Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
File:                     aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json)
Hash identifier:          j0XwsZahYGQCeam6Gl6WtIsHYh7q8sgm0gJTGBnsyOo=
Subject key identifier:   1C:0B:4C:3D:FF:22:CC:E2:E5:65:03:4E:49:87:80:60:2F:32:CD:00
Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A
Certificate issuer:       /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
Certificate serial:       0199228CAB296A542B3666B3D942986FCA69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
Manifest number:          1600
Signing time:             Sun 07 Sep 2025 05:01:08 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:08 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:08 +0000
Files and hashes:         1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: PTnNwsQsnNtjn72E0YvzNdTy/NWkLfJpufTDQ5o6044=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:ab:29:6a:54:2b:36:66:b3:d9:42:98:6f:ca:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
        Validity
            Not Before: Sep  7 05:01:08 2025 GMT
            Not After : Sep  8 05:01:08 2025 GMT
        Subject: CN=1c0b4c3dff22cce2e565034e498780602f32cd00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2d:3e:e2:c6:bb:da:72:82:74:8d:e2:55:e9:
                    34:05:fa:19:09:a8:f1:9d:f7:c4:5b:26:d0:35:05:
                    27:ee:73:97:fd:be:ed:a4:ae:81:af:0d:41:93:29:
                    86:3f:57:d8:85:f1:81:3d:9b:2c:3d:db:f3:2c:b7:
                    bf:03:86:a9:cf:2a:82:e0:52:67:0f:9c:72:72:c4:
                    31:22:bf:69:d3:8e:c9:39:c1:6b:ce:fe:ba:19:bc:
                    94:23:14:d4:38:a8:34:14:01:77:72:5e:17:e5:ac:
                    5f:3d:a0:c5:30:42:42:e6:1d:7f:74:06:4c:f2:2d:
                    d5:c8:99:b4:aa:bc:cd:73:d8:20:8f:93:0a:c2:f5:
                    68:aa:12:e6:8a:19:25:da:d7:f9:78:19:91:ee:16:
                    a4:dc:36:7d:e3:3b:d2:d8:43:80:b9:72:e9:38:79:
                    0c:d4:9a:37:7c:a9:98:ba:99:5c:cb:13:7a:c9:41:
                    9f:4f:99:0d:0c:a9:e1:36:84:56:fe:58:cc:d9:e2:
                    fd:86:18:26:d8:76:e4:c8:67:dc:e2:df:89:07:93:
                    72:02:f0:7d:8e:12:4f:bf:6d:2f:98:2a:7f:18:78:
                    a4:82:3f:ac:86:1b:33:d5:50:20:35:c8:3e:59:6e:
                    80:6d:86:ee:e1:f5:d1:ad:13:59:c6:b5:c4:77:41:
                    3a:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:0B:4C:3D:FF:22:CC:E2:E5:65:03:4E:49:87:80:60:2F:32:CD:00
            X509v3 Authority Key Identifier:
                keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:1d:c5:91:cb:48:58:24:9b:d6:a0:20:b9:7b:4b:4c:38:19:
         2c:5d:15:e3:51:b6:d6:4d:2c:93:6f:c7:6b:3a:f8:30:e4:52:
         7d:11:99:fa:13:d5:08:0f:44:c1:26:85:6a:fd:f3:e4:c3:55:
         06:9a:d7:f0:7f:47:bf:cc:0d:67:48:3e:d6:77:24:57:f2:00:
         6a:c1:a6:cd:fc:3f:36:81:2f:36:f0:8b:44:7c:f5:02:d2:82:
         f8:31:e0:98:e4:98:be:32:34:20:bb:56:e0:7a:ea:6e:a6:45:
         9d:59:20:08:c4:df:66:35:c5:6f:21:43:bf:12:f6:0d:2d:3a:
         5b:2a:7f:2a:73:f7:ae:e7:ac:fa:71:49:f0:c1:03:12:85:7b:
         77:4a:e9:10:c6:e1:b8:c8:11:c7:11:ad:a1:a4:b6:cf:76:4b:
         2c:39:41:b5:44:db:c9:74:ce:02:b4:68:05:72:22:dd:83:ba:
         67:ad:3a:b2:e4:75:43:08:27:2a:b2:05:1f:99:07:d8:48:49:
         47:79:8a:67:50:60:df:f7:45:15:46:53:ac:bc:9f:31:5f:cf:
         30:3d:df:ac:2a:56:06:b1:2d:64:00:55:88:96:6a:83:0f:2e:
         b5:10:af:2a:97:76:9e:52:42:2f:79:25:fc:7e:0c:0c:c8:47:
         c5:67:58:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijKspalQrNmaz2UKYb8ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0
YjQ4MGEwHhcNMjUwOTA3MDUwMTA4WhcNMjUwOTA4MDUwMTA4WjAzMTEwLwYDVQQD
EygxYzBiNGMzZGZmMjJjY2UyZTU2NTAzNGU0OTg3ODA2MDJmMzJjZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry0+4sa72nKCdI3iVek0BfoZCajx
nffEWybQNQUn7nOX/b7tpK6Brw1BkymGP1fYhfGBPZssPdvzLLe/A4apzyqC4FJn
D5xycsQxIr9p047JOcFrzv66GbyUIxTUOKg0FAF3cl4X5axfPaDFMEJC5h1/dAZM
8i3VyJm0qrzNc9ggj5MKwvVoqhLmihkl2tf5eBmR7hak3DZ94zvS2EOAuXLpOHkM
1Jo3fKmYuplcyxN6yUGfT5kNDKnhNoRW/ljM2eL9hhgm2HbkyGfc4t+JB5NyAvB9
jhJPv20vmCp/GHikgj+shhsz1VAgNcg+WW6AbYbu4fXRrRNZxrXEd0E6OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwLTD3/Iszi5WUDTkmHgGAvMs0AMB8GA1UdIwQY
MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt
YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj
LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMR3FkctI
WCSb1qAguXtLTDgZLF0V41G21k0sk2/Hazr4MORSfRGZ+hPVCA9EwSaFav3z5MNV
BprX8H9Hv8wNZ0g+1nckV/IAasGmzfw/NoEvNvCLRHz1AtKC+DHgmOSYvjI0ILtW
4HrqbqZFnVkgCMTfZjXFbyFDvxL2DS06Wyp/KnP3rues+nFJ8MEDEoV7d0rpEMbh
uMgRxxGtoaS2z3ZLLDlBtUTbyXTOArRoBXIi3YO6Z606suR1QwgnKrIFH5kH2EhJ
R3mKZ1Bg3/dFFUZTrLyfMV/PMD3frCpWBrEtZABViJZqgw8utRCvKpd2nlJCL3kl
/H4MDMhHxWdYWg==
-----END CERTIFICATE-----