Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
File:                     aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft (raw, json)
Hash identifier:          i58cqnhw/BuxCZ773QS3rcpALmhH4KRJ5Gv1f6jiReQ=
Subject key identifier:   0A:58:DE:06:47:9A:01:B2:61:4E:85:C1:31:33:04:19:68:9D:6C:E2
Authority key identifier: 68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71
Certificate issuer:       /CN=68a7472d53284095905ade203caf911cd1ac1771
Certificate serial:       019754C76AE9A1BD8F304E051D048A3A847C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
Manifest number:          0228
Signing time:             Mon 09 Jun 2025 13:00:44 +0000
Manifest this update:     Mon 09 Jun 2025 13:00:44 +0000
Manifest next update:     Tue 10 Jun 2025 13:00:44 +0000
Files and hashes:         1: aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl (hash: fcFpR5u5mBXz+1hbEYioPv2220D2uZ9HyZmOPk+LbW0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 11:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:54:c7:6a:e9:a1:bd:8f:30:4e:05:1d:04:8a:3a:84:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a7472d53284095905ade203caf911cd1ac1771
        Validity
            Not Before: Jun  9 13:00:44 2025 GMT
            Not After : Jun 10 13:00:44 2025 GMT
        Subject: CN=0a58de06479a01b2614e85c131330419689d6ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:e2:45:e0:be:ef:9f:ec:38:d9:e8:c9:1b:81:
                    c2:92:f9:e8:58:2c:61:19:98:9e:f4:10:4f:67:da:
                    5a:14:cf:c4:d8:a0:77:66:b9:9d:fa:b8:d0:88:35:
                    6e:ba:f3:b4:38:1e:29:07:47:2d:b0:b1:4d:45:08:
                    84:13:52:1d:dc:6a:73:f3:6e:39:23:32:29:03:2c:
                    85:82:09:be:19:c3:3a:15:14:14:93:87:c5:46:e2:
                    d1:2d:67:c3:31:b4:4d:49:83:59:7e:f0:1a:d5:34:
                    bd:33:04:79:2f:ea:74:0d:a9:ce:5d:59:f9:c5:64:
                    dc:61:34:45:b2:4d:1a:83:85:63:86:c0:5a:93:1d:
                    c3:c6:c5:6e:01:82:02:2f:87:d0:24:cc:35:2e:f2:
                    3a:6e:20:84:1d:eb:71:f0:98:08:46:28:76:f5:0a:
                    d7:49:35:1e:07:ea:ac:a1:15:71:e1:2b:63:aa:7d:
                    dd:c4:75:f9:b8:6d:dc:0d:32:e1:4f:b4:a6:66:4a:
                    de:63:15:24:ef:37:98:e7:29:08:f7:5d:21:53:ea:
                    f1:ed:f6:20:a0:48:2c:7d:90:87:e1:be:1d:03:64:
                    96:b2:c6:62:8b:ec:73:47:0b:4b:69:9b:ec:91:94:
                    b8:e1:c0:fb:81:f3:6b:e0:67:04:06:40:d4:c5:5c:
                    24:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:58:DE:06:47:9A:01:B2:61:4E:85:C1:31:33:04:19:68:9D:6C:E2
            X509v3 Authority Key Identifier:
