Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
File:                     aomTYnatLRhxB9-3QAeTADrBSac.mft (raw, json)
Hash identifier:          Ejsj6/LeGlUvDXAAHRQJpphGG9Fln11/9EcL9fmfcx0=
Subject key identifier:   24:55:30:E3:7A:26:59:9A:70:3C:86:8F:0C:34:BB:94:52:F9:11:95
Authority key identifier: 6A:89:93:62:76:AD:2D:18:71:07:DF:B7:40:07:93:00:3A:C1:49:A7
Certificate issuer:       /CN=6a89936276ad2d187107dfb7400793003ac149a7
Certificate serial:       0197B7EA523908DEC0713926FE9DD813AD2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
Manifest number:          1544
Signing time:             Sat 28 Jun 2025 19:01:16 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:16 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:16 +0000
Files and hashes:         1: aomTYnatLRhxB9-3QAeTADrBSac.crl (hash: 6xZyqRRjnNieZcnjMIc3/vlcY7KOv5bXdGA9ZGwwXpw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:52:39:08:de:c0:71:39:26:fe:9d:d8:13:ad:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a89936276ad2d187107dfb7400793003ac149a7
        Validity
            Not Before: Jun 28 19:01:16 2025 GMT
            Not After : Jun 29 19:01:16 2025 GMT
        Subject: CN=245530e37a26599a703c868f0c34bb9452f91195
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:cd:1e:78:af:c9:97:86:ad:eb:2d:ba:51:26:
                    a3:cc:35:38:01:89:24:51:8a:75:1d:47:f6:fc:39:
                    41:08:30:7d:a5:c5:c7:5e:a8:4b:ce:31:61:56:99:
                    70:1a:35:66:b6:56:63:12:b3:c1:f6:c3:2a:87:1d:
                    d4:48:9c:59:d9:86:3f:b9:bd:17:97:75:fc:7e:29:
                    c2:30:41:18:4c:1f:dd:33:88:b2:2c:a7:b8:d3:8a:
                    be:7a:0d:61:00:3b:34:b3:77:82:ef:92:17:d9:8e:
                    7a:3b:9e:a3:e0:9e:94:b2:72:79:0d:cc:f7:34:6f:
                    d3:35:a9:25:54:2e:ad:5f:16:8a:91:98:92:0f:6c:
                    59:0c:2d:19:e6:b4:fe:f9:97:b3:f4:04:f3:3a:92:
                    bf:45:23:54:3f:24:e2:83:25:d7:64:35:e2:e8:81:
                    87:30:86:ab:0b:78:10:4d:9e:9c:99:71:f1:3a:07:
                    15:b3:be:60:ef:a5:f0:95:98:aa:73:76:73:c6:9d:
                    dd:c2:2c:6b:f8:77:07:d8:99:7d:77:53:fc:3a:11:
                    90:63:eb:f8:39:e9:5b:97:06:b9:d3:15:1c:f2:58:
                    31:2a:2d:d1:c0:02:04:87:15:d2:23:ac:2e:73:50:
                    27:f7:86:df:e5:ae:3c:5f:d5:7d:e2:f3:31:01:44:
                    66:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:55:30:E3:7A:26:59:9A:70:3C:86:8F:0C:34:BB:94:52:F9:11:95
