Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          H5Ba+iqv8nF0CTz6SEm/tYEtWUexvjlVqdO/XrVrT5E=
Subject key identifier:   1F:5D:C4:74:61:F1:E2:F0:84:50:61:F6:F6:D6:B6:C3:A9:9C:27:1B
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       01984A0A4549E9F61DFAC8621F33555DE65F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          06AA
Signing time:             Sun 27 Jul 2025 04:00:43 +0000
Manifest this update:     Sun 27 Jul 2025 04:00:43 +0000
Manifest next update:     Mon 28 Jul 2025 04:00:43 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: bNBWzjl9qfa5HIE/Kr1OF4lYWGXkXgxJsyEkFbZbkFo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 04:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:4a:0a:45:49:e9:f6:1d:fa:c8:62:1f:33:55:5d:e6:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Jul 27 04:00:43 2025 GMT
            Not After : Jul 28 04:00:43 2025 GMT
        Subject: CN=1f5dc47461f1e2f0845061f6f6d6b6c3a99c271b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:50:da:fc:6d:8e:f4:4e:f6:5c:ee:a6:b8:ac:
                    c0:91:ed:d7:0d:8c:e3:1c:36:7a:40:db:8a:b8:6b:
                    64:e3:7f:11:00:2d:bf:8c:f2:6e:c9:8f:e0:87:55:
                    4e:4f:91:68:18:e3:a6:fd:65:c6:ed:e9:92:9e:37:
                    07:c6:09:0e:9a:b3:f1:ae:1c:b5:32:bd:e1:96:5a:
                    61:9e:32:49:4e:0e:01:ea:dc:a9:10:a9:f6:b9:e2:
                    52:4d:68:65:71:51:55:1a:20:2b:5c:6b:7c:21:93:
                    e7:2d:f9:90:16:3a:97:32:55:02:8b:3b:21:cb:b2:
                    b2:ad:cd:01:25:52:a2:cd:95:eb:64:37:42:e2:87:
                    f3:bb:ab:b8:1b:c5:80:bb:da:d8:90:56:56:7a:09:
                    ef:19:35:79:46:5d:a1:d5:a4:cb:18:89:12:88:f6:
                    f7:c3:85:bb:83:1d:45:8a:93:ca:5b:fd:ca:fa:a5:
                    9a:f8:6c:41:25:72:a5:c8:26:c5:0f:73:4d:76:12:
                    f9:62:f4:83:75:64:9d:eb:3d:62:13:09:35:c2:66:
                    e1:51:05:ea:ad:cf:de:82:dc:5e:d2:99:82:95:6a:
                    3c:c7:bc:14:27:86:ff:4b:1b:9c:f2:4d:88:6b:0a:
                    39:ba:38:59:49:5e:83:c2:49:0a:97:0e:8d:da:c0:
                    2d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:5D:C4:74:61:F1:E2:F0:84:50:61:F6:F6:D6:B6:C3:A9:9C:27:1B
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:c3:ca:b7:29:42:da:a1:5e:8b:22:b7:10:36:52:50:7e:cd:
         b4:f0:b4:78:57:d3:e7:ea:8a:a0:81:f4:f8:29:2e:9a:9a:83:
         4a:34:a7:91:06:d8:16:51:fd:b7:01:30:ea:90:df:40:20:47:
         92:76:fb:bc:ca:6a:9f:5b:f9:fd:7e:f5:06:63:50:2d:27:a1:
         50:dc:60:0b:66:5f:30:7c:1a:eb:02:3e:9d:13:bb:75:3e:12:
         07:eb:e9:43:a6:34:1e:dc:7b:07:d7:bc:f1:cb:82:c9:c5:02:
         54:ad:28:7b:d0:40:76:26:71:71:67:33:24:26:6a:6b:65:6d:
         e6:6d:75:bf:5e:ec:28:86:c9:3c:82:f2:bb:de:9f:7b:c4:f4:
         c3:14:67:5a:0c:a3:03:f1:3e:69:e9:91:b3:27:80:c3:5d:28:
         1b:aa:15:c2:97:91:ee:a0:ea:5d:8e:67:3e:41:68:62:34:7b:
         d6:01:62:6b:8f:0c:e1:a0:92:1b:cf:6d:22:03:31:26:40:a2:
         a1:0e:5e:39:19:e4:e2:8b:e2:9f:ba:7b:ba:7f:cc:77:9f:39:
         b7:f5:02:e3:ae:81:39:45:26:09:18:54:36:51:f9:b9:a5:6b:
         5c:de:f9:f0:b2:cd:84:0f:2f:7f:3c:c8:65:0f:d3:df:aa:02:
         00:7c:de:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhKCkVJ6fYd+shiHzNVXeZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjUwNzI3MDQwMDQzWhcNMjUwNzI4MDQwMDQzWjAzMTEwLwYDVQQD
EygxZjVkYzQ3NDYxZjFlMmYwODQ1MDYxZjZmNmQ2YjZjM2E5OWMyNzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFDa/G2O9E72XO6muKzAke3XDYzj
HDZ6QNuKuGtk438RAC2/jPJuyY/gh1VOT5FoGOOm/WXG7emSnjcHxgkOmrPxrhy1
Mr3hllphnjJJTg4B6typEKn2ueJSTWhlcVFVGiArXGt8IZPnLfmQFjqXMlUCizsh
y7Kyrc0BJVKizZXrZDdC4ofzu6u4G8WAu9rYkFZWegnvGTV5Rl2h1aTLGIkSiPb3
w4W7gx1FipPKW/3K+qWa+GxBJXKlyCbFD3NNdhL5YvSDdWSd6z1iEwk1wmbhUQXq
rc/egtxe0pmClWo8x7wUJ4b/Sxuc8k2Iawo5ujhZSV6DwkkKlw6N2sAtMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB9dxHRh8eLwhFBh9vbWtsOpnCcbMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFsPKtylC
2qFeiyK3EDZSUH7NtPC0eFfT5+qKoIH0+CkumpqDSjSnkQbYFlH9twEw6pDfQCBH
knb7vMpqn1v5/X71BmNQLSehUNxgC2ZfMHwa6wI+nRO7dT4SB+vpQ6Y0Htx7B9e8
8cuCycUCVK0oe9BAdiZxcWczJCZqa2Vt5m11v17sKIbJPILyu96fe8T0wxRnWgyj
A/E+aemRsyeAw10oG6oVwpeR7qDqXY5nPkFoYjR71gFia48M4aCSG89tIgMxJkCi
oQ5eORnk4ovin7p7un/Md585t/UC466BOUUmCRhUNlH5uaVrXN758LLNhA8vfzzI
ZQ/T36oCAHzemQ==
-----END CERTIFICATE-----