Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
File:                     pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json)
Hash identifier:          MUnCZZMS+GH2qSTseuJEPaoCWv25rsRpFAFtj3WyrWc=
Subject key identifier:   70:63:54:24:D4:43:54:83:2D:E7:91:61:5D:EA:36:C9:29:53:88:76
Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
Certificate issuer:       /CN=a4068c6655c333fc712832c113f67f1fd688aec4
Certificate serial:       019923A06897888B0E3C93E96D490BF34D3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
Manifest number:          136F
Signing time:             Sun 07 Sep 2025 10:02:18 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:18 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:18 +0000
Files and hashes:         1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: Ljab3tsz+w6xUcTuKyBl3rWXXE0hUUoY9RckgYl4FE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:68:97:88:8b:0e:3c:93:e9:6d:49:0b:f3:4d:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4
        Validity
            Not Before: Sep  7 10:02:18 2025 GMT
            Not After : Sep  8 10:02:18 2025 GMT
        Subject: CN=70635424d44354832de791615dea36c929538876
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:d6:f9:4f:e7:b1:e3:85:19:4d:bc:50:1c:6a:
                    a4:19:61:be:5b:77:8d:c3:5c:bc:39:b0:8f:ff:8a:
                    fc:bd:20:7f:92:dc:c8:37:03:dd:c7:3a:b4:06:a3:
                    63:ca:d8:08:62:f9:9b:2f:74:11:f8:08:87:ed:0e:
                    88:1c:48:f5:dc:16:f2:4e:29:e8:74:42:48:07:9a:
                    ea:66:8d:5e:90:b4:23:10:77:ca:26:63:7e:a8:0a:
                    fc:1d:2b:7f:1b:dc:9f:d8:58:e9:f4:b0:0b:6c:c3:
                    ac:36:f4:33:a4:1e:c5:7d:cd:7d:d4:02:f8:09:bf:
                    2f:4b:fe:bf:15:57:f8:5d:ee:71:f1:10:80:21:84:
                    d9:b2:a4:6d:68:f9:f7:46:ab:bf:12:22:fa:dd:45:
                    f9:4b:56:63:c9:f2:d2:55:7b:c7:37:d2:63:07:56:
                    de:1b:d5:52:46:b6:02:85:1b:fa:c4:0a:91:f0:82:
                    ea:45:5e:0d:a8:b1:b3:a2:57:92:40:00:a0:46:7c:
                    e0:2c:04:0c:aa:60:66:d1:cc:db:0b:06:50:aa:53:
                    10:13:81:e8:80:15:20:09:79:e6:b8:8f:2c:2b:e6:
                    01:4c:db:27:9e:6c:a9:ab:95:a0:c7:b0:f4:c5:6b:
                    c1:22:8e:e5:55:78:f4:26:bb:2f:ec:b4:8d:46:cc:
                    8c:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:63:54:24:D4:43:54:83:2D:E7:91:61:5D:EA:36:C9:29:53:88:76
            X509v3 Authority Key Identifier:
                keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:1c:16:42:df:46:dc:1a:05:a7:a5:c4:d8:0e:09:37:88:19:
         c3:67:22:30:f6:22:9c:e4:77:2d:ab:1a:56:ae:79:38:b7:14:
         cc:ce:81:c9:8f:86:61:88:ee:55:8d:87:31:a9:17:10:29:52:
         7f:5e:43:e3:3d:1a:a4:67:37:e4:f6:f1:2d:64:44:ab:57:ac:
         5e:d6:92:50:77:cb:f6:bd:41:ee:87:82:fa:e5:ff:f4:68:18:
         d5:8c:ab:51:88:43:e4:48:25:a8:7a:83:5b:da:72:6f:32:84:
         14:c0:42:59:85:71:37:84:f0:18:25:5c:17:b4:dd:8a:02:27:
         1d:b3:fd:8a:18:12:72:2b:2c:7b:4b:f3:ed:a0:7d:ab:fd:00:
         01:99:15:8e:b2:e5:36:1b:93:29:bf:ca:8a:9d:15:97:ca:4b:
         60:7e:da:89:b0:ed:4d:3b:e3:61:e0:50:1d:e9:d3:de:f6:17:
         8f:be:d8:8e:a3:75:58:18:da:15:49:0c:23:ff:1e:9a:d0:13:
         e0:9b:f2:c7:20:bc:cd:84:31:7f:17:50:97:8a:cd:ad:ae:24:
         67:f9:f0:7c:75:23:69:1a:95:52:78:96:d6:d5:9e:cc:b6:13:
         3a:d5:ca:54:11:46:16:15:12:d8:fd:f0:f0:e5:3f:d3:47:5f:
         55:f9:88:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoGiXiIsOPJPpbUkL800/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4
OGFlYzQwHhcNMjUwOTA3MTAwMjE4WhcNMjUwOTA4MTAwMjE4WjAzMTEwLwYDVQQD
Eyg3MDYzNTQyNGQ0NDM1NDgzMmRlNzkxNjE1ZGVhMzZjOTI5NTM4ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Nb5T+ex44UZTbxQHGqkGWG+W3eN
w1y8ObCP/4r8vSB/ktzINwPdxzq0BqNjytgIYvmbL3QR+AiH7Q6IHEj13BbyTino
dEJIB5rqZo1ekLQjEHfKJmN+qAr8HSt/G9yf2Fjp9LALbMOsNvQzpB7Ffc191AL4
Cb8vS/6/FVf4Xe5x8RCAIYTZsqRtaPn3Rqu/EiL63UX5S1ZjyfLSVXvHN9JjB1be
G9VSRrYChRv6xAqR8ILqRV4NqLGzoleSQACgRnzgLAQMqmBm0czbCwZQqlMQE4Ho
gBUgCXnmuI8sK+YBTNsnnmypq5Wgx7D0xWvBIo7lVXj0Jrsv7LSNRsyM1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBjVCTUQ1SDLeeRYV3qNskpU4h2MB8GA1UdIwQY
MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt
ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl
LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJBwWQt9G
3BoFp6XE2A4JN4gZw2ciMPYinOR3LasaVq55OLcUzM6ByY+GYYjuVY2HMakXEClS
f15D4z0apGc35PbxLWREq1esXtaSUHfL9r1B7oeC+uX/9GgY1YyrUYhD5EglqHqD
W9pybzKEFMBCWYVxN4TwGCVcF7TdigInHbP9ihgScisse0vz7aB9q/0AAZkVjrLl
NhuTKb/Kip0Vl8pLYH7aibDtTTvjYeBQHenT3vYXj77YjqN1WBjaFUkMI/8emtAT
4JvyxyC8zYQxfxdQl4rNra4kZ/nwfHUjaRqVUniW1tWezLYTOtXKVBFGFhUS2P3w
8OU/00dfVfmIDw==
-----END CERTIFICATE-----