Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          dIfsvFdOw83FhFzUgLPsztbqOFOvZuuOrW4r2QVWxI8=
Subject key identifier:   AD:D9:98:EA:04:F0:2B:B9:8A:31:3A:43:D4:EB:80:74:A0:BC:45:58
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       01964C6B3067F1A964263DA08EE6035EB8F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          10F8
Signing time:             Sat 19 Apr 2025 05:00:15 +0000
Manifest this update:     Sat 19 Apr 2025 05:00:15 +0000
Manifest next update:     Sun 20 Apr 2025 05:00:15 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: mlmylNK9SEGj+FglKhuJppVWHhbHXMFhDaOvgtqSvsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:6b:30:67:f1:a9:64:26:3d:a0:8e:e6:03:5e:b8:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Apr 19 05:00:15 2025 GMT
            Not After : Apr 20 05:00:15 2025 GMT
        Subject: CN=add998ea04f02bb98a313a43d4eb8074a0bc4558
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c1:38:f6:8f:36:96:b9:90:df:3b:1c:3e:cf:
                    20:05:5f:2a:39:80:a5:53:61:95:0a:cb:33:46:5c:
                    a9:14:39:ac:59:dd:9e:6f:31:2b:d5:84:ec:b2:4d:
                    b9:9f:01:4b:56:51:67:e7:3c:34:9e:b3:b6:2d:d7:
                    e6:5d:5a:59:71:11:53:78:f0:11:c0:5f:da:85:96:
                    0d:6d:45:66:47:01:cc:6a:5c:39:53:98:5a:38:22:
                    9a:20:49:c1:e6:8f:d1:17:59:8b:21:9a:30:f0:ae:
                    92:00:be:f8:ed:7c:37:2c:90:8a:b7:9d:8c:5a:ee:
                    33:e9:2b:8a:19:4d:b2:d2:a5:83:24:b6:15:a1:19:
                    47:68:eb:7c:c8:82:58:ca:3c:8a:b3:e7:69:bd:fe:
                    14:66:d6:8f:f8:51:c0:d2:88:14:67:f7:ab:f7:94:
                    39:59:2c:18:06:43:ab:02:fc:29:77:ac:93:56:88:
                    1d:47:27:dc:28:bc:28:7a:97:bf:a6:5b:b3:ce:9d:
                    ed:41:07:e5:f7:29:74:3e:cd:86:0a:6a:3c:0e:98:
                    6c:90:80:66:02:d8:35:1e:ab:98:c2:bb:02:d5:e3:
                    b5:42:35:89:31:4e:3c:f5:0e:b3:e5:dc:20:12:dc:
                    3e:67:78:49:ad:2e:89:4e:ad:09:8f:4d:bd:f8:0f:
                    2d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:D9:98:EA:04:F0:2B:B9:8A:31:3A:43:D4:EB:80:74:A0:BC:45:58
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:33:a7:71:fd:80:4e:a3:8d:03:3e:09:87:f2:82:85:c2:b7:
         a3:06:01:6f:0d:5c:88:48:2b:82:2e:7c:b5:de:29:71:08:88:
         ad:ae:cc:32:36:72:ae:78:73:5f:dd:80:58:2b:13:72:32:a4:
         aa:0e:a5:ef:f2:b9:27:35:10:3f:4b:67:38:67:ec:11:dd:f4:
         c0:6b:ab:c5:cf:2c:25:85:51:19:d6:d9:0a:9b:ad:e5:b4:51:
         54:1c:fa:5a:39:7e:66:bb:43:ff:f9:2a:d1:2f:d9:bb:8d:d5:
         15:e6:07:1b:f0:79:ee:19:1e:4f:cb:af:7f:8c:71:5c:f3:cc:
         33:c1:9e:c9:3e:19:60:33:99:59:13:be:2f:89:97:39:6d:22:
         1e:56:ab:67:f5:76:d4:12:8d:8d:77:b6:50:aa:2b:16:18:bb:
         9e:36:57:70:0a:89:c8:42:9b:79:e9:59:94:a1:c9:5b:77:86:
         12:56:95:17:98:df:39:a1:2f:87:d0:98:d7:df:23:27:6d:f0:
         97:db:71:71:0d:0e:d8:2c:a9:0c:0b:72:f2:d7:17:7e:f8:21:
         f5:11:71:73:b0:81:94:d5:b2:45:46:72:42:2a:bb:b1:04:3c:
         fc:b1:a4:7d:90:a8:92:be:47:ae:a2:e2:24:05:1e:5a:f3:b5:
         70:8a:f1:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMazBn8alkJj2gjuYDXrjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjUwNDE5MDUwMDE1WhcNMjUwNDIwMDUwMDE1WjAzMTEwLwYDVQQD
EyhhZGQ5OThlYTA0ZjAyYmI5OGEzMTNhNDNkNGViODA3NGEwYmM0NTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcE49o82lrmQ3zscPs8gBV8qOYCl
U2GVCsszRlypFDmsWd2ebzEr1YTssk25nwFLVlFn5zw0nrO2LdfmXVpZcRFTePAR
wF/ahZYNbUVmRwHMalw5U5haOCKaIEnB5o/RF1mLIZow8K6SAL747Xw3LJCKt52M
Wu4z6SuKGU2y0qWDJLYVoRlHaOt8yIJYyjyKs+dpvf4UZtaP+FHA0ogUZ/er95Q5
WSwYBkOrAvwpd6yTVogdRyfcKLwoepe/pluzzp3tQQfl9yl0Ps2GCmo8DphskIBm
Atg1HquYwrsC1eO1QjWJMU489Q6z5dwgEtw+Z3hJrS6JTq0Jj029+A8tjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3ZmOoE8Cu5ijE6Q9TrgHSgvEVYMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTOncf2A
TqONAz4Jh/KChcK3owYBbw1ciEgrgi58td4pcQiIra7MMjZyrnhzX92AWCsTcjKk
qg6l7/K5JzUQP0tnOGfsEd30wGurxc8sJYVRGdbZCput5bRRVBz6Wjl+ZrtD//kq
0S/Zu43VFeYHG/B57hkeT8uvf4xxXPPMM8GeyT4ZYDOZWRO+L4mXOW0iHlarZ/V2
1BKNjXe2UKorFhi7njZXcAqJyEKbeelZlKHJW3eGElaVF5jfOaEvh9CY198jJ23w
l9txcQ0O2CypDAty8tcXfvgh9RFxc7CBlNWyRUZyQiq7sQQ8/LGkfZCokr5HrqLi
JAUeWvO1cIrxQg==
-----END CERTIFICATE-----