Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          FAvwzP4fFmtTEDLKiOFHCxXfimnQtlv2cn88104nxiE=
Subject key identifier:   8B:6C:BD:41:A8:10:4D:FA:3B:7F:1F:31:DA:98:CF:39:BD:24:56:08
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       01974DB2579DAE6832B9CD093E9722AFF437
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          157C
Signing time:             Sun 08 Jun 2025 04:00:22 +0000
Manifest this update:     Sun 08 Jun 2025 04:00:22 +0000
Manifest next update:     Mon 09 Jun 2025 04:00:22 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: H6cEpu93b8+SHy8hoXjrfou285YmO2DahEytbF1qzjo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:b2:57:9d:ae:68:32:b9:cd:09:3e:97:22:af:f4:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Jun  8 04:00:22 2025 GMT
            Not After : Jun  9 04:00:22 2025 GMT
        Subject: CN=8b6cbd41a8104dfa3b7f1f31da98cf39bd245608
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2a:ea:1c:08:38:00:d1:53:0c:ff:74:4f:9e:
                    a6:f3:b5:e8:9b:31:95:7b:ac:38:28:da:1f:c0:04:
                    ab:10:c9:23:65:69:93:cd:f9:f9:cc:9c:37:93:a8:
                    3a:4c:97:26:7f:67:d8:11:20:31:12:60:ab:52:47:
                    fd:e5:fb:83:d8:28:9f:08:31:66:4a:39:a6:6f:a4:
                    4c:97:fe:89:5e:f3:68:29:fd:99:af:ad:3d:88:20:
                    51:b6:d7:d0:95:b8:c6:16:90:e0:e5:1f:40:44:76:
                    da:c5:f0:c4:97:bc:09:33:18:95:bb:dd:db:63:4f:
                    48:a3:23:1d:6c:d7:56:1f:c4:4b:67:06:00:6a:f3:
                    9b:99:f8:63:00:19:19:9d:a7:64:30:8a:dd:27:b7:
                    dd:36:7b:d5:c0:8e:d2:66:3d:25:40:cd:71:b0:56:
                    7d:86:74:b4:58:34:32:46:7c:56:f3:46:46:79:80:
                    b3:62:6d:98:77:d8:46:56:86:d5:46:33:18:3f:bb:
                    cd:6b:08:b8:08:0b:80:59:b0:c0:c0:58:20:87:2d:
                    56:ba:6b:97:c8:cf:0c:52:45:61:62:62:8c:b5:a6:
                    9b:e4:35:ee:60:eb:e3:06:20:5c:21:e5:6a:a9:15:
                    68:0d:e5:43:6e:b3:9b:4d:29:cf:71:cd:d8:de:ae:
                    94:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:6C:BD:41:A8:10:4D:FA:3B:7F:1F:31:DA:98:CF:39:BD:24:56:08
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:5d:47:c9:55:c6:27:d2:77:3e:95:33:c1:57:63:42:5d:c4:
         11:e0:09:5d:a4:6f:bb:f7:82:fc:38:bc:50:9a:f9:3e:7c:82:
         ac:9e:02:57:a1:ec:c5:4c:9e:8b:55:cf:23:50:c3:eb:b6:62:
         5a:d5:b1:b2:14:cb:38:d8:6f:ba:31:4e:b5:f9:db:a6:a3:21:
         d9:c9:32:22:43:f2:aa:08:c8:84:f7:29:b5:73:75:54:7d:20:
         ec:2a:4d:c4:0a:e5:9c:54:8c:71:c2:95:3d:58:44:66:82:09:
         9a:42:78:e2:b1:e7:a3:8a:83:ac:07:1b:cb:5d:5a:19:15:fe:
         eb:66:20:5b:83:d8:49:5b:f7:5a:db:f2:40:83:36:bb:ed:a1:
         4e:a8:62:5d:d2:28:e7:47:08:89:c6:23:24:b4:e4:01:54:e8:
         1d:54:b3:23:75:e7:03:15:16:5f:28:0e:f3:b4:59:01:7c:e5:
         0b:3a:51:ac:4c:8f:db:78:1a:05:58:06:f0:84:cd:cc:40:44:
         6c:33:7b:e9:91:bd:c3:a3:2f:aa:7b:71:72:95:df:4d:6d:6c:
         7a:78:88:16:be:85:31:cc:48:fd:3d:cd:a4:85:7f:78:e4:9b:
         a3:d8:83:9e:ea:77:bb:eb:7d:62:43:45:53:78:dd:2f:c4:a6:
         df:ca:0f:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNsledrmgyuc0JPpcir/Q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjUwNjA4MDQwMDIyWhcNMjUwNjA5MDQwMDIyWjAzMTEwLwYDVQQD
Eyg4YjZjYmQ0MWE4MTA0ZGZhM2I3ZjFmMzFkYTk4Y2YzOWJkMjQ1NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SrqHAg4ANFTDP90T56m87XomzGV
e6w4KNofwASrEMkjZWmTzfn5zJw3k6g6TJcmf2fYESAxEmCrUkf95fuD2CifCDFm
Sjmmb6RMl/6JXvNoKf2Zr609iCBRttfQlbjGFpDg5R9ARHbaxfDEl7wJMxiVu93b
Y09IoyMdbNdWH8RLZwYAavObmfhjABkZnadkMIrdJ7fdNnvVwI7SZj0lQM1xsFZ9
hnS0WDQyRnxW80ZGeYCzYm2Yd9hGVobVRjMYP7vNawi4CAuAWbDAwFgghy1WumuX
yM8MUkVhYmKMtaab5DXuYOvjBiBcIeVqqRVoDeVDbrObTSnPcc3Y3q6UhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItsvUGoEE36O38fMdqYzzm9JFYIMB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWV1HyVXG
J9J3PpUzwVdjQl3EEeAJXaRvu/eC/Di8UJr5PnyCrJ4CV6HsxUyei1XPI1DD67Zi
WtWxshTLONhvujFOtfnbpqMh2ckyIkPyqgjIhPcptXN1VH0g7CpNxArlnFSMccKV
PVhEZoIJmkJ44rHno4qDrAcby11aGRX+62YgW4PYSVv3WtvyQIM2u+2hTqhiXdIo
50cIicYjJLTkAVToHVSzI3XnAxUWXygO87RZAXzlCzpRrEyP23gaBVgG8ITNzEBE
bDN76ZG9w6MvqntxcpXfTW1seniIFr6FMcxI/T3NpIV/eOSbo9iDnup3u+t9YkNF
U3jdL8Sm38oPIw==
-----END CERTIFICATE-----