Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
File:                     aU0ylbrOkvvFQHllxly2WWm60Cg.mft (raw, json)
Hash identifier:          UNwoDCIuAlsRRDkVbCiC4PkbpyVxVfSw8zXnO1axgOU=
Subject key identifier:   53:B7:F6:53:1E:61:B7:8C:F2:CE:F7:EE:FB:99:70:F4:97:C8:EC:00
Authority key identifier: 69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28
Certificate issuer:       /CN=694d3295bace92fbc5407965c65cb65969bad028
Certificate serial:       01974AB196C23CD2609A6C6E036D2AD9F2F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
Manifest number:          7B
Signing time:             Sat 07 Jun 2025 14:00:41 +0000
Manifest this update:     Sat 07 Jun 2025 14:00:41 +0000
Manifest next update:     Sun 08 Jun 2025 14:00:41 +0000
Files and hashes:         1: aU0ylbrOkvvFQHllxly2WWm60Cg.crl (hash: c37tVMbT2GQ9xBHKnpbswHsck7jH2wO/oajxrnhjG6E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 14:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:b1:96:c2:3c:d2:60:9a:6c:6e:03:6d:2a:d9:f2:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=694d3295bace92fbc5407965c65cb65969bad028
        Validity
            Not Before: Jun  7 14:00:41 2025 GMT
            Not After : Jun  8 14:00:41 2025 GMT
        Subject: CN=53b7f6531e61b78cf2cef7eefb9970f497c8ec00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:3c:83:ac:d8:02:ec:dc:34:e8:11:0b:5e:2a:
                    13:af:7e:2b:cc:36:0c:14:98:e2:7e:86:7d:90:bf:
                    47:99:81:a6:5f:59:57:1c:cc:a9:cf:9d:15:1b:42:
                    24:d2:e2:66:d3:96:b2:fd:f4:13:a3:d8:ed:b1:a7:
                    7d:05:34:6a:86:d3:d5:96:55:d5:31:49:b2:e9:ff:
                    8a:30:c0:b1:6a:ca:cb:c1:8c:a6:58:b9:a2:ef:fa:
                    b4:26:95:63:ee:ac:3e:74:70:d1:f5:ab:45:08:1b:
                    34:b4:72:e7:69:53:5c:61:1f:ce:19:aa:6c:9b:a0:
                    02:73:8d:d9:f6:0c:4b:4d:ca:bb:8b:83:79:30:5d:
                    f0:e9:02:15:53:d5:8f:c7:eb:0f:f4:97:6b:a8:1e:
                    d0:39:fe:42:62:50:53:b1:61:ef:ce:b8:08:db:9c:
                    77:9d:64:97:7c:b8:73:a6:7f:91:1b:ad:d2:e5:6b:
                    e8:73:55:5e:38:7c:33:bf:7f:00:c6:95:a0:c0:e4:
                    f3:35:60:64:8c:50:63:95:bd:a6:19:98:dc:37:74:
                    e6:b8:3f:f4:14:77:a6:bf:72:20:bf:d8:52:7f:a7:
                    9f:ab:b1:d9:3e:73:9f:84:49:a6:f6:aa:d3:3f:18:
                    f8:50:91:5f:5e:8a:d2:8c:3d:92:9d:d6:d2:7b:3e:
                    d2:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:B7:F6:53:1E:61:B7:8C:F2:CE:F7:EE:FB:99:70:F4:97:C8:EC:00
            X509v3 Authority Key Identifier:
