Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
File:                     aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft (raw, json)
Hash identifier:          sHeRHklII4hgHFNgTuttMAdN9Dh5DUP0ABbwGankuX4=
Subject key identifier:   78:2C:EE:7E:A3:20:13:CC:51:97:E9:80:E8:2C:90:44:59:6F:E1:D0
Authority key identifier: 68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71
Certificate issuer:       /CN=68a7472d53284095905ade203caf911cd1ac1771
Certificate serial:       01975C80FAEC8BB7C948E267549CBA2497F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
Manifest number:          022C
Signing time:             Wed 11 Jun 2025 01:00:46 +0000
Manifest this update:     Wed 11 Jun 2025 01:00:46 +0000
Manifest next update:     Thu 12 Jun 2025 01:00:46 +0000
Files and hashes:         1: aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl (hash: t4eZD65x0YrRj3ssi98kd5MGDV+xq1N+sJM5Y435x5I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 01:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5c:80:fa:ec:8b:b7:c9:48:e2:67:54:9c:ba:24:97:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a7472d53284095905ade203caf911cd1ac1771
        Validity
            Not Before: Jun 11 01:00:46 2025 GMT
            Not After : Jun 12 01:00:46 2025 GMT
        Subject: CN=782cee7ea32013cc5197e980e82c9044596fe1d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:46:8f:ee:b3:57:1b:84:42:16:7d:e2:57:46:
                    56:fb:e4:34:dd:42:03:55:3c:fb:f9:53:df:b4:ef:
                    b0:41:9b:20:b6:b7:11:73:31:d3:4d:a4:58:02:ec:
                    8f:3c:b6:f3:98:86:1c:56:12:20:a3:5f:07:dd:e3:
                    bd:92:49:e2:7f:f4:62:c0:86:57:e6:25:4d:21:84:
                    4a:34:b6:bc:39:40:81:59:75:0b:3f:04:f8:94:09:
                    41:9e:c8:3f:f9:ab:ff:65:68:62:bd:56:2a:b4:a8:
                    be:d1:0d:6e:f3:4f:9a:64:7c:cc:58:49:7a:2c:ad:
                    93:23:0c:ce:7b:41:50:8c:1e:38:ee:39:58:35:8c:
                    fe:61:4f:f8:1f:bf:ed:8e:d3:fa:e1:57:39:66:0c:
                    2b:89:fc:b0:cf:4d:d6:ef:76:4a:2c:c5:4b:f2:aa:
                    f5:a5:fb:93:be:cd:97:1f:87:0b:1a:58:60:a4:76:
                    2c:f4:c5:db:49:ad:f3:4f:d5:d0:80:c8:61:a7:d8:
                    44:69:15:e5:5d:41:fb:d4:aa:87:27:d9:7e:a4:1e:
                    21:11:6b:d2:fe:95:c6:b9:bc:e7:f6:cd:32:9b:50:
                    cc:e8:b5:00:9d:a0:99:bf:a4:96:12:4b:55:33:11:
                    f6:84:96:4d:6a:56:84:f4:33:18:3a:fe:3d:f6:d3:
                    34:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:2C:EE:7E:A3:20:13:CC:51:97:E9:80:E8:2C:90:44:59:6F:E1:D0
            X509v3 Authority Key Identifier:
                keyid:68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:08:19:5c:bc:d1:a1:bc:da:00:f0:01:8b:75:4e:2d:7e:5a:
         01:8f:c7:7c:e0:7c:20:fa:fe:93:db:f0:14:c0:eb:17:64:d6:
         23:86:b1:9a:4b:fb:c0:81:a3:8a:12:e3:bb:53:d7:1f:8f:b3:
         5d:79:24:6a:95:fc:45:97:62:93:2c:bc:74:4d:aa:82:93:81:
         48:6a:1d:89:29:0f:91:9f:80:86:0f:ee:05:25:2a:f4:2d:98:
         3e:ac:b6:de:f0:8f:5f:66:3b:fa:4f:f5:05:9c:ac:73:04:73:
         a4:70:0c:e9:7f:ec:d3:74:1f:15:6c:f3:ac:b6:30:30:59:95:
         2c:bf:99:0d:08:f9:42:5b:2a:5a:a1:99:ec:b4:8d:6f:26:f0:
         1f:41:3b:a9:f3:cf:27:bc:ef:cf:15:76:3e:2e:eb:98:85:34:
         33:28:72:38:84:57:68:7f:54:7f:9f:4b:49:b3:ac:a4:20:80:
         f8:a5:ea:4e:18:17:aa:05:4b:26:0c:00:5b:65:06:0c:77:81:
         cf:b9:b7:0a:bc:10:c7:3e:7d:96:18:07:14:ec:90:af:c3:eb:
         eb:32:0d:e7:d2:2c:2a:a0:a4:68:8b:6d:0a:35:9c:be:aa:b8:
         e1:c1:5d:da:78:a5:8c:64:2b:1f:94:80:08:b5:71:91:3b:1b:
         77:be:e0:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdcgPrsi7fJSOJnVJy6JJf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTc0NzJkNTMyODQwOTU5MDVhZGUyMDNjYWY5MTFjZDFh
YzE3NzEwHhcNMjUwNjExMDEwMDQ2WhcNMjUwNjEyMDEwMDQ2WjAzMTEwLwYDVQQD
Eyg3ODJjZWU3ZWEzMjAxM2NjNTE5N2U5ODBlODJjOTA0NDU5NmZlMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEaP7rNXG4RCFn3iV0ZW++Q03UID
VTz7+VPftO+wQZsgtrcRczHTTaRYAuyPPLbzmIYcVhIgo18H3eO9kknif/RiwIZX
5iVNIYRKNLa8OUCBWXULPwT4lAlBnsg/+av/ZWhivVYqtKi+0Q1u80+aZHzMWEl6
LK2TIwzOe0FQjB447jlYNYz+YU/4H7/tjtP64Vc5Zgwrifywz03W73ZKLMVL8qr1
pfuTvs2XH4cLGlhgpHYs9MXbSa3zT9XQgMhhp9hEaRXlXUH71KqHJ9l+pB4hEWvS
/pXGubzn9s0ym1DM6LUAnaCZv6SWEktVMxH2hJZNalaE9DMYOv499tM0HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgs7n6jIBPMUZfpgOgskERZb+HQMB8GA1UdIwQY
MBaAFGinRy1TKECVkFreIDyvkRzRrBdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEt
MzhjYWQzNTlhNTQwLzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEtMzhjYWQzNTlhNTQw
LzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuwgZXLzR
obzaAPABi3VOLX5aAY/HfOB8IPr+k9vwFMDrF2TWI4axmkv7wIGjihLju1PXH4+z
XXkkapX8RZdikyy8dE2qgpOBSGodiSkPkZ+Ahg/uBSUq9C2YPqy23vCPX2Y7+k/1
BZyscwRzpHAM6X/s03QfFWzzrLYwMFmVLL+ZDQj5QlsqWqGZ7LSNbybwH0E7qfPP
J7zvzxV2Pi7rmIU0MyhyOIRXaH9Uf59LSbOspCCA+KXqThgXqgVLJgwAW2UGDHeB
z7m3CrwQxz59lhgHFOyQr8Pr6zIN59IsKqCkaIttCjWcvqq44cFd2niljGQrH5SA
CLVxkTsbd77gbw==
-----END CERTIFICATE-----