Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          4dADbCToaxR2csT0tQbkypkqZIYcRMBun8EPSV687MU=
Subject key identifier:   79:DF:B7:0A:94:86:D2:68:00:D5:A8:0A:74:5F:E9:0C:1B:D7:0C:35
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       0198D5BB7754D0B4A3ED1629B92058567DB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          120D
Signing time:             Sat 23 Aug 2025 07:01:29 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:29 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:29 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: Pl0LtgJaOh3iyC4l7PuhV6+Jjsn9ttTDqmet3nSNrtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:77:54:d0:b4:a3:ed:16:29:b9:20:58:56:7d:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: Aug 23 07:01:29 2025 GMT
            Not After : Aug 24 07:01:29 2025 GMT
        Subject: CN=79dfb70a9486d26800d5a80a745fe90c1bd70c35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:c5:36:24:ca:1c:cc:c2:ec:fd:03:4a:d0:97:
                    a7:be:67:d2:d1:8e:92:ee:5d:cf:d2:08:20:b8:c5:
                    56:97:bd:48:33:7d:be:3c:2c:50:90:11:00:78:c1:
                    83:93:39:f5:ce:b2:12:39:54:0e:8f:8e:bd:2b:cf:
                    13:a1:2c:b7:15:76:3a:0b:9d:b6:d4:5c:5f:f9:9a:
                    ad:96:87:fd:bd:10:31:bd:4a:1a:b9:29:4f:99:3a:
                    d5:5e:12:a4:fe:fe:2a:9f:3d:7e:f2:37:3c:f1:88:
                    26:4a:4a:67:ed:87:7e:53:eb:a1:6b:54:37:b9:54:
                    65:1f:9a:8b:d9:f5:06:57:b1:da:17:a2:c5:61:45:
                    c5:76:09:fb:69:75:d5:74:2c:2e:d7:49:df:4d:53:
                    c5:2e:85:e9:54:c9:10:6a:be:79:2a:ff:d2:a9:00:
                    c2:55:a8:ec:23:3d:2c:5b:a3:3a:da:18:65:e0:b8:
                    ae:67:e6:8f:df:bf:98:ee:ec:79:6c:d6:f6:de:c9:
                    05:07:a6:09:c3:3e:8e:42:c8:f1:1c:73:59:8a:cc:
                    60:e3:a0:83:82:97:cb:bb:3e:06:aa:98:e4:f5:f0:
                    69:5b:49:bc:14:78:42:3c:b4:cf:10:37:c9:02:80:
                    54:9d:8f:6e:0b:4c:da:b5:f2:41:3f:ac:f3:a8:dd:
                    0d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:DF:B7:0A:94:86:D2:68:00:D5:A8:0A:74:5F:E9:0C:1B:D7:0C:35
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:24:10:f8:4f:97:60:c7:6d:21:eb:83:53:3a:a3:f5:3f:17:
         80:5b:46:67:1d:c2:95:d5:34:0c:29:ae:c3:8b:51:ac:7d:10:
         ee:0d:aa:bc:b9:a0:8b:a9:c9:11:df:60:a6:0d:33:aa:95:10:
         14:ac:7c:16:ff:5c:b0:a0:d4:4b:77:0a:7e:de:7c:e9:9e:4b:
         e8:7e:07:da:79:45:cb:09:46:f1:52:82:47:90:08:76:09:ea:
         6f:2b:8c:38:ff:93:2a:77:88:15:51:89:81:32:e6:57:72:44:
         73:aa:f1:93:d3:a5:b9:06:28:82:ca:d6:2f:03:a0:de:77:b4:
         06:a8:ac:9d:a7:ac:21:9d:06:0d:6b:70:62:4d:87:92:82:05:
         9f:ec:c8:77:1c:60:26:1d:ab:5a:c0:f0:7e:bd:d2:31:1d:4e:
         05:08:63:e4:f8:82:98:9d:03:c5:53:08:0f:21:a1:36:73:34:
         ec:fa:a6:b0:ea:84:26:2c:c4:13:c5:bc:ec:b2:ca:ee:52:d2:
         ba:a6:f3:6d:90:b5:d3:12:8c:50:14:a7:98:c0:77:18:30:3e:
         32:6e:bb:8c:df:04:e0:f4:28:99:96:6c:8d:bf:f9:89:ff:c8:
         4d:e5:67:fb:8f:b0:c5:63:e6:1d:f8:17:d8:8b:39:09:fe:bc:
         15:06:e6:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu3dU0LSj7RYpuSBYVn20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjUwODIzMDcwMTI5WhcNMjUwODI0MDcwMTI5WjAzMTEwLwYDVQQD
Eyg3OWRmYjcwYTk0ODZkMjY4MDBkNWE4MGE3NDVmZTkwYzFiZDcwYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcU2JMoczMLs/QNK0JenvmfS0Y6S
7l3P0ggguMVWl71IM32+PCxQkBEAeMGDkzn1zrISOVQOj469K88ToSy3FXY6C522
1Fxf+Zqtlof9vRAxvUoauSlPmTrVXhKk/v4qnz1+8jc88YgmSkpn7Yd+U+uha1Q3
uVRlH5qL2fUGV7HaF6LFYUXFdgn7aXXVdCwu10nfTVPFLoXpVMkQar55Kv/SqQDC
VajsIz0sW6M62hhl4LiuZ+aP37+Y7ux5bNb23skFB6YJwz6OQsjxHHNZisxg46CD
gpfLuz4Gqpjk9fBpW0m8FHhCPLTPEDfJAoBUnY9uC0zatfJBP6zzqN0N7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnftwqUhtJoANWoCnRf6Qwb1ww1MB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAESQQ+E+X
YMdtIeuDUzqj9T8XgFtGZx3CldU0DCmuw4tRrH0Q7g2qvLmgi6nJEd9gpg0zqpUQ
FKx8Fv9csKDUS3cKft586Z5L6H4H2nlFywlG8VKCR5AIdgnqbyuMOP+TKneIFVGJ
gTLmV3JEc6rxk9OluQYogsrWLwOg3ne0BqisnaesIZ0GDWtwYk2HkoIFn+zIdxxg
Jh2rWsDwfr3SMR1OBQhj5PiCmJ0DxVMIDyGhNnM07PqmsOqEJizEE8W87LLK7lLS
uqbzbZC10xKMUBSnmMB3GDA+Mm67jN8E4PQomZZsjb/5if/ITeVn+4+wxWPmHfgX
2Is5Cf68FQbm3Q==
-----END CERTIFICATE-----