Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
File:                     aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft (raw, json)
Hash identifier:          scvaO+YGA2BYrnir/YhnLPxL2pUl4S9wIZECEkBy0PQ=
Subject key identifier:   69:02:7B:FB:26:DF:86:E8:D9:30:BC:9F:51:11:42:B7:94:52:68:BC
Authority key identifier: 68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71
Certificate issuer:       /CN=68a7472d53284095905ade203caf911cd1ac1771
Certificate serial:       019758A40A55A79A497D2F7A8CF0FC8BED6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
Manifest number:          022A
Signing time:             Tue 10 Jun 2025 07:00:34 +0000
Manifest this update:     Tue 10 Jun 2025 07:00:34 +0000
Manifest next update:     Wed 11 Jun 2025 07:00:34 +0000
Files and hashes:         1: aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl (hash: IhX+wgFVVmT1UUDsUJ9SJjNsGMI0lGDScdUXKCarVMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 07:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:58:a4:0a:55:a7:9a:49:7d:2f:7a:8c:f0:fc:8b:ed:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a7472d53284095905ade203caf911cd1ac1771
        Validity
            Not Before: Jun 10 07:00:34 2025 GMT
            Not After : Jun 11 07:00:34 2025 GMT
        Subject: CN=69027bfb26df86e8d930bc9f511142b7945268bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a3:eb:67:ec:ca:0b:d9:48:49:69:c8:27:30:
                    c0:18:0e:30:47:95:47:39:6b:34:87:2a:90:09:ed:
                    59:16:45:87:48:36:2a:ec:2e:b3:08:59:01:ce:d3:
                    26:79:bb:e4:40:df:2f:5e:91:39:92:60:c7:8d:db:
                    bc:ea:50:92:03:53:f1:09:82:43:7b:c1:90:0a:cd:
                    e5:fc:fe:8e:25:6f:aa:36:f5:62:a5:ff:c7:3f:01:
                    09:c3:a9:c3:bf:04:fd:61:92:3c:3e:6e:f5:30:53:
                    fc:97:c9:ce:02:97:53:12:cd:6c:cb:d4:86:ce:e3:
                    a1:c6:d2:f3:7a:fa:5b:5d:1d:35:c6:6f:d6:9d:5c:
                    5a:ed:4a:bd:b3:1b:cb:67:e4:8b:7c:d8:dc:93:58:
                    b7:47:3f:26:20:48:1d:f3:98:68:3e:61:4c:28:6d:
                    d3:24:75:bb:73:f7:b9:b2:fb:2f:0e:d4:16:d7:db:
                    d7:93:91:30:42:b1:86:fb:39:c7:db:1b:d9:50:18:
                    38:4e:a6:eb:cb:c2:18:0a:d4:0e:2f:b5:a2:3d:5f:
                    9a:ca:97:07:dc:58:14:72:5e:f9:e9:27:a7:b0:eb:
                    09:26:5b:30:cd:2a:9e:3b:cd:13:cb:5b:3d:5f:de:
                    fc:87:04:83:ee:18:da:97:18:a5:47:81:18:4c:ad:
                    c9:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:02:7B:FB:26:DF:86:E8:D9:30:BC:9F:51:11:42:B7:94:52:68:BC
            X509v3 Authority Key Identifier:
                keyid:68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:43:d7:59:be:0b:32:1f:f9:25:ec:6a:71:05:8e:ea:06:e7:
         ae:39:47:73:b2:8a:1b:c7:8a:c6:d4:db:7b:fd:38:59:75:09:
         25:aa:91:1f:16:3e:0c:27:8e:92:09:46:e1:39:25:4b:30:38:
         8f:22:d0:21:23:35:09:e9:4d:24:e4:a6:99:aa:7f:18:a1:12:
         af:b4:0d:d1:8f:df:62:3d:59:86:79:eb:98:84:82:a7:e6:d8:
         2f:d9:41:12:a2:bf:3d:69:f2:d2:e6:e4:4f:23:93:4b:a2:a8:
         d5:2a:9b:84:e3:4d:96:6a:11:d7:cc:25:68:59:54:4a:d8:4f:
         20:55:ce:a5:16:bc:f3:89:3f:1e:d8:7a:fc:58:c5:be:ee:45:
         95:3b:d4:c5:f8:69:c7:f6:c9:9b:a3:7f:f6:50:af:55:ce:55:
         5a:50:7f:94:59:47:85:77:23:77:e4:9e:17:7f:12:15:ea:02:
         23:ea:95:98:08:7d:6d:38:38:34:74:4a:14:9d:b4:9c:2e:df:
         fa:c6:54:fa:c3:7b:3f:12:2f:1b:71:f1:3c:a8:f7:6e:01:55:
         f5:ee:8d:21:21:bf:23:f9:51:6c:d7:8f:aa:fc:51:62:b5:ad:
         e6:0b:23:dd:1f:ff:71:fc:e4:05:fb:5f:fa:a6:68:36:c5:dd:
         6d:20:9a:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdYpApVp5pJfS96jPD8i+1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTc0NzJkNTMyODQwOTU5MDVhZGUyMDNjYWY5MTFjZDFh
YzE3NzEwHhcNMjUwNjEwMDcwMDM0WhcNMjUwNjExMDcwMDM0WjAzMTEwLwYDVQQD
Eyg2OTAyN2JmYjI2ZGY4NmU4ZDkzMGJjOWY1MTExNDJiNzk0NTI2OGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6PrZ+zKC9lISWnIJzDAGA4wR5VH
OWs0hyqQCe1ZFkWHSDYq7C6zCFkBztMmebvkQN8vXpE5kmDHjdu86lCSA1PxCYJD
e8GQCs3l/P6OJW+qNvVipf/HPwEJw6nDvwT9YZI8Pm71MFP8l8nOApdTEs1sy9SG
zuOhxtLzevpbXR01xm/WnVxa7Uq9sxvLZ+SLfNjck1i3Rz8mIEgd85hoPmFMKG3T
JHW7c/e5svsvDtQW19vXk5EwQrGG+znH2xvZUBg4Tqbry8IYCtQOL7WiPV+aypcH
3FgUcl756SensOsJJlswzSqeO80Ty1s9X978hwSD7hjalxilR4EYTK3JiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGkCe/sm34bo2TC8n1ERQreUUmi8MB8GA1UdIwQY
MBaAFGinRy1TKECVkFreIDyvkRzRrBdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEt
MzhjYWQzNTlhNTQwLzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEtMzhjYWQzNTlhNTQw
LzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkEPXWb4L
Mh/5JexqcQWO6gbnrjlHc7KKG8eKxtTbe/04WXUJJaqRHxY+DCeOkglG4TklSzA4
jyLQISM1CelNJOSmmap/GKESr7QN0Y/fYj1ZhnnrmISCp+bYL9lBEqK/PWny0ubk
TyOTS6Ko1SqbhONNlmoR18wlaFlUSthPIFXOpRa884k/Hth6/FjFvu5FlTvUxfhp
x/bJm6N/9lCvVc5VWlB/lFlHhXcjd+SeF38SFeoCI+qVmAh9bTg4NHRKFJ20nC7f
+sZU+sN7PxIvG3HxPKj3bgFV9e6NISG/I/lRbNePqvxRYrWt5gsj3R//cfzkBftf
+qZoNsXdbSCaEw==
-----END CERTIFICATE-----