Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
File:                     k4EH0RRkaaEaY-X10tfbj28717M.mft (raw, json)
Hash identifier:          zC+7TAXs7AVIx2KC417hleufOHDfRouz9UipCCCxIFE=
Subject key identifier:   03:24:94:35:06:01:74:66:BA:D7:25:8C:76:36:C6:EC:57:0B:50:D3
Authority key identifier: 93:81:07:D1:14:64:69:A1:1A:63:E5:F5:D2:D7:DB:8F:6F:3B:D7:B3
Certificate issuer:       /CN=938107d1146469a11a63e5f5d2d7db8f6f3bd7b3
Certificate serial:       0197CBE03105F2E24B1A1F4A822ADF5542AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
Manifest number:          0624
Signing time:             Wed 02 Jul 2025 16:02:36 +0000
Manifest this update:     Wed 02 Jul 2025 16:02:36 +0000
Manifest next update:     Thu 03 Jul 2025 16:02:36 +0000
Files and hashes:         1: k4EH0RRkaaEaY-X10tfbj28717M.crl (hash: TuP80FNdY5aS+BFiTD9xx1UIxvL8APpgLy/vVXoMV7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 16:02:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:e0:31:05:f2:e2:4b:1a:1f:4a:82:2a:df:55:42:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=938107d1146469a11a63e5f5d2d7db8f6f3bd7b3
        Validity
            Not Before: Jul  2 16:02:36 2025 GMT
            Not After : Jul  3 16:02:36 2025 GMT
        Subject: CN=0324943506017466bad7258c7636c6ec570b50d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:20:3e:9a:93:50:45:52:21:6a:d1:1e:85:84:
                    b2:cd:7e:a3:5a:ac:ba:25:e8:aa:c4:c6:f4:31:ed:
                    4b:19:00:08:c2:0a:72:58:a8:15:a2:bc:ae:ed:90:
                    94:47:b1:53:6f:3b:ff:6d:3e:13:39:d0:04:88:1b:
                    3d:5d:15:47:de:cd:7f:b5:a2:bb:c4:90:2c:ff:de:
                    cb:e8:fc:a3:2c:c1:e6:bd:1a:00:fd:bc:21:90:a9:
                    f7:ac:70:35:89:56:04:41:a2:28:ba:41:90:8e:ce:
                    58:1b:63:ba:b9:6d:d4:11:17:35:6d:e3:fe:1f:c5:
                    01:df:dd:17:38:0f:e7:ef:4f:73:c4:e5:9a:31:86:
                    e8:f6:af:32:17:84:a1:86:5c:a4:6e:e7:fc:24:09:
                    b6:06:ad:bf:a9:49:df:e9:30:24:9e:36:0d:88:51:
                    43:b4:6d:0d:d6:e2:3d:d1:9c:84:5a:8f:bd:59:2a:
                    77:99:ff:32:f2:c7:66:0e:46:90:d3:f0:be:6c:11:
                    00:fe:47:e7:f4:ec:33:6c:90:60:f4:7c:1e:26:37:
                    2e:70:13:14:b9:f0:2a:29:fa:7f:f9:7c:07:de:c9:
                    e1:f5:b4:77:2b:9c:18:ec:99:e2:b9:a9:ed:c6:20:
                    3d:1a:43:d9:aa:72:8f:0c:4a:28:f8:bc:dd:36:0c:
                    52:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:24:94:35:06:01:74:66:BA:D7:25:8C:76:36:C6:EC:57:0B:50:D3
            X509v3 Authority Key Identifier:
                keyid:93:81:07:D1:14:64:69:A1:1A:63:E5:F5:D2:D7:DB:8F:6F:3B:D7:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k4EH0RRkaaEaY-X10tfbj28717M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/aff4a9-3c5e-4a71-b524-cbc6ccc08932/1/k4EH0RRkaaEaY-X10tfbj28717M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:80:b2:a1:dc:0a:18:19:0e:db:db:03:2e:3f:99:70:ba:e3:
         fa:10:1f:ef:e7:db:6b:60:25:f2:53:1d:76:e0:77:1b:42:36:
         47:40:3a:8b:7d:ee:54:b6:7b:5f:9a:7b:6c:7d:54:ca:a1:5c:
         e2:42:e2:75:b4:29:c9:bc:89:41:48:1f:66:3a:c6:72:c2:71:
         06:e2:e5:3e:d8:61:f4:bc:75:e3:6c:49:ec:56:ef:b3:ad:b8:
         6c:86:22:5b:40:9b:b3:83:b6:c0:c7:ac:e4:2a:13:ba:6f:60:
         6a:49:dc:ae:36:22:33:c2:8f:35:5d:43:73:e8:4c:69:d1:3c:
         11:e3:90:47:06:b3:b5:7d:04:55:f7:58:0b:48:52:e4:28:ec:
         73:f5:ec:34:fb:0c:d3:e3:cb:92:63:c1:16:db:7d:7a:ad:89:
         68:eb:43:a9:7c:c6:41:32:8a:68:01:8c:a6:63:9d:ce:26:7f:
         9e:50:9f:cc:e2:d0:6e:64:76:4c:c1:4f:f3:da:b1:37:25:7f:
         b3:03:b8:5e:7b:30:67:ad:a1:b4:81:ee:c2:6b:7f:81:cf:0e:
         05:c1:c6:d7:ba:c7:f2:81:c6:6b:1e:05:19:f6:25:81:e1:93:
         14:7f:0f:29:89:01:ac:42:1f:fa:d5:4f:49:d9:6f:5f:31:79:
         21:7e:fb:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL4DEF8uJLGh9KgirfVUKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzODEwN2QxMTQ2NDY5YTExYTYzZTVmNWQyZDdkYjhmNmYz
YmQ3YjMwHhcNMjUwNzAyMTYwMjM2WhcNMjUwNzAzMTYwMjM2WjAzMTEwLwYDVQQD
EygwMzI0OTQzNTA2MDE3NDY2YmFkNzI1OGM3NjM2YzZlYzU3MGI1MGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCA+mpNQRVIhatEehYSyzX6jWqy6
JeiqxMb0Me1LGQAIwgpyWKgVoryu7ZCUR7FTbzv/bT4TOdAEiBs9XRVH3s1/taK7
xJAs/97L6PyjLMHmvRoA/bwhkKn3rHA1iVYEQaIoukGQjs5YG2O6uW3UERc1beP+
H8UB390XOA/n709zxOWaMYbo9q8yF4Shhlykbuf8JAm2Bq2/qUnf6TAknjYNiFFD
tG0N1uI90ZyEWo+9WSp3mf8y8sdmDkaQ0/C+bBEA/kfn9OwzbJBg9HweJjcucBMU
ufAqKfp/+XwH3snh9bR3K5wY7JniuantxiA9GkPZqnKPDEoo+LzdNgxSqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMklDUGAXRmutcljHY2xuxXC1DTMB8GA1UdIwQY
MBaAFJOBB9EUZGmhGmPl9dLX249vO9ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hZmY0YTktM2M1ZS00YTcxLWI1MjQt
Y2JjNmNjYzA4OTMyLzEvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hZmY0YTktM2M1ZS00YTcxLWI1MjQtY2JjNmNjYzA4OTMy
LzEvazRFSDBSUmthYUVhWS1YMTB0ZmJqMjg3MTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH4CyodwK
GBkO29sDLj+ZcLrj+hAf7+fba2Al8lMdduB3G0I2R0A6i33uVLZ7X5p7bH1UyqFc
4kLidbQpybyJQUgfZjrGcsJxBuLlPthh9Lx142xJ7Fbvs624bIYiW0Cbs4O2wMes
5CoTum9gakncrjYiM8KPNV1Dc+hMadE8EeOQRwaztX0EVfdYC0hS5Cjsc/XsNPsM
0+PLkmPBFtt9eq2JaOtDqXzGQTKKaAGMpmOdziZ/nlCfzOLQbmR2TMFP89qxNyV/
swO4XnswZ62htIHuwmt/gc8OBcHG17rH8oHGax4FGfYlgeGTFH8PKYkBrEIf+tVP
SdlvXzF5IX77/Q==
-----END CERTIFICATE-----