Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
File:                     aesKgBz9tLWANaXQdaKQSy6qX5E.mft (raw, json)
Hash identifier:          lVTOrjaV3RWGBIVIyIROtcomDRnmhO6n1Y4MLtW6czo=
Subject key identifier:   48:9F:1E:25:75:B5:41:4C:9F:CE:0F:7A:ED:02:1E:68:2D:92:DA:D9
Authority key identifier: 69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91
Certificate issuer:       /CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
Certificate serial:       0197488C74CDF97DC007BAD6FB91B66C6291
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 04:00:53 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:53 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:53 +0000
Files and hashes:         1: aesKgBz9tLWANaXQdaKQSy6qX5E.crl (hash: hR+nHflP5f3RxgBK4a+CWeWkYmSCq8Z7seivgQdS/ng=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 04:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:74:cd:f9:7d:c0:07:ba:d6:fb:91:b6:6c:62:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69eb0a801cfdb4b58035a5d075a2904b2eaa5f91
        Validity
            Not Before: Jun  7 04:00:53 2025 GMT
            Not After : Jun  8 04:00:53 2025 GMT
        Subject: CN=489f1e2575b5414c9fce0f7aed021e682d92dad9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:94:2a:31:ab:19:72:75:10:23:79:ed:99:8f:
                    c8:a3:bd:6b:e4:f5:aa:01:7d:34:c5:bf:a3:e4:37:
                    0d:12:1b:d3:27:30:fe:04:4b:ba:d9:38:9d:02:1a:
                    5d:99:2d:81:ae:54:e9:98:d5:dc:1b:52:df:c7:d5:
                    1a:df:32:a4:31:25:b2:6e:b2:12:a1:3b:64:24:83:
                    94:20:6f:5c:6d:2d:34:9d:77:ac:4f:7f:07:5a:9e:
                    b5:5d:96:4a:1b:ff:61:c0:ad:da:05:b0:7d:38:b6:
                    50:25:81:d0:3b:8f:65:17:3d:47:d7:6c:f7:0d:35:
                    11:06:6c:5f:fc:f8:cf:59:08:9e:26:29:f0:f3:ba:
                    95:ba:4f:f6:96:6b:47:46:d7:7e:e7:f8:eb:8c:27:
                    4b:83:e3:7f:df:4d:3c:c7:09:10:e2:1f:af:b7:72:
                    10:be:b3:5b:41:d6:08:ef:db:04:31:37:41:ac:ed:
                    50:66:ce:ce:63:48:30:73:f0:08:a5:0e:b4:41:21:
                    39:e5:61:60:75:04:ef:42:c8:60:2e:6c:ec:5c:3e:
                    79:de:62:f4:d2:4a:02:e6:15:7c:bc:60:85:29:02:
                    c1:9c:52:7e:99:a0:f3:b5:ee:21:39:6b:65:09:20:
                    f4:07:a6:ae:b3:55:75:48:59:2f:2f:3c:7a:76:56:
                    f8:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:9F:1E:25:75:B5:41:4C:9F:CE:0F:7A:ED:02:1E:68:2D:92:DA:D9
            X509v3 Authority Key Identifier:
