Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
File:                     aWZ-UauBVWetZ8u10biJY4Nfqfc.mft (raw, json)
Hash identifier:          Z5FhaZ1KgPqVy+IpTAau1TlEHfH0xJfXAFaMd88W0RM=
Subject key identifier:   E6:89:B8:7A:2D:A8:46:B5:49:93:D0:5D:EA:FE:EA:15:F0:66:4C:9E
Authority key identifier: 69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7
Certificate issuer:       /CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
Certificate serial:       01974A7A5D3E4A5280F9E8068748075A215E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
Manifest number:          0CDD
Signing time:             Sat 07 Jun 2025 13:00:22 +0000
Manifest this update:     Sat 07 Jun 2025 13:00:22 +0000
Manifest next update:     Sun 08 Jun 2025 13:00:22 +0000
Files and hashes:         1: aWZ-UauBVWetZ8u10biJY4Nfqfc.crl (hash: 9vAik+1/S7j33H24mt7/r7dpLLfPoK7BgcQhCaGljxc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7a:5d:3e:4a:52:80:f9:e8:06:87:48:07:5a:21:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69667e51ab815567ad67cbb5d1b88963835fa9f7
        Validity
            Not Before: Jun  7 13:00:22 2025 GMT
            Not After : Jun  8 13:00:22 2025 GMT
        Subject: CN=e689b87a2da846b54993d05deafeea15f0664c9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d0:b6:33:19:26:02:e1:5d:ef:09:85:34:04:
                    b1:a7:90:55:c3:78:ed:09:c1:85:7f:56:4e:77:73:
                    95:2a:33:2c:04:da:14:a3:9f:1a:ab:1a:d7:67:1e:
                    36:ce:19:d6:cd:12:59:9d:ba:b9:a8:67:6c:b8:6e:
                    4a:38:cc:e8:db:bb:34:8a:fa:84:ed:55:bb:87:9c:
                    d8:96:9e:b2:6a:b8:c3:6e:d8:05:1f:80:8d:2d:3a:
                    53:c1:42:91:74:af:04:ae:ef:2e:1e:72:59:0a:4f:
                    c2:f4:79:89:05:59:2b:d7:ba:0b:e7:a1:06:ad:e0:
                    9e:51:53:a5:a2:0d:0f:a2:e5:93:23:8e:3b:e2:43:
                    d3:8c:19:18:63:85:07:51:63:33:da:80:d7:56:42:
                    a7:e0:fb:8e:5e:2b:b3:ca:a5:d2:92:4b:6d:70:02:
                    f0:af:eb:35:e5:8b:c9:26:96:52:d4:35:f2:be:4c:
                    60:a7:d4:0c:c9:ef:d7:18:5a:26:e3:32:26:4c:21:
                    31:a0:71:87:5b:c5:f8:d3:93:c1:79:93:92:e8:bd:
                    c6:ac:64:76:dc:3d:70:ba:f7:5a:47:10:2d:11:81:
                    f9:59:74:c0:ce:4a:da:d4:2e:2c:ae:82:62:91:62:
                    36:ed:7b:b1:3f:13:fa:7a:c7:39:c8:cc:d7:a7:08:
                    c1:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:89:B8:7A:2D:A8:46:B5:49:93:D0:5D:EA:FE:EA:15:F0:66:4C:9E
            X509v3 Authority Key Identifier:
