Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
File:                     AKTVv_pzY0hD6QPjexj97g2sWFs.mft (raw, json)
Hash identifier:          qmlfqlyY3dQIvLNAzSThR2skXlSMac+4+qiq42b64PE=
Subject key identifier:   70:EB:9C:D0:C8:13:82:08:6A:D3:6D:35:2D:EF:CA:48:17:C5:B6:1C
Authority key identifier: 00:A4:D5:BF:FA:73:63:48:43:E9:03:E3:7B:18:FD:EE:0D:AC:58:5B
Certificate issuer:       /CN=00a4d5bffa73634843e903e37b18fdee0dac585b
Certificate serial:       0197B6A19202840F1A68356774C9B51BD1D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
Manifest number:          D9
Signing time:             Sat 28 Jun 2025 13:02:11 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:11 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:11 +0000
Files and hashes:         1: AKTVv_pzY0hD6QPjexj97g2sWFs.crl (hash: IEvI+8fBSLItAE+JxNz84nJGj8bFQDgAxWLKiMWQTxU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:92:02:84:0f:1a:68:35:67:74:c9:b5:1b:d1:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00a4d5bffa73634843e903e37b18fdee0dac585b
        Validity
            Not Before: Jun 28 13:02:11 2025 GMT
            Not After : Jun 29 13:02:11 2025 GMT
        Subject: CN=70eb9cd0c81382086ad36d352defca4817c5b61c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:60:cd:fc:c5:70:7d:9f:20:97:93:9a:a8:82:
                    20:e5:c3:d9:07:2b:93:5c:32:c9:02:31:21:16:c0:
                    75:df:26:48:3e:22:33:cc:5b:14:ad:ff:3d:60:6b:
                    b0:4b:8e:27:4b:c2:05:bb:34:28:2c:37:17:07:6a:
                    4e:62:1a:ee:0f:45:35:dc:e9:96:87:61:6e:59:30:
                    f5:8d:6e:28:42:37:11:f7:24:a6:8d:56:6a:f9:10:
                    4a:b2:40:4f:d5:5e:25:f0:b5:7c:75:3e:45:6a:7f:
                    df:92:e5:32:c1:c2:54:3f:4e:a6:b2:c4:b1:0e:f7:
                    91:8f:55:62:12:28:c9:af:2d:c0:11:e0:d5:0a:b8:
                    d0:02:79:bc:49:72:64:f6:5c:bb:08:b8:a6:ff:96:
                    14:b5:2b:9c:21:4b:10:a3:58:25:7d:95:7a:c2:a5:
                    0d:a5:e4:86:75:01:29:f1:cd:a4:97:c9:c4:3b:ea:
                    19:bc:25:53:93:7d:2a:3d:90:80:c4:65:52:da:7a:
                    1e:c9:2b:7e:13:9e:5c:bb:c2:9c:6f:00:33:87:13:
                    dd:81:18:aa:60:93:bb:99:88:80:43:7b:8e:ca:c9:
                    73:39:2b:ca:d2:65:af:db:e9:5c:b0:60:20:77:73:
                    6c:91:ab:ba:db:82:df:96:d9:0b:e3:de:1c:34:52:
                    d6:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:EB:9C:D0:C8:13:82:08:6A:D3:6D:35:2D:EF:CA:48:17:C5:B6:1C
