Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
File:                     aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft (raw, json)
Hash identifier:          3hyHOBAQZXeXWq2kTu5EyKTONm7Y5tLzCeJeTZuwTxc=
Subject key identifier:   E6:A9:13:FE:6A:DB:68:D6:28:CC:CB:AB:9C:15:4E:BB:87:85:C1:F3
Authority key identifier: 68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71
Certificate issuer:       /CN=68a7472d53284095905ade203caf911cd1ac1771
Certificate serial:       01976A05E193957BDAD60E724B6170228C4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
Manifest number:          0233
Signing time:             Fri 13 Jun 2025 16:00:59 +0000
Manifest this update:     Fri 13 Jun 2025 16:00:59 +0000
Manifest next update:     Sat 14 Jun 2025 16:00:59 +0000
Files and hashes:         1: aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl (hash: nBlPCWKiaxF1IOMa87+7mIakEG7svRfBjxGavENQcRQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:05:e1:93:95:7b:da:d6:0e:72:4b:61:70:22:8c:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a7472d53284095905ade203caf911cd1ac1771
        Validity
            Not Before: Jun 13 16:00:59 2025 GMT
            Not After : Jun 14 16:00:59 2025 GMT
        Subject: CN=e6a913fe6adb68d628cccbab9c154ebb8785c1f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:6c:52:fe:f1:24:93:4d:ff:9c:ce:17:8d:f1:
                    72:22:08:91:c7:f2:6d:f2:1b:45:53:2f:d5:2f:65:
                    77:28:d4:e8:82:72:b4:76:63:6a:93:f2:7b:a6:8d:
                    7e:a2:01:5e:27:39:4d:04:a3:b8:4b:0d:dc:7b:f5:
                    fd:aa:d3:68:8a:81:7b:4a:87:87:8f:77:d1:90:93:
                    31:ce:73:c9:0c:7c:7e:5a:0e:d7:3c:77:77:c4:82:
                    90:aa:39:c1:12:25:a1:92:f2:d4:72:8d:47:19:3e:
                    ed:da:45:de:bc:cc:60:58:62:80:3c:f1:b1:22:6c:
                    0d:dd:65:e7:0a:90:f6:ac:f8:30:da:87:ea:55:47:
                    e9:03:cc:15:09:94:6f:e5:81:b4:dc:8a:34:20:40:
                    f4:c2:d8:b2:65:39:05:07:cb:64:d9:11:05:2b:c9:
                    cb:d8:16:71:09:e8:58:fe:6d:0a:7f:7f:23:5f:a8:
                    c1:2e:d6:bb:df:12:b8:e7:0f:af:bb:25:53:c3:d9:
                    d7:63:00:5c:74:b1:b5:54:32:89:6d:5f:37:b7:e0:
                    9d:b3:62:e5:f9:a4:47:56:be:80:a8:3a:c4:a3:80:
                    f0:5b:44:aa:86:47:3b:6e:d6:6d:ba:cd:8f:76:a1:
                    d7:e1:b1:c6:85:fa:e3:22:ce:c7:97:7b:60:ce:6c:
                    2c:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:A9:13:FE:6A:DB:68:D6:28:CC:CB:AB:9C:15:4E:BB:87:85:C1:F3
            X509v3 Authority Key Identifier:
                keyid:68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:a3:37:e9:76:8d:ad:fb:d2:e6:0c:d6:f7:10:f4:32:4f:01:
         57:e0:96:82:ac:33:0b:54:7c:4c:7c:0e:b9:d1:4b:a9:f9:51:
         d8:f2:f1:cf:f4:ad:c3:11:9a:1b:7f:57:73:e2:03:bc:d9:48:
         3f:ab:08:37:53:d7:c5:11:e9:1e:bd:1f:43:d7:b8:57:fd:0a:
         2c:c8:a1:0d:1d:6d:78:0c:af:c5:6f:b0:3e:c9:28:df:4b:d3:
         55:a1:0a:79:b3:e7:2e:35:3d:87:32:4c:71:48:0a:b7:42:73:
         55:fa:e7:ac:df:bd:e3:f8:a7:c1:03:60:ab:ca:9a:d4:7b:d9:
         7b:b6:11:1e:f0:6a:fc:e4:82:5c:32:33:92:4a:10:c1:c7:5f:
         71:c5:5b:33:6c:ea:ba:e2:1c:c8:ed:cd:31:91:d2:21:2e:50:
         c2:9f:7d:7d:34:c1:31:2e:50:26:2d:b5:05:b2:5c:b2:40:31:
         ff:4e:05:a2:b8:10:cf:9e:0a:6d:77:31:3b:7b:dc:b5:2d:09:
         a6:16:96:eb:04:71:05:c3:45:f6:ac:c4:90:0a:56:82:bf:1c:
         fb:80:3b:48:9a:70:3a:23:a4:79:c6:d8:e4:c8:f3:c2:85:ef:
         61:48:37:37:ce:15:69:9b:ee:b0:5f:a6:a3:97:3c:e5:77:af:
         8f:7e:57:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBeGTlXva1g5yS2FwIoxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTc0NzJkNTMyODQwOTU5MDVhZGUyMDNjYWY5MTFjZDFh
YzE3NzEwHhcNMjUwNjEzMTYwMDU5WhcNMjUwNjE0MTYwMDU5WjAzMTEwLwYDVQQD
EyhlNmE5MTNmZTZhZGI2OGQ2MjhjY2NiYWI5YzE1NGViYjg3ODVjMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GxS/vEkk03/nM4XjfFyIgiRx/Jt
8htFUy/VL2V3KNTognK0dmNqk/J7po1+ogFeJzlNBKO4Sw3ce/X9qtNoioF7SoeH
j3fRkJMxznPJDHx+Wg7XPHd3xIKQqjnBEiWhkvLUco1HGT7t2kXevMxgWGKAPPGx
ImwN3WXnCpD2rPgw2ofqVUfpA8wVCZRv5YG03Io0IED0wtiyZTkFB8tk2REFK8nL
2BZxCehY/m0Kf38jX6jBLta73xK45w+vuyVTw9nXYwBcdLG1VDKJbV83t+Cds2Ll
+aRHVr6AqDrEo4DwW0Sqhkc7btZtus2PdqHX4bHGhfrjIs7Hl3tgzmwsJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOapE/5q22jWKMzLq5wVTruHhcHzMB8GA1UdIwQY
MBaAFGinRy1TKECVkFreIDyvkRzRrBdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEt
MzhjYWQzNTlhNTQwLzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEtMzhjYWQzNTlhNTQw
LzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFqM36XaN
rfvS5gzW9xD0Mk8BV+CWgqwzC1R8THwOudFLqflR2PLxz/StwxGaG39Xc+IDvNlI
P6sIN1PXxRHpHr0fQ9e4V/0KLMihDR1teAyvxW+wPsko30vTVaEKebPnLjU9hzJM
cUgKt0JzVfrnrN+94/inwQNgq8qa1HvZe7YRHvBq/OSCXDIzkkoQwcdfccVbM2zq
uuIcyO3NMZHSIS5Qwp99fTTBMS5QJi21BbJcskAx/04ForgQz54KbXcxO3vctS0J
phaW6wRxBcNF9qzEkApWgr8c+4A7SJpwOiOkecbY5MjzwoXvYUg3N84VaZvusF+m
o5c85Xevj35X0g==
-----END CERTIFICATE-----