Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
File:                     aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json)
Hash identifier:          WKnm5sjWbyFh2keKkE0r43txFBgzpyX6zAg5qi1tTIc=
Subject key identifier:   3E:7F:BF:44:1D:A4:CE:26:C5:A6:E8:42:37:12:1B:79:4C:14:7D:13
Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0
Certificate issuer:       /CN=69a10a129558c8380bc13d9ac45401d21dab9df0
Certificate serial:       0197B88FCD4E6E4CF504F467D330010232C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
Manifest number:          15B3
Signing time:             Sat 28 Jun 2025 22:02:01 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:01 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:01 +0000
Files and hashes:         1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: 3ujmZ3y2LVWAjeHajs1z4DVx/BntmU6kZIq/yZXUe68=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:cd:4e:6e:4c:f5:04:f4:67:d3:30:01:02:32:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0
        Validity
            Not Before: Jun 28 22:02:01 2025 GMT
            Not After : Jun 29 22:02:01 2025 GMT
        Subject: CN=3e7fbf441da4ce26c5a6e84237121b794c147d13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:92:11:42:56:7d:85:bc:9b:b1:63:c3:9e:a1:
                    55:9e:fc:0d:b4:68:cc:67:5a:0e:fc:f0:db:a3:82:
                    95:a7:e6:55:48:ae:10:e1:77:0b:2a:24:cf:ef:3c:
                    65:24:11:6c:22:e8:52:7d:6b:3a:c2:e7:5c:c9:8e:
                    3b:1a:8d:90:e0:95:d5:96:45:6e:44:cd:a1:eb:72:
                    53:c4:6f:bd:54:6e:20:e7:51:eb:9c:f8:92:54:ee:
                    4b:b3:91:d4:d3:4b:c3:2e:79:a8:46:33:30:20:4f:
                    0e:d3:09:00:fa:c4:06:ae:51:8e:20:9e:9b:52:00:
                    84:20:93:84:d5:60:14:38:fe:10:6e:55:10:37:18:
                    8b:36:3b:8f:2a:2c:78:2e:5b:15:28:f2:72:0e:e7:
                    7f:54:a5:20:ab:8d:2a:1e:64:0e:94:94:43:0f:b1:
                    02:96:15:e5:5f:d0:d3:c6:67:13:79:81:c0:e5:f4:
                    08:17:21:07:6f:9d:be:75:c9:e7:8b:d9:d1:84:cd:
                    bf:a0:e2:6f:25:47:ad:1d:56:8c:0d:e4:f2:f6:db:
                    0a:d3:37:5a:b0:54:ba:08:ea:79:68:b2:49:17:6a:
                    95:14:db:e5:e0:df:7e:d9:8b:06:14:14:48:36:25:
                    bb:86:17:7d:64:8b:46:09:5c:56:2a:85:4a:44:8d:
                    35:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:7F:BF:44:1D:A4:CE:26:C5:A6:E8:42:37:12:1B:79:4C:14:7D:13
            X509v3 Authority Key Identifier:
                keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:6a:f7:72:84:e6:74:bf:46:8c:09:67:04:14:f5:50:61:6b:
         ab:a3:fe:c6:da:70:d4:b4:7f:42:41:f4:7d:4b:58:d4:ae:51:
         4f:16:60:34:17:82:8b:5d:41:fa:bf:d3:1b:dd:73:db:3f:b2:
         96:9d:53:4c:26:13:ed:f5:65:fc:26:ba:91:93:36:1e:1e:da:
         31:5d:3f:ee:a4:f9:53:2d:41:db:da:ce:07:d4:c2:b7:d1:0a:
         4a:ab:c6:79:50:11:d9:d2:bc:9f:63:1a:1b:28:a5:ee:ad:22:
         65:54:1d:ac:c9:4b:80:7d:c2:ad:e7:ff:ca:7d:62:83:4e:46:
         99:eb:e9:f1:9a:a5:57:d7:27:66:86:7f:97:10:1c:2f:33:95:
         79:ce:17:21:04:df:7e:e0:62:a8:ea:72:18:c9:2a:c7:8b:eb:
         cc:83:83:7a:68:37:5a:e5:5f:0a:63:22:c4:f1:dd:e7:12:1f:
         56:d5:d0:4a:47:20:f7:93:63:2c:16:32:0a:5c:1c:5e:ca:fa:
         2e:ed:bd:53:c4:d2:0f:64:95:95:cf:c9:e9:31:17:79:3c:8d:
         1c:2a:a7:c4:a4:ba:62:74:3c:7b:49:e9:b5:5f:7d:99:a3:de:
         be:bc:a3:c3:21:18:f2:1b:28:fb:59:2a:7a:cd:cd:a4:ef:2a:
         fa:cd:b2:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j81Obkz1BPRn0zABAjLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh
YjlkZjAwHhcNMjUwNjI4MjIwMjAxWhcNMjUwNjI5MjIwMjAxWjAzMTEwLwYDVQQD
EygzZTdmYmY0NDFkYTRjZTI2YzVhNmU4NDIzNzEyMWI3OTRjMTQ3ZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJIRQlZ9hbybsWPDnqFVnvwNtGjM
Z1oO/PDbo4KVp+ZVSK4Q4XcLKiTP7zxlJBFsIuhSfWs6wudcyY47Go2Q4JXVlkVu
RM2h63JTxG+9VG4g51HrnPiSVO5Ls5HU00vDLnmoRjMwIE8O0wkA+sQGrlGOIJ6b
UgCEIJOE1WAUOP4QblUQNxiLNjuPKix4LlsVKPJyDud/VKUgq40qHmQOlJRDD7EC
lhXlX9DTxmcTeYHA5fQIFyEHb52+dcnni9nRhM2/oOJvJUetHVaMDeTy9tsK0zda
sFS6COp5aLJJF2qVFNvl4N9+2YsGFBRINiW7hhd9ZItGCVxWKoVKRI01UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5/v0QdpM4mxaboQjcSG3lMFH0TMB8GA1UdIwQY
MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt
ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2
LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWr3coTm
dL9GjAlnBBT1UGFrq6P+xtpw1LR/QkH0fUtY1K5RTxZgNBeCi11B+r/TG91z2z+y
lp1TTCYT7fVl/Ca6kZM2Hh7aMV0/7qT5Uy1B29rOB9TCt9EKSqvGeVAR2dK8n2Ma
Gyil7q0iZVQdrMlLgH3Cref/yn1ig05Gmevp8ZqlV9cnZoZ/lxAcLzOVec4XIQTf
fuBiqOpyGMkqx4vrzIODemg3WuVfCmMixPHd5xIfVtXQSkcg95NjLBYyClwcXsr6
Lu29U8TSD2SVlc/J6TEXeTyNHCqnxKS6YnQ8e0nptV99maPevryjwyEY8hso+1kq
es3NpO8q+s2y+w==
-----END CERTIFICATE-----