            X509v3 Authority Key Identifier:
                keyid:00:A4:D5:BF:FA:73:63:48:43:E9:03:E3:7B:18:FD:EE:0D:AC:58:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:3b:50:5b:d9:6c:24:df:e8:eb:62:e2:3b:8d:25:95:8f:28:
         0e:f1:71:70:8c:ad:72:11:ef:68:8d:c1:30:6c:a6:25:3d:d0:
         82:65:9f:f7:0b:f5:54:0c:5f:59:4f:9e:83:1c:58:ed:ae:a4:
         12:dd:32:ea:8e:5d:f5:58:ec:ba:60:79:5b:e6:2b:ec:d3:9b:
         fd:00:8f:dd:91:b5:89:f7:db:b1:e0:71:3c:f0:ca:21:19:1b:
         13:a3:17:ad:91:18:18:ab:dc:60:5a:24:63:1c:b3:ef:06:03:
         3c:48:df:96:c4:e9:4f:21:55:6c:6e:52:d8:30:31:61:49:3f:
         dd:54:b9:5b:9f:dc:f3:53:af:fc:9d:1a:fb:ce:ae:d7:7f:dc:
         53:33:eb:f6:b3:de:00:a0:37:ce:6e:31:ab:6d:e2:25:06:90:
         78:ad:73:5f:4d:76:79:9c:58:e5:28:79:10:bd:4d:27:0a:ee:
         36:3d:32:44:7b:3c:38:8e:f5:67:5e:2b:35:0c:da:1a:d7:d5:
         15:1b:39:ca:d0:d6:a3:75:ae:e5:1a:fc:fc:8b:87:e4:91:6e:
         d1:21:19:8a:89:4b:e3:09:10:cf:a1:82:63:04:cd:e1:3b:6f:
         38:ef:60:0f:8a:a0:3c:b1:6e:5e:32:81:78:01:37:4e:29:c5:
         da:50:64:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oZIChA8aaDVndMm1G9HVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYTRkNWJmZmE3MzYzNDg0M2U5MDNlMzdiMThmZGVlMGRh
YzU4NWIwHhcNMjUwNjI4MTMwMjExWhcNMjUwNjI5MTMwMjExWjAzMTEwLwYDVQQD
Eyg3MGViOWNkMGM4MTM4MjA4NmFkMzZkMzUyZGVmY2E0ODE3YzViNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGDN/MVwfZ8gl5OaqIIg5cPZByuT
XDLJAjEhFsB13yZIPiIzzFsUrf89YGuwS44nS8IFuzQoLDcXB2pOYhruD0U13OmW
h2FuWTD1jW4oQjcR9ySmjVZq+RBKskBP1V4l8LV8dT5Fan/fkuUywcJUP06mssSx
DveRj1ViEijJry3AEeDVCrjQAnm8SXJk9ly7CLim/5YUtSucIUsQo1glfZV6wqUN
peSGdQEp8c2kl8nEO+oZvCVTk30qPZCAxGVS2noeySt+E55cu8KcbwAzhxPdgRiq
YJO7mYiAQ3uOyslzOSvK0mWv2+lcsGAgd3Nskau624LfltkL494cNFLW9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDrnNDIE4IIatNtNS3vykgXxbYcMB8GA1UdIwQY
MBaAFACk1b/6c2NIQ+kD43sY/e4NrFhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC85NmU2NDAtODVhNS00NzViLTk0Y2It
ODRlZTY5ZWQ5M2E0LzEvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC85NmU2NDAtODVhNS00NzViLTk0Y2ItODRlZTY5ZWQ5M2E0
LzEvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJztQW9ls
JN/o62LiO40llY8oDvFxcIytchHvaI3BMGymJT3QgmWf9wv1VAxfWU+egxxY7a6k
Et0y6o5d9VjsumB5W+Yr7NOb/QCP3ZG1iffbseBxPPDKIRkbE6MXrZEYGKvcYFok
Yxyz7wYDPEjflsTpTyFVbG5S2DAxYUk/3VS5W5/c81Ov/J0a+86u13/cUzPr9rPe
AKA3zm4xq23iJQaQeK1zX012eZxY5Sh5EL1NJwruNj0yRHs8OI71Z14rNQzaGtfV
FRs5ytDWo3Wu5Rr8/IuH5JFu0SEZiolL4wkQz6GCYwTN4TtvOO9gD4qgPLFuXjKB
eAE3TinF2lBk3Q==
-----END CERTIFICATE-----