Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
File:                     aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft (raw, json)
Hash identifier:          WhiFbI4YHy/rRUYrcadXbnWu/hKpF+yqZh0KdlExmXw=
Subject key identifier:   B5:95:A1:7C:FB:3C:0B:AD:E2:BD:3C:D4:06:85:08:D2:E9:FB:C3:71
Authority key identifier: 68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71
Certificate issuer:       /CN=68a7472d53284095905ade203caf911cd1ac1771
Certificate serial:       01958B16F91D3243C264F2544EBA9F5430BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
Manifest number:          013B
Signing time:             Wed 12 Mar 2025 16:01:33 +0000
Manifest this update:     Wed 12 Mar 2025 16:01:33 +0000
Manifest next update:     Thu 13 Mar 2025 16:01:33 +0000
Files and hashes:         1: aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl (hash: u94GD1lWqMJNe401ZCb6L5vOX0EnV4mUxmPd13AvBU4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 16:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:16:f9:1d:32:43:c2:64:f2:54:4e:ba:9f:54:30:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a7472d53284095905ade203caf911cd1ac1771
        Validity
            Not Before: Mar 12 16:01:33 2025 GMT
            Not After : Mar 13 16:01:33 2025 GMT
        Subject: CN=b595a17cfb3c0bade2bd3cd4068508d2e9fbc371
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:c7:c9:f5:60:4a:70:70:ed:14:4e:8c:64:92:
                    0e:59:97:14:95:bc:79:56:41:a5:6a:08:cd:7d:9c:
                    ec:dd:ec:3d:27:12:ba:4c:63:2f:08:2e:ed:77:18:
                    19:95:ba:e5:71:bf:d7:89:15:e0:f7:2e:de:68:d6:
                    3e:d5:27:4c:a7:44:bf:b2:6a:67:11:a6:97:31:9f:
                    e5:08:8d:dc:ed:85:5f:0e:dc:6f:4a:41:54:1c:05:
                    ca:b6:87:9b:33:dd:86:c5:c0:62:1d:f4:5e:25:30:
                    19:af:f0:24:78:18:94:9a:46:44:db:13:d9:8e:b8:
                    f2:a9:f6:8a:49:21:19:dd:61:7b:83:1e:2a:96:f7:
                    79:97:77:f6:1e:7d:ff:c3:1c:b0:07:67:17:98:5c:
                    73:b8:d3:e7:7e:6c:f4:97:e6:6b:83:c4:a2:a1:6e:
                    cd:21:e5:e1:54:38:6f:19:da:c5:dc:ab:a3:57:d1:
                    98:24:91:fb:7c:17:0d:b5:ef:9e:5e:6e:8b:0e:16:
                    9c:34:c5:8a:33:d2:36:b8:2b:12:00:db:14:67:fb:
                    07:f5:53:31:80:5c:ca:e6:68:9d:ca:58:3b:3a:8f:
                    59:b2:53:76:50:ed:6c:65:9e:28:b3:86:ad:0b:ee:
                    c9:60:07:66:a8:74:02:b7:41:be:a4:0f:17:70:27:
                    16:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:95:A1:7C:FB:3C:0B:AD:E2:BD:3C:D4:06:85:08:D2:E9:FB:C3:71
            X509v3 Authority Key Identifier:
                keyid:68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:be:78:71:b0:7c:f1:c4:b3:52:68:17:0d:82:dd:e6:2f:45:
         dc:21:d5:b6:b0:93:c5:64:ec:ef:52:3d:28:65:c0:b7:de:03:
         48:ba:cd:b6:eb:50:a3:56:c4:79:99:77:49:f1:71:d1:86:1f:
         7a:32:a2:0d:df:dd:bb:47:b1:da:c3:8a:40:99:c4:c1:6c:c9:
         20:88:86:d0:60:a4:5f:7c:16:be:f5:64:1b:3f:45:ef:6f:cc:
         86:a9:d4:d0:9f:2a:e6:75:9a:72:02:1f:61:16:5e:bf:6d:fc:
         24:73:99:0f:9c:fa:18:ed:7d:59:99:ec:82:c5:26:fc:6d:2f:
         f2:e6:81:dd:d9:6f:c2:61:b6:70:8b:b3:0f:9e:8f:48:99:1f:
         13:5a:76:bf:d8:e3:37:9a:8a:03:89:05:f2:7a:c6:3a:d8:97:
         68:7c:3c:c3:df:4a:7a:db:d4:ac:01:f9:b7:1b:a3:62:85:5f:
         25:4d:35:ce:2b:02:90:d2:4b:f0:bf:c6:ea:2c:e5:b2:67:3a:
         51:aa:55:ee:bb:a0:4e:37:82:53:a8:1e:8f:ee:ef:5e:43:69:
         f2:b2:5d:75:ac:be:fb:ca:85:d5:24:eb:10:84:46:b9:36:f8:
         c3:ca:5f:de:f2:75:30:5d:0c:50:17:f6:65:68:5e:c8:c1:fa:
         46:9d:2a:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLFvkdMkPCZPJUTrqfVDC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTc0NzJkNTMyODQwOTU5MDVhZGUyMDNjYWY5MTFjZDFh
YzE3NzEwHhcNMjUwMzEyMTYwMTMzWhcNMjUwMzEzMTYwMTMzWjAzMTEwLwYDVQQD
EyhiNTk1YTE3Y2ZiM2MwYmFkZTJiZDNjZDQwNjg1MDhkMmU5ZmJjMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7MfJ9WBKcHDtFE6MZJIOWZcUlbx5
VkGlagjNfZzs3ew9JxK6TGMvCC7tdxgZlbrlcb/XiRXg9y7eaNY+1SdMp0S/smpn
EaaXMZ/lCI3c7YVfDtxvSkFUHAXKtoebM92GxcBiHfReJTAZr/AkeBiUmkZE2xPZ
jrjyqfaKSSEZ3WF7gx4qlvd5l3f2Hn3/wxywB2cXmFxzuNPnfmz0l+Zrg8SioW7N
IeXhVDhvGdrF3KujV9GYJJH7fBcNte+eXm6LDhacNMWKM9I2uCsSANsUZ/sH9VMx
gFzK5midylg7Oo9ZslN2UO1sZZ4os4atC+7JYAdmqHQCt0G+pA8XcCcWwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWVoXz7PAut4r081AaFCNLp+8NxMB8GA1UdIwQY
MBaAFGinRy1TKECVkFreIDyvkRzRrBdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEt
MzhjYWQzNTlhNTQwLzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEtMzhjYWQzNTlhNTQw
LzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn754cbB8
8cSzUmgXDYLd5i9F3CHVtrCTxWTs71I9KGXAt94DSLrNtutQo1bEeZl3SfFx0YYf
ejKiDd/du0ex2sOKQJnEwWzJIIiG0GCkX3wWvvVkGz9F72/MhqnU0J8q5nWacgIf
YRZev238JHOZD5z6GO19WZnsgsUm/G0v8uaB3dlvwmG2cIuzD56PSJkfE1p2v9jj
N5qKA4kF8nrGOtiXaHw8w99KetvUrAH5txujYoVfJU01zisCkNJL8L/G6izlsmc6
UapV7rugTjeCU6gej+7vXkNp8rJdday++8qF1STrEIRGuTb4w8pf3vJ1MF0MUBf2
ZWheyMH6Rp0qvQ==
-----END CERTIFICATE-----