Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
File:                     aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft (raw, json)
Hash identifier:          xMriGPelB9gTUZCzg5P0NOrZq0LHZ04TBtbdjK+MT8w=
Subject key identifier:   7C:3B:B5:86:05:AC:49:73:C0:B1:90:8B:51:83:D7:BA:A2:30:45:20
Authority key identifier: 68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71
Certificate issuer:       /CN=68a7472d53284095905ade203caf911cd1ac1771
Certificate serial:       01975E6F67F64204952BFAC14D667309F174
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
Manifest number:          022D
Signing time:             Wed 11 Jun 2025 10:00:48 +0000
Manifest this update:     Wed 11 Jun 2025 10:00:48 +0000
Manifest next update:     Thu 12 Jun 2025 10:00:48 +0000
Files and hashes:         1: aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl (hash: 84oaMjQ0WY81BRwPB6FQ6SxlIRZOh/KXHQq2SSCtFn0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 10:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:6f:67:f6:42:04:95:2b:fa:c1:4d:66:73:09:f1:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a7472d53284095905ade203caf911cd1ac1771
        Validity
            Not Before: Jun 11 10:00:48 2025 GMT
            Not After : Jun 12 10:00:48 2025 GMT
        Subject: CN=7c3bb58605ac4973c0b1908b5183d7baa2304520
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:43:51:85:b8:86:19:b3:82:6b:1e:00:f0:ff:
                    df:3d:64:ca:ed:27:17:46:a1:72:9a:fb:59:8d:a4:
                    7f:30:99:a4:0e:ff:db:a4:61:2d:1d:7c:b5:40:1b:
                    ba:7a:44:8e:be:6b:48:1f:5c:cf:dd:d5:b5:a5:d7:
                    94:35:1a:15:70:b8:2d:0e:83:98:c0:de:b3:fd:c1:
                    a6:b4:16:91:27:d2:6d:2e:f8:33:05:15:1b:15:72:
                    21:44:a8:92:58:e0:ec:d1:7c:70:c6:ce:77:04:a4:
                    b9:30:8f:aa:02:09:8e:4a:65:e3:d7:8b:0a:4c:35:
                    3a:54:59:35:29:59:4c:42:66:88:ac:9e:30:18:96:
                    ad:e7:8b:d7:c7:a1:e2:5c:7b:72:28:c0:2c:33:ec:
                    6f:cd:78:b1:f7:7e:df:c2:20:be:22:cd:76:55:d5:
                    83:25:e8:16:63:7d:ce:cb:6d:cc:8c:bf:c1:49:53:
                    5f:b0:d1:57:a8:e6:92:3f:b4:2c:e8:18:44:2c:1e:
                    0a:9c:85:c2:a4:d3:68:96:87:ea:3c:13:cf:b8:4f:
                    90:ff:d2:67:3c:e6:ba:35:8f:71:0a:b4:99:a4:07:
                    5c:76:70:50:4a:7c:ee:92:94:dc:d5:38:6f:af:15:
                    f3:71:d4:08:22:f9:3b:ce:9f:73:e6:8f:e7:5a:c9:
                    cd:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:3B:B5:86:05:AC:49:73:C0:B1:90:8B:51:83:D7:BA:A2:30:45:20
            X509v3 Authority Key Identifier:
                keyid:68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:ec:7b:27:37:71:02:d1:22:84:5e:ac:b1:93:f3:92:96:c1:
         4b:6f:53:be:21:55:56:41:42:6a:ee:be:a9:d4:00:21:9c:1b:
         98:b0:45:37:2c:32:4c:b9:cf:ab:04:04:40:d0:32:ff:f1:53:
         f6:2f:74:d2:3f:09:8c:01:27:db:1b:34:7b:b8:64:84:58:ba:
         bd:a1:f3:29:e4:62:ef:c0:e1:38:8a:7e:18:4d:1c:51:5b:90:
         17:08:5a:f2:b5:ac:be:49:87:ef:b4:02:c8:f2:68:29:37:2f:
         db:28:f3:00:1c:e3:73:fc:b6:a0:d5:04:06:51:1d:8e:16:a8:
         7d:17:79:4d:2d:6d:b8:37:b2:32:23:a5:f5:b4:dd:02:ee:bc:
         0e:97:47:d5:de:e0:a9:bd:c4:ee:47:14:0b:ab:71:cb:25:4d:
         02:9e:a5:5f:e0:38:28:d2:cc:6d:b0:2c:57:37:23:b0:c2:11:
         bd:6a:bd:62:c3:7b:6d:1b:03:99:2c:42:25:8b:bc:ed:5d:4a:
         4f:04:e1:f5:c4:1b:fb:15:a0:12:8b:d9:4d:db:9f:03:5d:d5:
         c2:34:c7:5a:34:56:9b:f5:bb:60:b1:84:b1:bc:a9:ef:73:aa:
         35:ee:16:1e:91:68:fa:55:47:ea:19:21:ad:8d:57:b4:cf:f9:
         20:c3:fd:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeb2f2QgSVK/rBTWZzCfF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTc0NzJkNTMyODQwOTU5MDVhZGUyMDNjYWY5MTFjZDFh
YzE3NzEwHhcNMjUwNjExMTAwMDQ4WhcNMjUwNjEyMTAwMDQ4WjAzMTEwLwYDVQQD
Eyg3YzNiYjU4NjA1YWM0OTczYzBiMTkwOGI1MTgzZDdiYWEyMzA0NTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00NRhbiGGbOCax4A8P/fPWTK7ScX
RqFymvtZjaR/MJmkDv/bpGEtHXy1QBu6ekSOvmtIH1zP3dW1pdeUNRoVcLgtDoOY
wN6z/cGmtBaRJ9JtLvgzBRUbFXIhRKiSWODs0Xxwxs53BKS5MI+qAgmOSmXj14sK
TDU6VFk1KVlMQmaIrJ4wGJat54vXx6HiXHtyKMAsM+xvzXix937fwiC+Is12VdWD
JegWY33Oy23MjL/BSVNfsNFXqOaSP7Qs6BhELB4KnIXCpNNolofqPBPPuE+Q/9Jn
POa6NY9xCrSZpAdcdnBQSnzukpTc1ThvrxXzcdQIIvk7zp9z5o/nWsnNqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHw7tYYFrElzwLGQi1GD17qiMEUgMB8GA1UdIwQY
MBaAFGinRy1TKECVkFreIDyvkRzRrBdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEt
MzhjYWQzNTlhNTQwLzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEtMzhjYWQzNTlhNTQw
LzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiOx7Jzdx
AtEihF6ssZPzkpbBS29TviFVVkFCau6+qdQAIZwbmLBFNywyTLnPqwQEQNAy//FT
9i900j8JjAEn2xs0e7hkhFi6vaHzKeRi78DhOIp+GE0cUVuQFwha8rWsvkmH77QC
yPJoKTcv2yjzABzjc/y2oNUEBlEdjhaofRd5TS1tuDeyMiOl9bTdAu68DpdH1d7g
qb3E7kcUC6txyyVNAp6lX+A4KNLMbbAsVzcjsMIRvWq9YsN7bRsDmSxCJYu87V1K
TwTh9cQb+xWgEovZTdufA13VwjTHWjRWm/W7YLGEsbyp73OqNe4WHpFo+lVH6hkh
rY1XtM/5IMP9OQ==
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:39:49 2025 by rpki-client