Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          wjEaYrH5+Op3nZ/nj7XYD3GxecXykQHEmKU5ux0r8FE=
Subject key identifier:   AA:FB:77:5C:E5:C6:CA:02:17:48:3E:7D:68:DA:1C:8E:35:8D:E5:32
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       0197B70E54908F9BBF78318E366128792B8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          088C
Signing time:             Sat 28 Jun 2025 15:00:59 +0000
Manifest this update:     Sat 28 Jun 2025 15:00:59 +0000
Manifest next update:     Sun 29 Jun 2025 15:00:59 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: vdONJ7Gmmrv6jZLUwKpBgr74vsdFyQ8IVMQ2kJ05E1M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:54:90:8f:9b:bf:78:31:8e:36:61:28:79:2b:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: Jun 28 15:00:59 2025 GMT
            Not After : Jun 29 15:00:59 2025 GMT
        Subject: CN=aafb775ce5c6ca0217483e7d68da1c8e358de532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:ee:d8:59:80:b3:6f:f7:e4:fb:6d:58:53:d2:
                    cd:59:40:2f:b2:67:3c:f4:02:56:ad:5b:07:ac:25:
                    f2:aa:28:73:24:c0:a0:e9:09:ee:01:20:36:7e:ec:
                    fe:4e:6a:a2:ad:eb:64:93:75:d5:f4:39:94:14:18:
                    5c:c5:41:8a:42:4c:49:19:fd:9d:a6:f7:1e:e3:4e:
                    85:50:4c:75:30:93:08:d5:f2:50:70:67:f6:ee:49:
                    12:ac:1a:5b:52:dd:dd:e1:33:72:4b:cc:93:a2:2b:
                    b1:14:85:f0:0f:17:d6:06:fd:08:d8:6b:8e:a9:17:
                    7e:df:c5:e1:0b:c8:30:30:32:bd:d5:dd:f7:b4:6d:
                    9e:7c:36:44:8e:59:94:f9:42:1c:a0:83:40:d5:0c:
                    d5:cb:07:f2:d3:8e:49:d5:38:57:d1:26:29:c0:d2:
                    ff:9e:df:ef:b8:6d:fb:41:65:82:a2:ef:94:fa:92:
                    d3:e9:80:70:7a:1a:95:8d:52:83:a8:de:e1:54:36:
                    bd:f5:72:d1:32:3c:67:c9:36:d5:71:00:b2:a0:d0:
                    f4:61:08:10:33:47:97:93:6d:05:6c:9f:04:a4:3a:
                    f1:1a:d0:4b:71:00:7c:05:68:7b:dc:09:96:dc:5c:
                    e6:12:06:21:40:da:26:7f:86:b2:fe:06:16:00:95:
                    26:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:FB:77:5C:E5:C6:CA:02:17:48:3E:7D:68:DA:1C:8E:35:8D:E5:32
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:63:af:fd:dc:a4:3f:c4:c0:ab:bf:c8:3e:ef:60:8e:2b:4b:
         9f:45:80:4d:f1:5f:06:ad:65:11:5e:68:69:83:2c:96:0b:1f:
         00:11:ca:5d:30:7c:bb:2c:27:5a:fb:1b:c7:6f:0d:4f:33:5e:
         c2:31:c1:08:b1:ae:f9:d5:f8:45:52:c1:61:c3:32:36:ec:bc:
         e0:3b:bd:2b:2e:8e:1e:bc:aa:51:8a:ad:a6:04:36:96:05:f4:
         6d:7b:94:b9:fd:c4:3a:4a:de:9f:56:6d:89:b0:17:7b:29:c9:
         4f:b5:ed:99:e1:c3:72:28:e3:49:b5:50:3d:9c:8f:0d:a1:d2:
         48:16:79:18:f4:e6:4a:a9:1d:e0:ff:b8:ad:88:8d:27:40:0f:
         55:12:53:1a:51:98:47:4a:95:7f:05:57:04:64:88:52:36:5b:
         a8:60:0a:35:53:11:b6:f7:7e:63:9a:74:d1:78:aa:3b:e6:aa:
         ff:d0:cf:ee:ac:c7:0a:ae:13:ef:e4:8a:4c:f4:66:b3:3d:a1:
         8b:00:0a:09:4d:ed:6e:5b:bc:56:0f:63:74:1e:2a:88:60:ba:
         f0:79:50:c6:e9:ff:0e:74:c3:21:9c:65:d3:f5:de:61:5d:ea:
         22:fc:d6:32:50:04:8d:ab:45:a6:54:68:fa:cd:91:8e:52:1d:
         34:28:7e:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DlSQj5u/eDGONmEoeSuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjUwNjI4MTUwMDU5WhcNMjUwNjI5MTUwMDU5WjAzMTEwLwYDVQQD
EyhhYWZiNzc1Y2U1YzZjYTAyMTc0ODNlN2Q2OGRhMWM4ZTM1OGRlNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O7YWYCzb/fk+21YU9LNWUAvsmc8
9AJWrVsHrCXyqihzJMCg6QnuASA2fuz+Tmqiretkk3XV9DmUFBhcxUGKQkxJGf2d
pvce406FUEx1MJMI1fJQcGf27kkSrBpbUt3d4TNyS8yToiuxFIXwDxfWBv0I2GuO
qRd+38XhC8gwMDK91d33tG2efDZEjlmU+UIcoINA1QzVywfy045J1ThX0SYpwNL/
nt/vuG37QWWCou+U+pLT6YBwehqVjVKDqN7hVDa99XLRMjxnyTbVcQCyoND0YQgQ
M0eXk20FbJ8EpDrxGtBLcQB8BWh73AmW3FzmEgYhQNomf4ay/gYWAJUm3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKr7d1zlxsoCF0g+fWjaHI41jeUyMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq2Ov/dyk
P8TAq7/IPu9gjitLn0WATfFfBq1lEV5oaYMslgsfABHKXTB8uywnWvsbx28NTzNe
wjHBCLGu+dX4RVLBYcMyNuy84Du9Ky6OHryqUYqtpgQ2lgX0bXuUuf3EOkren1Zt
ibAXeynJT7XtmeHDcijjSbVQPZyPDaHSSBZ5GPTmSqkd4P+4rYiNJ0APVRJTGlGY
R0qVfwVXBGSIUjZbqGAKNVMRtvd+Y5p00XiqO+aq/9DP7qzHCq4T7+SKTPRmsz2h
iwAKCU3tblu8Vg9jdB4qiGC68HlQxun/DnTDIZxl0/XeYV3qIvzWMlAEjatFplRo
+s2RjlIdNCh+0Q==
-----END CERTIFICATE-----