Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
File:                     AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft (raw, json)
Hash identifier:          /HGHR9FqNTyam0Mz0p/MhCP9TzpDUSeF3G1FUjOyRrA=
Subject key identifier:   B7:64:7F:E3:F3:9B:9C:58:31:A9:0E:76:51:B8:13:AA:69:BF:33:39
Authority key identifier: 01:0D:68:A8:76:CF:57:93:FD:00:87:62:54:25:3D:38:27:79:02:7B
Certificate issuer:       /CN=010d68a876cf5793fd00876254253d382779027b
Certificate serial:       0197B5FC337CB8BDBFA45462E9D4119A2663
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
Manifest number:          031B
Signing time:             Sat 28 Jun 2025 10:01:33 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:33 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:33 +0000
Files and hashes:         1: AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl (hash: MYdKpZK46argeBqJr3PmvaoV9Ufzi23sJcodhufGtz0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:33:7c:b8:bd:bf:a4:54:62:e9:d4:11:9a:26:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=010d68a876cf5793fd00876254253d382779027b
        Validity
            Not Before: Jun 28 10:01:33 2025 GMT
            Not After : Jun 29 10:01:33 2025 GMT
        Subject: CN=b7647fe3f39b9c5831a90e7651b813aa69bf3339
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2f:d8:74:56:07:62:5d:c6:2b:56:3b:17:7d:
                    47:82:d6:88:db:d3:d1:6c:38:96:9c:51:5b:44:ed:
                    af:83:26:af:7e:a8:91:84:bd:09:05:b5:18:ae:1c:
                    12:8e:51:91:69:10:0a:00:a4:63:d4:4a:d9:a3:5a:
                    3b:d5:2e:6e:88:6d:73:e1:5d:fa:24:bf:a9:a5:c2:
                    74:26:a3:44:47:40:e2:8d:fa:a4:4b:8d:48:c6:7d:
                    72:82:1c:7f:63:c4:9c:6e:27:19:a9:39:35:f4:a8:
                    55:6a:95:2e:e8:27:16:c7:05:ec:f8:a5:dc:13:3f:
                    4c:b4:43:4e:0f:e5:2a:cf:d6:ee:95:25:66:b9:b3:
                    b4:cc:50:aa:2b:73:ae:7b:c9:90:3d:3f:55:17:25:
                    41:f1:73:3f:ee:ad:9e:40:3f:0e:d7:21:a0:ef:4c:
                    ef:e4:d0:85:03:d0:6a:a3:8a:06:6c:d6:27:d2:b2:
                    08:29:82:5c:30:7a:ff:7d:65:44:78:a7:0a:9a:b3:
                    44:50:c4:95:a9:25:42:f1:ea:49:da:33:85:60:74:
                    1e:cb:5e:35:b1:75:4a:a4:2a:b4:1e:c9:e3:6e:fc:
                    45:7b:82:be:a9:c5:bf:49:ca:39:01:9a:e4:63:c8:
                    87:27:17:f8:1c:3a:17:6c:05:b6:0c:40:d3:69:10:
                    e2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:64:7F:E3:F3:9B:9C:58:31:A9:0E:76:51:B8:13:AA:69:BF:33:39
            X509v3 Authority Key Identifier:
