Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
File:                     aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft (raw, json)
Hash identifier:          Qz9rlCwvz1VvwTOapzF8sLrWMqsAIWaaxo7LCWRNkYg=
Subject key identifier:   19:B1:3A:08:7D:E3:7F:A4:95:AB:E3:44:C1:89:7B:A0:9F:4D:5A:AC
Authority key identifier: 69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A
Certificate issuer:       /CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
Certificate serial:       01958B4DBB6E613B2FF979C7282406F19E03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
Manifest number:          1424
Signing time:             Wed 12 Mar 2025 17:01:21 +0000
Manifest this update:     Wed 12 Mar 2025 17:01:21 +0000
Manifest next update:     Thu 13 Mar 2025 17:01:21 +0000
Files and hashes:         1: aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl (hash: SMkOAzxtsMtlmseIS8mi6sO73vauE0aijL3/rwxYnXo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 17:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:4d:bb:6e:61:3b:2f:f9:79:c7:28:24:06:f1:9e:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=698d47bedf8489aa02d3db46f98b4f7a264b480a
        Validity
            Not Before: Mar 12 17:01:21 2025 GMT
            Not After : Mar 13 17:01:21 2025 GMT
        Subject: CN=19b13a087de37fa495abe344c1897ba09f4d5aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:19:4c:a9:d7:25:e9:f3:2a:b5:9d:68:df:29:
                    2d:54:25:20:36:8f:6e:48:d8:8e:52:c0:82:62:23:
                    ec:93:a7:d0:aa:8f:09:5e:8d:88:5d:ca:cf:0e:17:
                    e6:d1:de:03:51:a2:2c:24:6f:67:b4:ba:cc:3d:e9:
                    fe:d5:58:c1:64:66:7c:cf:1d:b5:29:bd:9f:63:46:
                    2b:9e:95:a7:e3:90:9d:71:c1:57:26:16:5e:23:97:
                    e8:9f:d9:39:8e:b1:52:37:eb:1a:31:0c:1a:33:16:
                    0c:07:fe:57:e9:db:60:01:aa:e5:87:ce:07:f4:af:
                    be:31:d6:33:c0:bc:e1:6c:c6:08:4d:1e:fd:eb:fb:
                    f8:c4:6a:d8:b5:ba:5b:b7:78:3c:c1:c2:62:18:e1:
                    96:01:d1:ff:c7:85:05:bc:8a:bb:bb:3b:b4:e1:d5:
                    1b:8c:22:c3:17:a1:c4:77:90:bc:f8:d6:8d:8d:04:
                    c8:58:89:c3:66:cd:d1:93:fd:c3:6d:15:cf:ac:cc:
                    9e:5d:2e:58:5a:b9:73:49:37:30:24:c7:2e:ff:19:
                    43:e8:df:59:4f:fc:19:6b:93:c7:61:dd:1b:de:82:
                    5b:0e:cb:b3:4d:5c:ef:3a:1c:3d:47:b2:82:23:34:
                    d1:8c:f0:14:44:a5:01:12:d7:59:98:d4:a1:28:26:
                    fd:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:B1:3A:08:7D:E3:7F:A4:95:AB:E3:44:C1:89:7B:A0:9F:4D:5A:AC
            X509v3 Authority Key Identifier:
