Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
File:                     aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json)
Hash identifier:          fDBrjVgFKukeYMgCBnz/baZV2tpwjUEajfcnZdOxQiw=
Subject key identifier:   68:2F:70:6B:5D:04:BB:14:0F:7C:8A:A4:A5:3F:57:81:DD:DE:40:C3
Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0
Certificate issuer:       /CN=69a10a129558c8380bc13d9ac45401d21dab9df0
Certificate serial:       0198D473B909ED76BCCA1F906263BADDF7CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
Manifest number:          1646
Signing time:             Sat 23 Aug 2025 01:03:30 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:30 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:30 +0000
Files and hashes:         1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: JI6X6bvpkI636xIxnVyV1o1SjinsacuQoUa7ATvknYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:b9:09:ed:76:bc:ca:1f:90:62:63:ba:dd:f7:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0
        Validity
            Not Before: Aug 23 01:03:30 2025 GMT
            Not After : Aug 24 01:03:30 2025 GMT
        Subject: CN=682f706b5d04bb140f7c8aa4a53f5781ddde40c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f5:0a:06:7e:3e:d3:ac:e8:78:a8:31:d6:64:
                    14:fb:4c:f3:cc:b8:44:8f:3d:59:b9:4d:6c:38:05:
                    00:47:45:22:4b:2c:a6:21:17:5b:d0:af:ca:12:ff:
                    f1:6c:08:2f:cf:0e:bc:ab:3a:25:e0:6d:15:f3:26:
                    a9:11:45:3d:65:e4:7f:ed:e2:ff:49:7b:5b:8d:26:
                    aa:7f:21:39:36:23:13:68:3a:21:5f:38:db:f6:53:
                    df:f1:06:4f:a2:e7:b4:36:78:b0:42:97:5e:d5:bf:
                    d2:0a:f2:0c:3c:f0:d9:08:4a:1f:ac:c9:ff:e9:58:
                    de:06:eb:90:26:a5:3f:9b:4d:6b:4d:6b:6a:e6:3a:
                    a0:1f:9f:e1:4c:07:d6:04:0d:60:40:85:df:d9:1c:
                    4f:a0:3c:4b:ce:da:cd:b8:ef:0f:79:18:b8:e6:b9:
                    76:b7:ac:70:68:9a:64:b7:0a:ad:ea:d3:41:f0:f1:
                    85:3e:d4:f8:1f:30:9e:0c:55:68:ee:67:3a:08:28:
                    0d:1a:84:3a:2c:00:44:ca:49:94:a2:0e:93:8b:88:
                    c8:cb:81:88:34:79:5c:e7:3f:0b:f4:4e:d2:95:2c:
                    f0:18:61:a2:fc:57:ac:be:72:a8:48:1e:82:ac:81:
                    61:dc:70:5d:31:6a:6e:c7:28:4d:33:91:bc:69:12:
                    36:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:2F:70:6B:5D:04:BB:14:0F:7C:8A:A4:A5:3F:57:81:DD:DE:40:C3
            X509v3 Authority Key Identifier:
                keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:50:46:56:e0:ee:ba:59:d2:c3:79:b4:4b:96:68:52:68:f4:
         2e:7f:50:b7:5f:f4:f8:cb:01:fb:8a:b4:9b:4a:22:71:9e:e3:
         c2:68:b7:9b:f1:1a:99:74:fa:a1:16:e5:ac:d5:f9:e9:db:ed:
         72:4f:23:0f:10:67:34:6f:73:58:3e:0d:2d:68:91:29:07:a8:
         88:0f:02:f2:98:5e:ce:26:8f:2e:d7:67:e1:d9:79:74:f3:91:
         22:17:01:6d:6f:81:ed:13:0c:18:41:fe:02:49:c1:f6:68:0a:
         d8:11:9e:85:fa:7d:24:0a:4d:c7:ed:c0:82:1d:37:cb:a3:a2:
         85:0e:45:ec:20:f3:58:cc:54:52:0f:84:37:43:9c:04:bd:f7:
         18:8c:50:bc:12:aa:d4:93:e3:04:98:5b:6b:59:08:07:5b:11:
         80:65:28:3b:eb:8f:2c:61:d4:23:97:d4:aa:5c:f1:25:2f:3f:
         d9:ad:d1:70:90:5b:5b:c9:e0:2d:41:93:20:39:67:ab:14:3d:
         a7:37:e1:44:38:ae:68:4f:a5:25:b1:78:4e:ff:3a:20:a2:71:
         7a:62:58:2f:43:42:2e:61:d1:78:ac:2e:a2:93:7d:6a:f0:7b:
         2b:7f:6e:6e:2a:01:96:84:e7:81:2c:3b:b4:81:1f:88:f8:8a:
         63:4c:b8:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc7kJ7Xa8yh+QYmO63ffNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh
YjlkZjAwHhcNMjUwODIzMDEwMzMwWhcNMjUwODI0MDEwMzMwWjAzMTEwLwYDVQQD
Eyg2ODJmNzA2YjVkMDRiYjE0MGY3YzhhYTRhNTNmNTc4MWRkZGU0MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/UKBn4+06zoeKgx1mQU+0zzzLhE
jz1ZuU1sOAUAR0UiSyymIRdb0K/KEv/xbAgvzw68qzol4G0V8yapEUU9ZeR/7eL/
SXtbjSaqfyE5NiMTaDohXzjb9lPf8QZPoue0NniwQpde1b/SCvIMPPDZCEofrMn/
6VjeBuuQJqU/m01rTWtq5jqgH5/hTAfWBA1gQIXf2RxPoDxLztrNuO8PeRi45rl2
t6xwaJpktwqt6tNB8PGFPtT4HzCeDFVo7mc6CCgNGoQ6LABEykmUog6Ti4jIy4GI
NHlc5z8L9E7SlSzwGGGi/FesvnKoSB6CrIFh3HBdMWpuxyhNM5G8aRI2HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGgvcGtdBLsUD3yKpKU/V4Hd3kDDMB8GA1UdIwQY
MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt
ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2
LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKlBGVuDu
ulnSw3m0S5ZoUmj0Ln9Qt1/0+MsB+4q0m0oicZ7jwmi3m/EamXT6oRblrNX56dvt
ck8jDxBnNG9zWD4NLWiRKQeoiA8C8pheziaPLtdn4dl5dPORIhcBbW+B7RMMGEH+
AknB9mgK2BGehfp9JApNx+3Agh03y6OihQ5F7CDzWMxUUg+EN0OcBL33GIxQvBKq
1JPjBJhba1kIB1sRgGUoO+uPLGHUI5fUqlzxJS8/2a3RcJBbW8ngLUGTIDlnqxQ9
pzfhRDiuaE+lJbF4Tv86IKJxemJYL0NCLmHReKwuopN9avB7K39ubioBloTngSw7
tIEfiPiKY0y4Vg==
-----END CERTIFICATE-----