Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
File:                     AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json)
Hash identifier:          kxQNbTKzKhKFIp9VcNB14deNMl/D1VHKksX9WGmPY00=
Subject key identifier:   53:93:29:F2:72:EC:18:4E:DD:EB:65:23:76:AC:A8:47:75:3E:37:31
Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
Certificate issuer:       /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Certificate serial:       01974A7B1A0D3F5520966A1D616400C67B75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 13:01:10 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:10 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:10 +0000
Files and hashes:         1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: /fcyYRrg0qwt3NiUSggc7TlaaDDLpnVReoFTGqwVXQ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:1a:0d:3f:55:20:96:6a:1d:61:64:00:c6:7b:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
        Validity
            Not Before: Jun  7 13:01:10 2025 GMT
            Not After : Jun  8 13:01:10 2025 GMT
        Subject: CN=539329f272ec184eddeb652376aca847753e3731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:c6:e6:f3:75:a8:51:25:40:32:0c:8c:51:5f:
                    af:cb:fd:cb:f1:fc:54:5e:e1:eb:81:ad:78:b3:18:
                    ff:9b:8c:46:1c:17:92:73:f3:45:03:9d:e1:0e:76:
                    7a:64:fc:7c:96:e8:f7:c0:7f:71:6e:fe:fd:de:bd:
                    ba:81:72:ac:d3:bf:ff:ba:a0:17:2a:c8:bc:6f:5a:
                    17:98:49:1d:a3:a8:00:8d:cb:a4:bc:90:1f:e2:6d:
                    25:67:27:41:41:66:2b:15:cc:10:9a:2d:a2:37:7a:
                    aa:e3:99:af:32:9e:e3:85:44:62:1d:95:87:e4:f7:
                    61:6b:d9:b4:8f:85:8f:d8:ef:c9:4f:79:0a:e2:f2:
                    94:47:6f:5b:5d:62:d2:c0:ca:98:2b:45:46:8f:ef:
                    ec:6c:cd:ec:0d:a4:25:7b:b2:e7:10:40:22:a6:a3:
                    ce:03:ca:7d:0f:13:1e:46:6b:38:63:2d:08:a9:ab:
                    22:0d:ef:b4:ce:45:bc:f0:33:cd:0c:1b:fa:15:91:
                    da:3c:c3:39:03:00:ec:ad:e3:6b:49:44:cd:98:24:
                    7d:81:0b:df:a7:47:8a:09:72:ec:0b:8a:d8:2e:dd:
                    53:9e:c2:3c:f9:57:4c:0e:03:d3:3d:53:7d:34:79:
                    16:9c:03:9b:5e:46:1e:e3:bd:52:60:22:10:47:f8:
                    1d:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:93:29:F2:72:EC:18:4E:DD:EB:65:23:76:AC:A8:47:75:3E:37:31
            X509v3 Authority Key Identifier:
                keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:0c:8b:0e:70:86:f7:7c:df:a8:71:f1:b9:8d:90:c5:d6:25:
         e8:b6:42:26:e7:f8:78:40:c9:31:dc:09:9b:d0:28:a1:45:0c:
         b3:1a:24:56:bc:1f:b4:74:5a:9d:aa:92:07:c2:4c:29:b8:cf:
         e0:16:1c:05:2f:5a:28:89:1c:7f:52:3c:6b:e3:23:ae:a5:ca:
         dc:45:a3:fa:35:86:1c:10:ac:ea:0f:5e:76:c6:83:6b:ba:c3:
         43:18:9c:51:2f:ba:4b:93:5c:b4:10:1e:3d:e2:77:09:85:14:
         c6:cb:f7:7c:6a:8a:87:b5:fb:b5:02:1e:da:42:f3:ba:35:fd:
         8c:8e:1b:4e:49:b7:07:fc:9a:76:ee:f7:53:a0:db:ab:68:cb:
         65:50:1c:7c:5b:ff:47:ae:02:6e:c9:bf:ae:92:fc:6e:42:d7:
         6c:ac:f6:97:16:a1:99:55:d2:80:6d:1f:12:76:cd:69:63:f4:
         20:7d:be:40:21:3f:d9:77:9a:cd:3e:7b:02:c1:8f:6c:81:55:
         94:1d:d6:a9:4b:7c:70:52:aa:cb:9c:d5:0b:b3:3f:04:06:5f:
         f9:a6:f3:00:71:31:3e:a4:c4:50:83:29:ee:6f:0e:b3:ca:fc:
         24:b7:ff:fc:14:55:1d:dc:3e:5a:1c:3e:c3:3d:36:f1:0d:db:
         33:c1:b2:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKexoNP1UglmodYWQAxnt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi
NzhhMDUwHhcNMjUwNjA3MTMwMTEwWhcNMjUwNjA4MTMwMTEwWjAzMTEwLwYDVQQD
Eyg1MzkzMjlmMjcyZWMxODRlZGRlYjY1MjM3NmFjYTg0Nzc1M2UzNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Mbm83WoUSVAMgyMUV+vy/3L8fxU
XuHrga14sxj/m4xGHBeSc/NFA53hDnZ6ZPx8luj3wH9xbv793r26gXKs07//uqAX
Ksi8b1oXmEkdo6gAjcukvJAf4m0lZydBQWYrFcwQmi2iN3qq45mvMp7jhURiHZWH
5Pdha9m0j4WP2O/JT3kK4vKUR29bXWLSwMqYK0VGj+/sbM3sDaQle7LnEEAipqPO
A8p9DxMeRms4Yy0IqasiDe+0zkW88DPNDBv6FZHaPMM5AwDsreNrSUTNmCR9gQvf
p0eKCXLsC4rYLt1TnsI8+VdMDgPTPVN9NHkWnAObXkYe471SYCIQR/gd0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOTKfJy7BhO3etlI3asqEd1PjcxMB8GA1UdIwQY
MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt
MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1
LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARAyLDnCG
93zfqHHxuY2QxdYl6LZCJuf4eEDJMdwJm9AooUUMsxokVrwftHRanaqSB8JMKbjP
4BYcBS9aKIkcf1I8a+MjrqXK3EWj+jWGHBCs6g9edsaDa7rDQxicUS+6S5NctBAe
PeJ3CYUUxsv3fGqKh7X7tQIe2kLzujX9jI4bTkm3B/yadu73U6Dbq2jLZVAcfFv/
R64Cbsm/rpL8bkLXbKz2lxahmVXSgG0fEnbNaWP0IH2+QCE/2XeazT57AsGPbIFV
lB3WqUt8cFKqy5zVC7M/BAZf+abzAHExPqTEUIMp7m8Os8r8JLf//BRVHdw+Whw+
wz028Q3bM8Gyqw==
-----END CERTIFICATE-----