Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
File:                     aiElvfZalVLVuOF6s2FaoQuAWXY.mft (raw, json)
Hash identifier:          xUSRnTOqYbYlERt682qKuX3HhTEn6mvwO7xECfvs6SQ=
Subject key identifier:   A1:B5:CB:A3:C3:D3:B2:F5:11:E5:B4:07:9A:83:E8:E8:98:5D:DC:A6
Authority key identifier: 6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76
Certificate issuer:       /CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
Certificate serial:       0197B7B37518F884E6A62687C6A985DF7C93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
Manifest number:          01B7
Signing time:             Sat 28 Jun 2025 18:01:20 +0000
Manifest this update:     Sat 28 Jun 2025 18:01:20 +0000
Manifest next update:     Sun 29 Jun 2025 18:01:20 +0000
Files and hashes:         1: aiElvfZalVLVuOF6s2FaoQuAWXY.crl (hash: Ecm3aZ6Iadpxj/DxepaaQNXhcYQ2Uj75V240OSDoFE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 18:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:b3:75:18:f8:84:e6:a6:26:87:c6:a9:85:df:7c:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
        Validity
            Not Before: Jun 28 18:01:20 2025 GMT
            Not After : Jun 29 18:01:20 2025 GMT
        Subject: CN=a1b5cba3c3d3b2f511e5b4079a83e8e8985ddca6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:69:25:a5:38:71:a6:66:2a:c6:5b:c1:0a:c6:
                    f3:0e:52:5e:d6:0d:9b:27:c9:e1:4c:f9:e3:05:e5:
                    da:78:f7:d8:98:b9:1e:41:81:86:30:fa:60:1c:24:
                    c6:82:ec:09:8b:51:f8:2e:f3:0c:26:a0:0b:f2:5b:
                    ab:2f:06:11:08:2f:ab:0c:7e:c5:9c:e9:11:fd:da:
                    e9:47:b9:52:29:67:8a:0b:67:50:5c:9d:c6:04:fb:
                    e2:af:6d:05:1e:bb:ef:11:2a:62:0b:92:0a:2a:1b:
                    9c:0b:f5:de:50:2d:c6:88:fc:1e:45:b0:37:76:54:
                    17:10:e9:4a:f3:55:92:8c:55:08:87:99:2c:0e:3a:
                    3f:94:11:30:66:74:f0:a3:95:66:d8:e8:b2:67:0d:
                    4b:ac:53:16:64:8c:f5:11:44:9a:75:3e:52:1f:bb:
                    6e:0f:18:08:87:4b:7a:32:59:ed:f5:59:4c:c1:6b:
                    05:f7:3c:17:08:a3:1c:48:6f:ea:f6:2c:e0:f2:d6:
                    ff:52:cb:b1:c8:8b:1e:c5:ac:54:eb:cf:5d:6c:66:
                    a7:05:40:aa:0d:dc:f5:71:71:fc:14:b3:f6:48:68:
                    41:eb:9c:d5:3e:a2:2f:90:c5:e9:7e:6d:53:23:03:
                    5d:c8:0d:94:a7:88:d7:2a:56:56:b8:0d:3e:61:99:
                    54:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:B5:CB:A3:C3:D3:B2:F5:11:E5:B4:07:9A:83:E8:E8:98:5D:DC:A6
            X509v3 Authority Key Identifier:
                keyid:6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:af:ab:da:3d:ce:f5:c9:73:3e:c7:7b:00:08:c9:f1:09:0c:
         06:59:98:07:81:13:ca:3a:9d:ae:07:9e:6f:ff:2c:dc:23:c2:
         32:06:d8:25:d1:ab:e5:fc:bc:f0:4d:fc:bf:24:a9:4a:ac:95:
         58:85:97:8e:8f:b1:d6:7f:17:f1:f8:07:97:f7:53:53:77:9a:
         f8:98:de:b0:80:10:36:95:0e:4c:c7:fc:43:7c:26:66:b9:f8:
         bb:5d:77:cf:32:f4:d6:a7:b3:ed:d2:1a:76:ca:9c:ec:1e:0a:
         d9:38:0d:6f:f3:a4:79:3c:13:14:ef:ae:d6:b6:74:ce:45:1d:
         4a:ab:f3:63:69:35:2b:b1:22:13:01:7a:6e:bc:32:00:98:25:
         6a:ae:d3:2c:96:44:ae:25:15:8a:0a:ad:05:74:57:f4:99:d7:
         ab:c9:8b:9d:7e:2a:98:a6:a1:27:5e:b1:1f:1f:f8:b7:13:50:
         00:df:b9:54:7c:ad:f8:ad:e1:01:cd:49:0c:d9:53:1f:5d:ab:
         18:16:46:57:82:4f:4c:9a:d5:1f:4b:63:c3:86:cb:e9:5c:59:
         d9:be:85:9f:be:9f:87:ad:58:04:0f:81:81:36:65:e5:09:45:
         61:8d:c4:39:b5:cc:b5:bd:ad:51:e9:bd:df:14:6e:33:44:17:
         e5:ed:3b:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3s3UY+ITmpiaHxqmF33yTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMjEyNWJkZjY1YTk1NTJkNWI4ZTE3YWIzNjE1YWExMGI4
MDU5NzYwHhcNMjUwNjI4MTgwMTIwWhcNMjUwNjI5MTgwMTIwWjAzMTEwLwYDVQQD
EyhhMWI1Y2JhM2MzZDNiMmY1MTFlNWI0MDc5YTgzZThlODk4NWRkY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mklpThxpmYqxlvBCsbzDlJe1g2b
J8nhTPnjBeXaePfYmLkeQYGGMPpgHCTGguwJi1H4LvMMJqAL8lurLwYRCC+rDH7F
nOkR/drpR7lSKWeKC2dQXJ3GBPvir20FHrvvESpiC5IKKhucC/XeUC3GiPweRbA3
dlQXEOlK81WSjFUIh5ksDjo/lBEwZnTwo5Vm2OiyZw1LrFMWZIz1EUSadT5SH7tu
DxgIh0t6Mlnt9VlMwWsF9zwXCKMcSG/q9izg8tb/UsuxyIsexaxU689dbGanBUCq
Ddz1cXH8FLP2SGhB65zVPqIvkMXpfm1TIwNdyA2Up4jXKlZWuA0+YZlU9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKG1y6PD07L1EeW0B5qD6OiYXdymMB8GA1UdIwQY
MBaAFGohJb32WpVS1bjherNhWqELgFl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQt
NjNlZDIyY2FiYzkyLzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQtNjNlZDIyY2FiYzky
LzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXq+r2j3O
9clzPsd7AAjJ8QkMBlmYB4ETyjqdrgeeb/8s3CPCMgbYJdGr5fy88E38vySpSqyV
WIWXjo+x1n8X8fgHl/dTU3ea+JjesIAQNpUOTMf8Q3wmZrn4u113zzL01qez7dIa
dsqc7B4K2TgNb/OkeTwTFO+u1rZ0zkUdSqvzY2k1K7EiEwF6brwyAJglaq7TLJZE
riUVigqtBXRX9JnXq8mLnX4qmKahJ16xHx/4txNQAN+5VHyt+K3hAc1JDNlTH12r
GBZGV4JPTJrVH0tjw4bL6VxZ2b6Fn76fh61YBA+BgTZl5QlFYY3EObXMtb2tUem9
3xRuM0QX5e07sw==
-----END CERTIFICATE-----