Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
File:                     A2hHspcjX68HFob-0sHpEL9gBIY.mft (raw, json)
Hash identifier:          QDXzWmtOLoV3+yeDCoBKVSZoQvgb9ZpOJkw8jbdvayw=
Subject key identifier:   05:AB:E5:B4:08:8B:C1:3F:0A:D0:93:BF:7A:F2:80:26:B2:2D:63:7E
Authority key identifier: 03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86
Certificate issuer:       /CN=036847b297235faf071686fed2c1e910bf600486
Certificate serial:       0197CBDEE1AD4D4944906977D50A3964E638
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
Manifest number:          1250
Signing time:             Wed 02 Jul 2025 16:01:10 +0000
Manifest this update:     Wed 02 Jul 2025 16:01:10 +0000
Manifest next update:     Thu 03 Jul 2025 16:01:10 +0000
Files and hashes:         1: A2hHspcjX68HFob-0sHpEL9gBIY.crl (hash: E/MenygGPBiNncMDeqSuFN8qxQd1fI8JdSIHRkTB5M4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 16:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:cb:de:e1:ad:4d:49:44:90:69:77:d5:0a:39:64:e6:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=036847b297235faf071686fed2c1e910bf600486
        Validity
            Not Before: Jul  2 16:01:10 2025 GMT
            Not After : Jul  3 16:01:10 2025 GMT
        Subject: CN=05abe5b4088bc13f0ad093bf7af28026b22d637e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c6:eb:bd:98:96:a6:ec:f6:63:04:23:35:9d:
                    2a:31:ea:21:ef:59:10:2e:3c:9a:b2:d1:bc:6b:d3:
                    84:52:47:5d:42:11:bc:0e:cb:db:85:2a:02:b3:85:
                    61:a0:90:c5:4b:72:98:0c:5a:84:d7:85:03:8c:c3:
                    01:cb:9e:8e:aa:01:40:df:aa:81:cf:a8:b5:4d:84:
                    00:f1:de:a3:10:1e:3d:b2:27:c9:68:5b:72:41:60:
                    00:31:2b:be:c5:32:15:5a:d9:60:4e:8e:67:b5:b8:
                    03:88:34:e3:1b:b7:77:c5:3c:bd:ae:7f:f9:ce:b9:
                    d8:7e:0d:a1:cd:71:93:99:03:d0:39:4e:5a:10:d6:
                    09:82:21:28:4e:83:a0:97:47:f4:72:14:de:b2:0f:
                    3b:0c:e7:6f:0e:2b:33:46:2d:68:64:6c:42:9c:ab:
                    ed:37:52:2e:7f:3a:bc:09:1a:14:eb:08:ad:e3:69:
                    81:16:2e:73:c1:fe:36:3b:ba:09:e6:89:49:9a:7c:
                    3d:66:7a:24:89:d8:af:4c:eb:8a:52:17:29:62:15:
                    67:55:fd:70:09:5a:66:7f:b1:93:4c:4c:1e:d1:5d:
                    91:2f:fc:f3:b1:33:55:83:2d:15:49:ab:a4:80:d6:
                    3c:70:77:06:b5:10:29:2d:fe:c9:85:8b:aa:f2:c8:
                    10:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:AB:E5:B4:08:8B:C1:3F:0A:D0:93:BF:7A:F2:80:26:B2:2D:63:7E
            X509v3 Authority Key Identifier:
