Eh2/7
CLvN6fFxqF9kqw5LToqgms84A1yvvZqrGRDOYmQdGKRs5NoB0XeY4wyVrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0d66U4+FADkv5ubv8vPBWu1ZQ4MB8GA1UdIwQY
MBaAFAPmmqbudOMO/bgZucsb8h54bm+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQS1hYXB1NTA0dzc5dUJtNXl4dnlIbmh1YjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hOWU4ZmEtNDFkNy00YmM2LTk4NDEt
MDVhODNlZDcwYmMzLzEvQS1hYXB1NTA0dzc5dUJtNXl4dnlIbmh1YjZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hOWU4ZmEtNDFkNy00YmM2LTk4NDEtMDVhODNlZDcwYmMz
LzEvQS1hYXB1NTA0dzc5dUJtNXl4dnlIbmh1YjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdeE6ZioP
Oxy3z+vcB3bPcj7Acl0x1Cs3oqGbYFbVlDCFv56L0a+kSoUPfyXSFnyDGCA73ly/
z6B1Rn6qKhTxO7+a0ijLVAWBV6Lr7P8LF+VMeO6AFDfop/Tk9EwBz3b+xYEDeuGA
gY82pUSkF6/+uHuLfXK+O1rwWIgMGakeHVgdFHzOuUTOz5xI8uuUsPfb0y2D3Jgc
8Xohpo4Ndj1msZZh71m6/cOWJt93IZ1q+63+0i3RdzD+7yvYVDO/m58hk/nkDoBG
g7Cl/gurJ0O2BsJYV53DbU63Bcj/gUzRIGCXB8S1ucw7D5/GNU8+6OTw+5/hC6ta
EcLl/WMCBt8i9g==
-----END CERTIFICATE-----