                keyid:69:4D:32:95:BA:CE:92:FB:C5:40:79:65:C6:5C:B6:59:69:BA:D0:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU0ylbrOkvvFQHllxly2WWm60Cg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0ad468-daea-4b04-a408-27e96b9047a8/1/aU0ylbrOkvvFQHllxly2WWm60Cg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:a0:30:85:b4:4c:b2:95:2f:19:0b:49:9e:67:7e:ba:c2:5d:
         17:f1:ea:b7:58:71:03:76:dc:85:45:6a:f3:90:ae:45:f5:50:
         93:6b:53:ab:90:a3:44:0b:d4:38:53:50:cf:9c:71:dd:52:bf:
         6b:cb:c7:81:92:e9:a0:19:3c:8b:bb:b3:15:7a:41:3c:14:56:
         27:eb:29:e1:c8:ee:ae:e7:83:57:d4:50:ce:d8:5d:ee:22:29:
         56:f4:94:6a:a9:16:5d:2c:62:d7:3a:d5:f3:bc:11:ae:dd:53:
         97:a6:34:43:be:25:44:83:0a:ca:9e:65:a7:e3:9b:68:c3:d5:
         fd:0b:91:b4:57:2f:1c:da:ab:df:ce:f2:1f:6c:8d:eb:f9:0f:
         66:3b:ee:d8:76:8b:88:ca:48:6b:dd:a8:c5:e8:06:05:2c:5e:
         82:f1:b6:88:c6:a8:52:7c:5b:e7:5b:de:8f:3e:87:69:2b:94:
         1c:a7:39:c8:c8:28:21:82:c4:f1:8e:c0:be:e3:d5:2b:8e:5b:
         db:35:e8:01:e9:39:95:51:11:8a:06:38:1e:16:f0:db:7b:46:
         a9:45:e3:75:80:fe:98:69:50:a0:d6:65:d8:40:37:30:68:6a:
         6e:eb:ff:ea:5e:af:2e:31:0b:a9:61:93:14:61:52:40:66:b7:
         10:1d:76:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKsZbCPNJgmmxuA20q2fL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGQzMjk1YmFjZTkyZmJjNTQwNzk2NWM2NWNiNjU5Njli
YWQwMjgwHhcNMjUwNjA3MTQwMDQxWhcNMjUwNjA4MTQwMDQxWjAzMTEwLwYDVQQD
Eyg1M2I3ZjY1MzFlNjFiNzhjZjJjZWY3ZWVmYjk5NzBmNDk3YzhlYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDyDrNgC7Nw06BELXioTr34rzDYM
FJjifoZ9kL9HmYGmX1lXHMypz50VG0Ik0uJm05ay/fQTo9jtsad9BTRqhtPVllXV
MUmy6f+KMMCxasrLwYymWLmi7/q0JpVj7qw+dHDR9atFCBs0tHLnaVNcYR/OGaps
m6ACc43Z9gxLTcq7i4N5MF3w6QIVU9WPx+sP9JdrqB7QOf5CYlBTsWHvzrgI25x3
nWSXfLhzpn+RG63S5Wvoc1VeOHwzv38AxpWgwOTzNWBkjFBjlb2mGZjcN3TmuD/0
FHemv3Igv9hSf6efq7HZPnOfhEmm9qrTPxj4UJFfXorSjD2SndbSez7SUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFO39lMeYbeM8s737vuZcPSXyOwAMB8GA1UdIwQY
MBaAFGlNMpW6zpL7xUB5ZcZctllputAoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgt
MjdlOTZiOTA0N2E4LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wYWQ0NjgtZGFlYS00YjA0LWE0MDgtMjdlOTZiOTA0N2E4
LzEvYVUweWxick9rdnZGUUhsbHhseTJXV202MENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdqAwhbRM
spUvGQtJnmd+usJdF/Hqt1hxA3bchUVq85CuRfVQk2tTq5CjRAvUOFNQz5xx3VK/
a8vHgZLpoBk8i7uzFXpBPBRWJ+sp4cjurueDV9RQzthd7iIpVvSUaqkWXSxi1zrV
87wRrt1Tl6Y0Q74lRIMKyp5lp+ObaMPV/QuRtFcvHNqr387yH2yN6/kPZjvu2HaL
iMpIa92oxegGBSxegvG2iMaoUnxb51vejz6HaSuUHKc5yMgoIYLE8Y7AvuPVK45b
2zXoAek5lVERigY4Hhbw23tGqUXjdYD+mGlQoNZl2EA3MGhqbuv/6l6vLjELqWGT
FGFSQGa3EB12Ow==
-----END CERTIFICATE-----