                keyid:69:EB:0A:80:1C:FD:B4:B5:80:35:A5:D0:75:A2:90:4B:2E:AA:5F:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aesKgBz9tLWANaXQdaKQSy6qX5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/3bab57-db3b-4be8-b279-00f56f4721c2/1/aesKgBz9tLWANaXQdaKQSy6qX5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:1f:92:72:49:77:16:70:10:16:83:c8:1e:6b:05:7d:69:ec:
         df:32:a6:43:af:c3:07:3e:9d:9b:fe:8a:31:82:b7:4a:9d:50:
         33:4a:18:06:c1:0d:ef:6a:84:86:df:a6:73:e3:4f:f9:6a:f0:
         9f:38:78:cf:9f:77:36:79:2c:76:d3:c7:c2:54:ec:2c:32:a7:
         76:81:57:1a:50:17:a1:7c:2d:4a:d9:c2:1e:4a:7b:d3:60:ae:
         5b:d6:c0:1c:a0:23:21:60:b0:e5:95:56:10:e1:56:ef:25:8d:
         e8:bb:10:c4:17:98:be:ad:0a:fe:80:11:cb:3c:a4:8d:34:a3:
         66:9b:02:cc:94:0d:69:8c:d2:5c:9d:d0:5e:07:e5:11:89:b2:
         80:9f:30:04:a5:a1:fa:8b:d4:72:00:67:df:d0:9b:a4:9b:22:
         ca:30:c1:07:09:c3:8e:f5:76:29:17:d4:d5:cd:24:d4:82:d6:
         4e:c1:c2:0b:ba:53:36:54:b2:d3:65:2b:2e:01:9b:a3:f8:9a:
         af:3e:a8:5e:ce:69:05:33:cc:ae:c8:3b:6a:d5:f2:ec:61:4a:
         7f:29:de:7d:2d:c0:2a:86:dc:63:72:83:a4:66:af:2a:5b:6a:
         21:97:53:91:cf:9d:02:5b:9e:20:45:c0:f0:7c:6d:e0:8d:6e:
         5c:f8:cc:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjHTN+X3AB7rW+5G2bGKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZWIwYTgwMWNmZGI0YjU4MDM1YTVkMDc1YTI5MDRiMmVh
YTVmOTEwHhcNMjUwNjA3MDQwMDUzWhcNMjUwNjA4MDQwMDUzWjAzMTEwLwYDVQQD
Eyg0ODlmMWUyNTc1YjU0MTRjOWZjZTBmN2FlZDAyMWU2ODJkOTJkYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15QqMasZcnUQI3ntmY/Io71r5PWq
AX00xb+j5DcNEhvTJzD+BEu62TidAhpdmS2BrlTpmNXcG1Lfx9Ua3zKkMSWybrIS
oTtkJIOUIG9cbS00nXesT38HWp61XZZKG/9hwK3aBbB9OLZQJYHQO49lFz1H12z3
DTURBmxf/PjPWQieJinw87qVuk/2lmtHRtd+5/jrjCdLg+N/3008xwkQ4h+vt3IQ
vrNbQdYI79sEMTdBrO1QZs7OY0gwc/AIpQ60QSE55WFgdQTvQshgLmzsXD553mL0
0koC5hV8vGCFKQLBnFJ+maDzte4hOWtlCSD0B6aus1V1SFkvLzx6dlb4OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEifHiV1tUFMn84Peu0CHmgtktrZMB8GA1UdIwQY
MBaAFGnrCoAc/bS1gDWl0HWikEsuql+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzkt
MDBmNTZmNDcyMWMyLzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8zYmFiNTctZGIzYi00YmU4LWIyNzktMDBmNTZmNDcyMWMy
LzEvYWVzS2dCejl0TFdBTmFYUWRhS1FTeTZxWDVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyB+Sckl3
FnAQFoPIHmsFfWns3zKmQ6/DBz6dm/6KMYK3Sp1QM0oYBsEN72qEht+mc+NP+Wrw
nzh4z593NnksdtPHwlTsLDKndoFXGlAXoXwtStnCHkp702CuW9bAHKAjIWCw5ZVW
EOFW7yWN6LsQxBeYvq0K/oARyzykjTSjZpsCzJQNaYzSXJ3QXgflEYmygJ8wBKWh
+ovUcgBn39CbpJsiyjDBBwnDjvV2KRfU1c0k1ILWTsHCC7pTNlSy02UrLgGbo/ia
rz6oXs5pBTPMrsg7atXy7GFKfynefS3AKobcY3KDpGavKltqIZdTkc+dAlueIEXA
8Hxt4I1uXPjMCg==
-----END CERTIFICATE-----