                keyid:68:A7:47:2D:53:28:40:95:90:5A:DE:20:3C:AF:91:1C:D1:AC:17:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKdHLVMoQJWQWt4gPK-RHNGsF3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/35953e-adc7-417c-9011-38cad359a540/1/aKdHLVMoQJWQWt4gPK-RHNGsF3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:b6:d7:44:0f:e9:c9:15:e9:54:57:41:22:63:d6:18:5f:10:
         06:52:2d:a9:bb:d7:dd:85:ca:27:1a:d4:50:01:1d:e0:06:e7:
         32:04:3c:b3:e4:4b:3b:4c:40:51:6a:50:85:bb:0e:a5:be:ad:
         be:03:57:0d:c3:15:7b:16:0b:35:32:a6:d0:02:64:45:ed:26:
         0f:4d:b7:10:a0:1d:dd:ee:ff:2b:2b:14:27:33:f2:2c:c5:12:
         bf:1e:72:5d:44:f5:7e:bb:00:37:33:08:c7:e2:99:36:71:b8:
         85:9e:90:e2:b6:b6:ea:a8:de:a1:f0:c5:a1:12:e8:40:82:19:
         ca:d0:85:a7:ff:ed:7e:de:d6:47:46:2a:ca:32:a4:65:42:d7:
         83:85:35:c0:30:2a:6b:8f:f4:f5:1c:d8:01:e4:4e:bb:c4:bc:
         b3:f6:15:b5:bb:e9:d4:50:75:3a:5a:63:49:79:7d:c2:fb:6b:
         4c:81:cc:9d:2d:62:ac:54:3c:6e:f6:94:98:d2:2e:72:9a:d0:
         13:ae:b2:53:c5:4d:a4:54:36:46:19:24:a4:43:79:72:77:6a:
         e0:7f:ae:d5:1e:5e:99:38:b3:e8:88:9c:b0:4b:e9:5d:3c:20:
         16:ee:10:3e:15:05:e1:0c:e2:65:f9:41:98:7d:61:66:49:a9:
         46:4a:5e:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUx2rpob2PME4FHQSKOoR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTc0NzJkNTMyODQwOTU5MDVhZGUyMDNjYWY5MTFjZDFh
YzE3NzEwHhcNMjUwNjA5MTMwMDQ0WhcNMjUwNjEwMTMwMDQ0WjAzMTEwLwYDVQQD
EygwYTU4ZGUwNjQ3OWEwMWIyNjE0ZTg1YzEzMTMzMDQxOTY4OWQ2Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuJF4L7vn+w42ejJG4HCkvnoWCxh
GZie9BBPZ9paFM/E2KB3Zrmd+rjQiDVuuvO0OB4pB0ctsLFNRQiEE1Id3Gpz8245
IzIpAyyFggm+GcM6FRQUk4fFRuLRLWfDMbRNSYNZfvAa1TS9MwR5L+p0DanOXVn5
xWTcYTRFsk0ag4VjhsBakx3DxsVuAYICL4fQJMw1LvI6biCEHetx8JgIRih29QrX
STUeB+qsoRVx4Stjqn3dxHX5uG3cDTLhT7SmZkreYxUk7zeY5ykI910hU+rx7fYg
oEgsfZCH4b4dA2SWssZii+xzRwtLaZvskZS44cD7gfNr4GcEBkDUxVwkiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFApY3gZHmgGyYU6FwTEzBBlonWziMB8GA1UdIwQY
MBaAFGinRy1TKECVkFreIDyvkRzRrBdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEt
MzhjYWQzNTlhNTQwLzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zNTk1M2UtYWRjNy00MTdjLTkwMTEtMzhjYWQzNTlhNTQw
LzEvYUtkSExWTW9RSldRV3Q0Z1BLLVJITkdzRjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe7bXRA/p
yRXpVFdBImPWGF8QBlItqbvX3YXKJxrUUAEd4AbnMgQ8s+RLO0xAUWpQhbsOpb6t
vgNXDcMVexYLNTKm0AJkRe0mD023EKAd3e7/KysUJzPyLMUSvx5yXUT1frsANzMI
x+KZNnG4hZ6Q4ra26qjeofDFoRLoQIIZytCFp//tft7WR0YqyjKkZULXg4U1wDAq
a4/09RzYAeROu8S8s/YVtbvp1FB1OlpjSXl9wvtrTIHMnS1irFQ8bvaUmNIucprQ
E66yU8VNpFQ2RhkkpEN5cndq4H+u1R5emTiz6IicsEvpXTwgFu4QPhUF4QziZflB
mH1hZkmpRkpeYg==
-----END CERTIFICATE-----