Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          Yjo9bYSpc2Fq0N+JpvE49IYM0qqG0IgTp4mSbJiKAns=
Subject key identifier:   AF:93:EE:69:74:B0:74:E6:E8:0F:54:B3:C3:46:97:6F:A7:D8:EC:2B
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       01974967B4C6952AE1D8A60DF9C8EA497D82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          117B
Signing time:             Sat 07 Jun 2025 08:00:22 +0000
Manifest this update:     Sat 07 Jun 2025 08:00:22 +0000
Manifest next update:     Sun 08 Jun 2025 08:00:22 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: 4G5lnvS3qBiT+XnOWgnsQNsje93ynUYam/FzwU1fODU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 08:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:67:b4:c6:95:2a:e1:d8:a6:0d:f9:c8:ea:49:7d:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Jun  7 08:00:22 2025 GMT
            Not After : Jun  8 08:00:22 2025 GMT
        Subject: CN=af93ee6974b074e6e80f54b3c346976fa7d8ec2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:11:8a:4f:7f:3f:86:6d:fe:92:27:c4:97:7b:
                    b8:38:be:76:1e:13:d9:19:69:20:03:e4:20:4e:b6:
                    53:8c:41:76:3f:83:c3:3f:f6:58:a2:4d:e5:10:7c:
                    8f:08:b5:08:3c:a3:d5:0e:e2:c2:b7:8f:c6:d3:18:
                    f9:49:25:ad:31:30:40:cd:11:08:02:23:d2:e4:96:
                    5c:e5:c3:8d:11:25:fb:be:7e:d5:d8:a8:f6:30:b0:
                    1c:bc:9b:55:be:05:07:6b:81:fd:ca:2c:e2:ee:46:
                    1a:3d:ed:56:4a:49:48:26:5a:47:d1:bf:c7:8a:7f:
                    4c:e1:b6:12:e0:49:07:61:91:18:8e:45:e2:3d:fa:
                    2b:c2:77:8e:e4:b4:26:00:cb:01:87:f7:80:0e:1e:
                    39:7b:ec:f1:e6:45:b5:08:9e:a3:67:a9:5e:62:7a:
                    05:fd:f9:15:8b:11:a3:44:91:d6:06:ad:a3:c6:7d:
                    b2:14:c8:20:87:91:3b:3a:60:e6:37:bb:ea:dc:61:
                    70:8b:35:0c:e7:e5:06:b6:94:cd:a2:2c:ec:e4:4c:
                    1e:dc:33:1f:9d:ea:36:99:3b:ab:53:5b:7b:07:50:
                    b1:fb:3a:d5:1a:9d:b9:5a:e8:70:82:fd:85:8d:68:
                    24:d6:50:fe:ca:67:a3:87:89:60:a4:6b:58:97:9b:
                    fb:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:93:EE:69:74:B0:74:E6:E8:0F:54:B3:C3:46:97:6F:A7:D8:EC:2B
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e5:b3:6b:ea:05:33:7a:76:b5:17:de:45:75:a1:b3:2c:8f:ff:
         0e:ff:e5:c8:1e:32:6c:ce:17:2a:30:57:f4:96:e1:5f:5a:b3:
         2b:ff:03:20:13:04:c7:ef:31:62:25:43:ae:3e:0e:fb:ab:84:
         d4:c0:79:d1:fd:e3:30:2f:c1:75:cd:9a:74:07:d3:3f:4d:2e:
         26:45:82:64:e0:2e:34:18:73:18:1a:d1:2a:31:d5:03:eb:08:
         b6:64:1c:e5:1c:fd:c2:4d:07:96:84:af:78:e3:01:8f:d6:86:
         fd:54:81:0e:f4:81:2e:5b:74:79:4a:41:49:29:1e:a6:af:6b:
         b8:e2:c9:79:8c:6c:a4:42:47:f4:64:46:64:75:b4:df:a1:f3:
         04:f3:3c:4f:2f:4c:90:0e:b3:aa:6a:10:31:c5:b2:1b:f1:55:
         b3:6b:4e:5d:29:b7:02:54:6e:07:46:db:01:b3:d1:88:88:a7:
         77:df:4f:e2:28:46:19:59:d5:61:9a:1f:38:31:53:ec:67:31:
         1e:c5:b1:8f:2c:a5:ad:e1:d7:44:02:ff:a2:68:63:c1:ca:26:
         53:89:c4:f8:50:c7:c4:43:02:c8:11:5e:6d:d9:29:0e:44:2a:
         4c:94:ea:e1:b7:5f:a4:53:1f:6f:28:16:ff:da:e2:c7:48:f0:
         c6:cd:5f:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJZ7TGlSrh2KYN+cjqSX2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjUwNjA3MDgwMDIyWhcNMjUwNjA4MDgwMDIyWjAzMTEwLwYDVQQD
EyhhZjkzZWU2OTc0YjA3NGU2ZTgwZjU0YjNjMzQ2OTc2ZmE3ZDhlYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxGKT38/hm3+kifEl3u4OL52HhPZ
GWkgA+QgTrZTjEF2P4PDP/ZYok3lEHyPCLUIPKPVDuLCt4/G0xj5SSWtMTBAzREI
AiPS5JZc5cONESX7vn7V2Kj2MLAcvJtVvgUHa4H9yizi7kYaPe1WSklIJlpH0b/H
in9M4bYS4EkHYZEYjkXiPforwneO5LQmAMsBh/eADh45e+zx5kW1CJ6jZ6leYnoF
/fkVixGjRJHWBq2jxn2yFMggh5E7OmDmN7vq3GFwizUM5+UGtpTNoizs5Ewe3DMf
neo2mTurU1t7B1Cx+zrVGp25Wuhwgv2FjWgk1lD+ymejh4lgpGtYl5v7KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK+T7ml0sHTm6A9Us8NGl2+n2OwrMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA5bNr6gUz
ena1F95FdaGzLI//Dv/lyB4ybM4XKjBX9JbhX1qzK/8DIBMEx+8xYiVDrj4O+6uE
1MB50f3jMC/Bdc2adAfTP00uJkWCZOAuNBhzGBrRKjHVA+sItmQc5Rz9wk0HloSv
eOMBj9aG/VSBDvSBLlt0eUpBSSkepq9ruOLJeYxspEJH9GRGZHW036HzBPM8Ty9M
kA6zqmoQMcWyG/FVs2tOXSm3AlRuB0bbAbPRiIind99P4ihGGVnVYZofODFT7Gcx
HsWxjyylreHXRAL/omhjwcomU4nE+FDHxEMCyBFebdkpDkQqTJTq4bdfpFMfbygW
/9rix0jwxs1frw==
-----END CERTIFICATE-----