Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          NTl8g/h451o7mO6MzvefR+KUmqSvZDB6Z4wczlaK15g=
Subject key identifier:   B3:15:AE:5E:0E:F0:A4:FB:7F:A5:D5:E2:CF:DF:3A:91:4C:5F:A2:47
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       0197B7EA241082173468DFC3C332DDEE91A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          1179
Signing time:             Sat 28 Jun 2025 19:01:04 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:04 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:04 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: NxPX4h9KOTbxUAwSz61F71V9IcoYXk3khDe75nxpeqY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:24:10:82:17:34:68:df:c3:c3:32:dd:ee:91:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: Jun 28 19:01:04 2025 GMT
            Not After : Jun 29 19:01:04 2025 GMT
        Subject: CN=b315ae5e0ef0a4fb7fa5d5e2cfdf3a914c5fa247
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:07:fe:14:62:4b:03:8c:b8:1d:8d:e4:71:fe:
                    1e:ce:db:e2:9a:4e:4f:81:38:c6:ec:fa:41:a2:2b:
                    d4:7c:34:ff:e1:6a:a3:3a:16:ba:56:33:36:ab:bd:
                    c1:02:8c:5b:28:d9:3d:d5:d7:fd:2f:21:6e:da:bf:
                    bc:ce:57:4f:ad:74:91:10:43:42:aa:5d:b0:08:69:
                    02:c7:4b:a7:55:d1:92:96:da:4a:f3:60:12:65:a4:
                    09:d4:f7:8b:25:1d:4a:3c:3e:70:93:e7:a4:fb:ab:
                    d2:7d:fc:a5:f0:a0:2b:d5:67:85:ad:39:98:9f:7d:
                    de:bc:96:7a:2b:fd:b6:da:83:df:84:66:e8:b2:19:
                    6a:0a:17:8d:be:5c:2d:57:70:df:99:12:46:97:59:
                    61:d9:6a:65:a6:b6:de:55:11:8e:24:a2:5c:3c:a3:
                    e2:f9:fa:65:00:ce:ee:f3:3f:8e:33:3e:7d:84:bc:
                    3a:50:a5:5c:07:f0:90:cc:f7:71:63:8e:17:25:e2:
                    be:ec:7b:b5:ee:27:7c:fa:a6:f4:b2:fd:06:bc:30:
                    3a:59:65:1a:be:5f:a5:81:1e:d1:47:c9:dc:01:4c:
                    9c:29:66:30:bc:78:3f:80:1c:ef:ac:25:47:fe:74:
                    75:49:31:0c:c4:c1:14:d9:22:be:2f:c5:9e:49:16:
                    b0:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:15:AE:5E:0E:F0:A4:FB:7F:A5:D5:E2:CF:DF:3A:91:4C:5F:A2:47
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:7d:87:9d:72:c9:86:5a:84:14:3f:6c:16:e8:f8:b4:3e:7b:
         a8:67:05:a6:e5:71:ad:3d:7d:0a:a4:db:de:cf:a9:4f:20:4e:
         08:26:54:62:b5:b1:23:a5:4f:77:f4:3e:a6:7a:c3:d1:73:17:
         2f:60:72:dd:36:e8:1b:be:b0:0a:b8:1e:8a:cb:d8:9e:7f:52:
         64:9d:57:7e:2a:72:66:90:63:c4:93:54:7b:13:f6:16:71:00:
         4c:51:54:2d:cf:09:24:ee:13:4c:d3:47:cc:bc:e8:ee:02:73:
         45:00:ec:ed:97:a9:05:02:b6:0a:a9:5d:b3:1f:f7:e4:0e:d2:
         21:57:9a:5f:5c:56:53:a9:5a:0e:f6:37:5d:d9:b4:41:c5:ca:
         bc:7b:fd:30:d5:21:a2:df:6d:c3:72:98:65:24:28:bf:26:f1:
         ba:f0:1d:d1:2c:e3:cd:1e:90:a9:22:9c:29:40:83:e2:c8:67:
         0f:f9:a6:11:15:1c:9e:43:cf:01:51:94:1c:05:45:b3:c5:11:
         b7:e5:dd:57:b6:f7:ef:0f:d3:65:72:65:d2:ea:09:66:9e:b7:
         ef:e2:b1:0a:58:fd:78:67:f8:c3:de:df:77:ac:c1:7e:23:80:
         41:7b:b9:4f:0d:62:03:93:2c:b1:78:65:6d:6b:17:e0:7a:17:
         c3:72:51:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36iQQghc0aN/DwzLd7pGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjUwNjI4MTkwMTA0WhcNMjUwNjI5MTkwMTA0WjAzMTEwLwYDVQQD
EyhiMzE1YWU1ZTBlZjBhNGZiN2ZhNWQ1ZTJjZmRmM2E5MTRjNWZhMjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Qf+FGJLA4y4HY3kcf4eztvimk5P
gTjG7PpBoivUfDT/4WqjOha6VjM2q73BAoxbKNk91df9LyFu2r+8zldPrXSREENC
ql2wCGkCx0unVdGSltpK82ASZaQJ1PeLJR1KPD5wk+ek+6vSffyl8KAr1WeFrTmY
n33evJZ6K/222oPfhGboshlqCheNvlwtV3DfmRJGl1lh2WplprbeVRGOJKJcPKPi
+fplAM7u8z+OMz59hLw6UKVcB/CQzPdxY44XJeK+7Hu17id8+qb0sv0GvDA6WWUa
vl+lgR7RR8ncAUycKWYwvHg/gBzvrCVH/nR1STEMxMEU2SK+L8WeSRawsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMVrl4O8KT7f6XV4s/fOpFMX6JHMB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADX2HnXLJ
hlqEFD9sFuj4tD57qGcFpuVxrT19CqTb3s+pTyBOCCZUYrWxI6VPd/Q+pnrD0XMX
L2By3TboG76wCrgeisvYnn9SZJ1XfipyZpBjxJNUexP2FnEATFFULc8JJO4TTNNH
zLzo7gJzRQDs7ZepBQK2Cqldsx/35A7SIVeaX1xWU6laDvY3Xdm0QcXKvHv9MNUh
ot9tw3KYZSQovybxuvAd0SzjzR6QqSKcKUCD4shnD/mmERUcnkPPAVGUHAVFs8UR
t+XdV7b37w/TZXJl0uoJZp637+KxClj9eGf4w97fd6zBfiOAQXu5Tw1iA5MssXhl
bWsX4HoXw3JRIA==
-----END CERTIFICATE-----