            X509v3 Authority Key Identifier:
                keyid:6A:89:93:62:76:AD:2D:18:71:07:DF:B7:40:07:93:00:3A:C1:49:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:a6:ea:db:78:32:a4:1e:2f:76:11:d4:89:84:a1:29:bf:5c:
         67:cb:22:62:9c:64:af:37:f5:eb:e4:75:0c:69:cc:8a:ee:ba:
         f8:7e:01:2d:e0:73:a3:f8:46:89:13:3e:ca:66:20:df:ab:1a:
         cf:63:15:d8:b1:04:d8:9e:d6:3d:b7:51:f8:f8:dc:fc:9d:fd:
         46:b6:83:0e:dc:16:7d:37:b0:c9:21:26:82:10:97:30:76:a6:
         25:42:25:c7:a2:b5:02:6e:c0:d9:42:7b:93:83:2c:b7:19:80:
         33:e8:5e:c3:62:69:68:a0:f2:31:22:3f:89:3b:f2:f5:e1:08:
         c2:fe:53:db:ee:43:14:61:c0:95:6c:eb:5c:0c:5c:a3:a8:1c:
         90:7f:f4:45:8a:75:60:e4:d7:5d:6c:c1:63:7b:e3:f3:57:d7:
         bf:bb:df:ba:2c:39:02:16:50:10:ca:28:1e:02:7c:38:e6:9c:
         7f:60:8d:39:52:7d:56:65:1a:69:29:9f:a7:8b:fb:78:cc:a3:
         b0:1d:8d:87:68:42:b8:31:47:2a:27:5d:1b:2e:92:0f:c6:ab:
         f0:29:da:f3:6d:c3:b8:af:ae:8f:b7:ad:ef:5f:88:47:fd:17:
         cd:d6:ae:83:92:c5:d4:a9:d6:0d:62:59:c4:4f:53:1b:22:b7:
         65:1e:b7:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36lI5CN7AcTkm/p3YE60tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhODk5MzYyNzZhZDJkMTg3MTA3ZGZiNzQwMDc5MzAwM2Fj
MTQ5YTcwHhcNMjUwNjI4MTkwMTE2WhcNMjUwNjI5MTkwMTE2WjAzMTEwLwYDVQQD
EygyNDU1MzBlMzdhMjY1OTlhNzAzYzg2OGYwYzM0YmI5NDUyZjkxMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc0eeK/Jl4at6y26USajzDU4AYkk
UYp1HUf2/DlBCDB9pcXHXqhLzjFhVplwGjVmtlZjErPB9sMqhx3USJxZ2YY/ub0X
l3X8finCMEEYTB/dM4iyLKe404q+eg1hADs0s3eC75IX2Y56O56j4J6UsnJ5Dcz3
NG/TNaklVC6tXxaKkZiSD2xZDC0Z5rT++Zez9ATzOpK/RSNUPyTigyXXZDXi6IGH
MIarC3gQTZ6cmXHxOgcVs75g76XwlZiqc3Zzxp3dwixr+HcH2Jl9d1P8OhGQY+v4
Oelblwa50xUc8lgxKi3RwAIEhxXSI6wuc1An94bf5a48X9V94vMxAURmlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRVMON6JlmacDyGjww0u5RS+RGVMB8GA1UdIwQY
MBaAFGqJk2J2rS0YcQfft0AHkwA6wUmnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8yYWI2MmQtMDcwYy00YjA2LWIzOGEt
NzNhN2E0NzM2MDM4LzEvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8yYWI2MmQtMDcwYy00YjA2LWIzOGEtNzNhN2E0NzM2MDM4
LzEvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6bq23gy
pB4vdhHUiYShKb9cZ8siYpxkrzf16+R1DGnMiu66+H4BLeBzo/hGiRM+ymYg36sa
z2MV2LEE2J7WPbdR+Pjc/J39RraDDtwWfTewySEmghCXMHamJUIlx6K1Am7A2UJ7
k4MstxmAM+hew2JpaKDyMSI/iTvy9eEIwv5T2+5DFGHAlWzrXAxco6gckH/0RYp1
YOTXXWzBY3vj81fXv7vfuiw5AhZQEMooHgJ8OOacf2CNOVJ9VmUaaSmfp4v7eMyj
sB2Nh2hCuDFHKiddGy6SD8ar8Cna823DuK+uj7et71+IR/0Xzdaug5LF1KnWDWJZ
xE9TGyK3ZR63xg==
-----END CERTIFICATE-----