                keyid:03:68:47:B2:97:23:5F:AF:07:16:86:FE:D2:C1:E9:10:BF:60:04:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2hHspcjX68HFob-0sHpEL9gBIY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/44b797-cd5b-4ded-a562-bdd7328e94cb/1/A2hHspcjX68HFob-0sHpEL9gBIY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:e5:c8:ba:c6:ab:54:79:2a:d0:ba:62:79:ed:cc:31:c0:98:
         0a:4a:9d:d4:71:3d:44:e8:b0:b1:06:82:a8:f9:42:8a:4c:8a:
         6c:6b:59:20:f1:62:8a:a2:25:88:48:f5:66:c2:2d:cc:ad:9f:
         44:44:cc:f6:7d:33:46:bb:67:5c:3c:c3:e4:73:9f:d9:75:ec:
         d8:64:b5:86:ca:8b:45:45:c5:02:dc:d3:f3:0a:d0:ce:9f:e5:
         37:9c:9a:7b:24:f1:40:bc:14:1d:b5:05:9d:81:28:6f:d4:d5:
         a7:36:d2:3a:3a:f4:48:c0:61:aa:f0:f9:42:15:f2:a2:38:a0:
         8e:64:2b:f8:49:09:6a:f6:09:3d:75:02:05:e8:dd:90:13:60:
         71:4d:fa:39:91:48:0f:85:6f:49:87:10:35:e2:f8:8f:7e:a7:
         cb:3f:86:81:43:64:6a:9e:2a:e6:36:eb:3f:0b:ae:57:a8:2b:
         d1:07:ee:b0:2b:71:b3:02:ad:39:c5:31:18:91:b3:cb:b0:15:
         d3:a5:75:69:47:6f:03:ae:73:2f:ed:38:16:f1:cb:5c:1f:57:
         3d:9c:79:b6:eb:bf:14:59:6e:07:76:05:7b:af:0a:af:cf:c4:
         62:c8:a6:f1:c5:24:20:8e:34:11:ac:11:06:fc:31:f2:97:2e:
         da:c0:cd:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfL3uGtTUlEkGl31Qo5ZOY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjg0N2IyOTcyMzVmYWYwNzE2ODZmZWQyYzFlOTEwYmY2
MDA0ODYwHhcNMjUwNzAyMTYwMTEwWhcNMjUwNzAzMTYwMTEwWjAzMTEwLwYDVQQD
EygwNWFiZTViNDA4OGJjMTNmMGFkMDkzYmY3YWYyODAyNmIyMmQ2MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcbrvZiWpuz2YwQjNZ0qMeoh71kQ
LjyastG8a9OEUkddQhG8DsvbhSoCs4VhoJDFS3KYDFqE14UDjMMBy56OqgFA36qB
z6i1TYQA8d6jEB49sifJaFtyQWAAMSu+xTIVWtlgTo5ntbgDiDTjG7d3xTy9rn/5
zrnYfg2hzXGTmQPQOU5aENYJgiEoToOgl0f0chTesg87DOdvDiszRi1oZGxCnKvt
N1Iufzq8CRoU6wit42mBFi5zwf42O7oJ5olJmnw9ZnokidivTOuKUhcpYhVnVf1w
CVpmf7GTTEwe0V2RL/zzsTNVgy0VSaukgNY8cHcGtRApLf7JhYuq8sgQ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWr5bQIi8E/CtCTv3rygCayLWN+MB8GA1UdIwQY
MBaAFANoR7KXI1+vBxaG/tLB6RC/YASGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjIt
YmRkNzMyOGU5NGNiLzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS80NGI3OTctY2Q1Yi00ZGVkLWE1NjItYmRkNzMyOGU5NGNi
LzEvQTJoSHNwY2pYNjhIRm9iLTBzSHBFTDlnQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfuXIusar
VHkq0Lpiee3MMcCYCkqd1HE9ROiwsQaCqPlCikyKbGtZIPFiiqIliEj1ZsItzK2f
RETM9n0zRrtnXDzD5HOf2XXs2GS1hsqLRUXFAtzT8wrQzp/lN5yaeyTxQLwUHbUF
nYEob9TVpzbSOjr0SMBhqvD5QhXyojigjmQr+EkJavYJPXUCBejdkBNgcU36OZFI
D4VvSYcQNeL4j36nyz+GgUNkap4q5jbrPwuuV6gr0QfusCtxswKtOcUxGJGzy7AV
06V1aUdvA65zL+04FvHLXB9XPZx5tuu/FFluB3YFe68Kr8/EYsim8cUkII40EawR
Bvwx8pcu2sDNiA==
-----END CERTIFICATE-----