                keyid:69:66:7E:51:AB:81:55:67:AD:67:CB:B5:D1:B8:89:63:83:5F:A9:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZ-UauBVWetZ8u10biJY4Nfqfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/3ec692-a3e4-4379-a1c7-a7e3c6a892ec/1/aWZ-UauBVWetZ8u10biJY4Nfqfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:52:6d:bb:62:d4:80:52:40:c3:8f:38:88:b2:56:cb:22:88:
         89:02:93:3f:55:67:c4:4c:9b:dd:5b:33:6f:01:8b:af:61:fb:
         ca:73:6a:6c:3a:be:d9:dc:61:df:d7:87:5c:68:b5:b9:96:b4:
         9a:c8:83:fc:30:d9:6d:d5:83:1a:e0:99:bf:22:40:24:8a:1c:
         46:71:ce:7f:16:c8:d4:34:30:88:e8:c9:6e:82:e2:7a:8f:e7:
         b8:67:12:e5:35:c0:da:a9:cc:64:cd:60:24:35:ab:43:8b:67:
         5d:45:f8:7d:5f:ee:de:f8:50:2f:16:0e:05:8f:14:e7:dd:0c:
         90:25:47:26:f4:be:bb:48:94:95:e3:7d:70:05:0e:b4:45:e3:
         4e:df:5b:9e:49:00:16:9e:33:0c:a6:ef:7e:4d:51:bd:a0:48:
         3d:1a:a1:f2:ef:84:7c:11:b6:4b:a8:65:5a:bf:c8:8e:dc:80:
         83:b0:0b:02:b7:e7:53:7d:00:42:43:64:7f:0b:e2:0f:61:8c:
         cd:73:0d:78:1d:c8:93:60:de:65:64:93:52:69:bf:ac:ea:ce:
         62:9d:d8:d6:3d:7d:72:9b:ba:dd:cb:71:92:b1:5b:64:13:c7:
         26:01:21:76:8c:51:59:10:2b:7c:3f:c5:6b:8a:fa:83:67:1e:
         31:45:be:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKel0+SlKA+egGh0gHWiFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY3ZTUxYWI4MTU1NjdhZDY3Y2JiNWQxYjg4OTYzODM1
ZmE5ZjcwHhcNMjUwNjA3MTMwMDIyWhcNMjUwNjA4MTMwMDIyWjAzMTEwLwYDVQQD
EyhlNjg5Yjg3YTJkYTg0NmI1NDk5M2QwNWRlYWZlZWExNWYwNjY0YzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9C2MxkmAuFd7wmFNASxp5BVw3jt
CcGFf1ZOd3OVKjMsBNoUo58aqxrXZx42zhnWzRJZnbq5qGdsuG5KOMzo27s0ivqE
7VW7h5zYlp6yarjDbtgFH4CNLTpTwUKRdK8Eru8uHnJZCk/C9HmJBVkr17oL56EG
reCeUVOlog0PouWTI4474kPTjBkYY4UHUWMz2oDXVkKn4PuOXiuzyqXSkkttcALw
r+s15YvJJpZS1DXyvkxgp9QMye/XGFom4zImTCExoHGHW8X405PBeZOS6L3GrGR2
3D1wuvdaRxAtEYH5WXTAzkra1C4sroJikWI27XuxPxP6esc5yMzXpwjBPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOaJuHotqEa1SZPQXer+6hXwZkyeMB8GA1UdIwQY
MBaAFGlmflGrgVVnrWfLtdG4iWODX6n3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzct
YTdlM2M2YTg5MmVjLzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zZWM2OTItYTNlNC00Mzc5LWExYzctYTdlM2M2YTg5MmVj
LzEvYVdaLVVhdUJWV2V0Wjh1MTBiaUpZNE5mcWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPlJtu2LU
gFJAw484iLJWyyKIiQKTP1VnxEyb3VszbwGLr2H7ynNqbDq+2dxh39eHXGi1uZa0
msiD/DDZbdWDGuCZvyJAJIocRnHOfxbI1DQwiOjJboLieo/nuGcS5TXA2qnMZM1g
JDWrQ4tnXUX4fV/u3vhQLxYOBY8U590MkCVHJvS+u0iUleN9cAUOtEXjTt9bnkkA
Fp4zDKbvfk1RvaBIPRqh8u+EfBG2S6hlWr/IjtyAg7ALArfnU30AQkNkfwviD2GM
zXMNeB3Ik2DeZWSTUmm/rOrOYp3Y1j19cpu63ctxkrFbZBPHJgEhdoxRWRArfD/F
a4r6g2ceMUW+4Q==
-----END CERTIFICATE-----