                keyid:69:8D:47:BE:DF:84:89:AA:02:D3:DB:46:F9:8B:4F:7A:26:4B:48:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aY1Hvt-EiaoC09tG-YtPeiZLSAo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/59c063-27dc-44ce-a60f-b149eb705dcc/1/aY1Hvt-EiaoC09tG-YtPeiZLSAo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:a1:13:b3:cb:df:ec:be:22:71:4b:3f:f6:55:bd:5f:e1:2b:
         1b:b1:71:0c:59:b5:cf:50:4e:3b:84:64:cb:76:d2:1d:00:61:
         ce:56:98:17:9d:50:b0:76:61:bf:fd:4f:df:5c:14:70:dd:f1:
         67:df:1c:23:c2:d3:bd:cc:d2:0d:6d:d4:27:1c:b2:3b:ee:d0:
         85:b9:46:6e:87:a8:c2:40:57:9d:fb:92:2f:15:e6:60:62:cb:
         ca:f1:20:06:c3:19:ef:61:1f:bb:07:90:dd:4c:75:b2:a2:42:
         1c:fe:a0:58:49:0a:99:07:80:ce:12:58:ad:a3:fd:1b:6e:79:
         fa:fa:df:8e:66:75:87:0f:80:ac:b7:00:38:06:37:3a:fe:e6:
         58:64:8a:bb:7f:d5:1d:ec:d9:e4:50:6f:22:6e:1e:d9:19:b9:
         75:7b:6f:1f:f2:c0:84:35:2a:aa:fd:ed:4c:dc:48:2f:81:b1:
         54:40:9f:30:b0:b6:1f:a2:9d:d7:83:df:7f:14:9a:03:38:67:
         92:33:2d:4a:92:b8:9c:8b:fc:bd:9a:6f:4a:f0:47:b8:82:c6:
         92:ba:2d:f2:05:c9:d4:73:e1:72:76:78:d4:90:49:4c:8a:a0:
         97:dd:eb:b8:bc:a4:91:a2:02:32:4f:e5:9b:9f:d3:80:25:ef:
         30:63:44:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLTbtuYTsv+XnHKCQG8Z4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OGQ0N2JlZGY4NDg5YWEwMmQzZGI0NmY5OGI0ZjdhMjY0
YjQ4MGEwHhcNMjUwMzEyMTcwMTIxWhcNMjUwMzEzMTcwMTIxWjAzMTEwLwYDVQQD
EygxOWIxM2EwODdkZTM3ZmE0OTVhYmUzNDRjMTg5N2JhMDlmNGQ1YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxlMqdcl6fMqtZ1o3yktVCUgNo9u
SNiOUsCCYiPsk6fQqo8JXo2IXcrPDhfm0d4DUaIsJG9ntLrMPen+1VjBZGZ8zx21
Kb2fY0YrnpWn45CdccFXJhZeI5fon9k5jrFSN+saMQwaMxYMB/5X6dtgAarlh84H
9K++MdYzwLzhbMYITR796/v4xGrYtbpbt3g8wcJiGOGWAdH/x4UFvIq7uzu04dUb
jCLDF6HEd5C8+NaNjQTIWInDZs3Rk/3DbRXPrMyeXS5YWrlzSTcwJMcu/xlD6N9Z
T/wZa5PHYd0b3oJbDsuzTVzvOhw9R7KCIzTRjPAURKUBEtdZmNShKCb9+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmxOgh943+klavjRMGJe6CfTVqsMB8GA1UdIwQY
MBaAFGmNR77fhImqAtPbRvmLT3omS0gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYt
YjE0OWViNzA1ZGNjLzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy81OWMwNjMtMjdkYy00NGNlLWE2MGYtYjE0OWViNzA1ZGNj
LzEvYVkxSHZ0LUVpYW9DMDl0Ry1ZdFBlaVpMU0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaqETs8vf
7L4icUs/9lW9X+ErG7FxDFm1z1BOO4Rky3bSHQBhzlaYF51QsHZhv/1P31wUcN3x
Z98cI8LTvczSDW3UJxyyO+7QhblGboeowkBXnfuSLxXmYGLLyvEgBsMZ72EfuweQ
3Ux1sqJCHP6gWEkKmQeAzhJYraP9G255+vrfjmZ1hw+ArLcAOAY3Ov7mWGSKu3/V
HezZ5FBvIm4e2Rm5dXtvH/LAhDUqqv3tTNxIL4GxVECfMLC2H6Kd14PffxSaAzhn
kjMtSpK4nIv8vZpvSvBHuILGkrot8gXJ1HPhcnZ41JBJTIqgl93ruLykkaICMk/l
m5/TgCXvMGNEWQ==
-----END CERTIFICATE-----