                keyid:01:0D:68:A8:76:CF:57:93:FD:00:87:62:54:25:3D:38:27:79:02:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/c49d7d-1c5d-48fb-b070-d65729bb2dac/1/AQ1oqHbPV5P9AIdiVCU9OCd5Ans.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:16:b0:8a:f2:c0:c1:25:45:b9:27:1c:d2:c5:34:78:39:80:
         74:a5:7e:d6:d7:dc:ae:a1:ca:fe:f1:f1:b0:a7:b4:c8:e8:b2:
         1a:b4:36:e6:10:c0:d9:f9:7c:e0:e5:5c:d4:82:d5:1f:df:2c:
         bc:bc:d6:dd:61:5a:97:fa:de:3f:65:a2:f7:83:98:b6:0e:c0:
         c5:8b:3b:ab:88:17:1e:d4:35:bd:7d:68:3c:fe:7f:ce:f1:7e:
         bf:96:bc:1c:f3:a5:03:71:27:88:f4:8d:c5:5b:41:23:38:6e:
         b7:32:2a:7a:0c:ac:1e:30:34:b9:99:9d:39:ac:2d:32:e2:d6:
         3e:27:24:af:41:7d:cc:a2:c6:96:99:22:00:29:0b:c1:15:a3:
         8e:5b:17:ba:d6:6b:90:8b:05:92:25:5f:5d:c2:38:59:43:d1:
         3e:5d:fe:71:f3:34:24:e8:dc:5d:c8:60:7f:75:87:eb:d5:a5:
         08:fe:a2:d6:42:1d:a6:18:9c:e4:7d:81:2b:26:1f:9e:ec:4b:
         63:35:14:3a:5a:44:72:ff:c4:dc:af:e6:bd:e9:27:72:f2:64:
         ac:d4:18:5f:da:14:8f:e3:32:c3:81:6a:87:65:2c:eb:f7:e3:
         a4:2d:92:a7:d6:1b:80:d8:f8:06:1c:f9:09:1f:5a:21:9f:b2:
         85:83:9d:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/DN8uL2/pFRi6dQRmiZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMGQ2OGE4NzZjZjU3OTNmZDAwODc2MjU0MjUzZDM4Mjc3
OTAyN2IwHhcNMjUwNjI4MTAwMTMzWhcNMjUwNjI5MTAwMTMzWjAzMTEwLwYDVQQD
EyhiNzY0N2ZlM2YzOWI5YzU4MzFhOTBlNzY1MWI4MTNhYTY5YmYzMzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry/YdFYHYl3GK1Y7F31HgtaI29PR
bDiWnFFbRO2vgyavfqiRhL0JBbUYrhwSjlGRaRAKAKRj1ErZo1o71S5uiG1z4V36
JL+ppcJ0JqNER0DijfqkS41Ixn1yghx/Y8ScbicZqTk19KhVapUu6CcWxwXs+KXc
Ez9MtENOD+Uqz9bulSVmubO0zFCqK3Oue8mQPT9VFyVB8XM/7q2eQD8O1yGg70zv
5NCFA9Bqo4oGbNYn0rIIKYJcMHr/fWVEeKcKmrNEUMSVqSVC8epJ2jOFYHQey141
sXVKpCq0HsnjbvxFe4K+qcW/Sco5AZrkY8iHJxf4HDoXbAW2DEDTaRDibwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLdkf+Pzm5xYMakOdlG4E6ppvzM5MB8GA1UdIwQY
MBaAFAENaKh2z1eT/QCHYlQlPTgneQJ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9jNDlkN2QtMWM1ZC00OGZiLWIwNzAt
ZDY1NzI5YmIyZGFjLzEvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9jNDlkN2QtMWM1ZC00OGZiLWIwNzAtZDY1NzI5YmIyZGFj
LzEvQVExb3FIYlBWNVA5QUlkaVZDVTlPQ2Q1QW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaRawivLA
wSVFuScc0sU0eDmAdKV+1tfcrqHK/vHxsKe0yOiyGrQ25hDA2fl84OVc1ILVH98s
vLzW3WFal/reP2Wi94OYtg7AxYs7q4gXHtQ1vX1oPP5/zvF+v5a8HPOlA3EniPSN
xVtBIzhutzIqegysHjA0uZmdOawtMuLWPickr0F9zKLGlpkiACkLwRWjjlsXutZr
kIsFkiVfXcI4WUPRPl3+cfM0JOjcXchgf3WH69WlCP6i1kIdphic5H2BKyYfnuxL
YzUUOlpEcv/E3K/mvekncvJkrNQYX9oUj+Myw4Fqh2Us6/fjpC2Sp9YbgNj4Bhz5
CR9aIZ+yhYOdAA==
-----END CERTIFICATE-----