Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
File:                     aXC3r07RGKBaFTFefYuUY0yf6iA.mft (raw, json)
Hash identifier:          iqlrUA6YOguB/18Vn/jEnwsUjl0Bd7TXVQWYiZPr+gY=
Subject key identifier:   34:27:76:D7:90:3D:CF:38:8D:CA:89:65:EE:D5:42:21:A9:14:6B:18
Authority key identifier: 69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20
Certificate issuer:       /CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
Certificate serial:       01974BC4AA359D1006C3F9D25FF24D9F651D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
Manifest number:          0B08
Signing time:             Sat 07 Jun 2025 19:01:09 +0000
Manifest this update:     Sat 07 Jun 2025 19:01:09 +0000
Manifest next update:     Sun 08 Jun 2025 19:01:09 +0000
Files and hashes:         1: aXC3r07RGKBaFTFefYuUY0yf6iA.crl (hash: 9+X5KEClODgBDLh41E98OAmWNHEG+h+KkpPgbJt02lY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c4:aa:35:9d:10:06:c3:f9:d2:5f:f2:4d:9f:65:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
        Validity
            Not Before: Jun  7 19:01:09 2025 GMT
            Not After : Jun  8 19:01:09 2025 GMT
        Subject: CN=342776d7903dcf388dca8965eed54221a9146b18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:74:6c:f8:ae:94:a6:68:0c:49:c4:57:72:59:
                    91:de:d3:31:e8:b5:bc:15:5b:28:96:7a:92:ea:6d:
                    ff:ca:85:50:0e:9d:02:bc:42:4c:9c:5a:e5:3a:6c:
                    7e:a6:bb:14:80:32:c1:e0:24:55:91:15:aa:0e:6f:
                    6e:b8:42:41:54:52:ab:48:6c:64:36:ea:f8:eb:95:
                    1f:63:7b:76:bb:32:cb:20:6c:13:67:f1:62:b2:30:
                    38:d2:d5:bc:65:81:68:31:55:a0:79:d1:f5:6e:90:
                    ce:d4:bc:5c:bd:e4:47:fd:fd:4b:ab:4a:ce:5b:a5:
                    bc:be:58:f6:4a:ef:fd:de:db:30:ed:25:9d:42:af:
                    ea:ac:a6:ac:72:5d:5e:13:ff:93:40:72:9d:2f:18:
                    65:a3:39:dd:5a:11:5e:01:7a:11:19:09:33:06:66:
                    88:2d:d7:91:95:c0:a2:b0:09:61:ed:01:16:9b:07:
                    c5:3e:70:d6:9b:8c:f3:59:9f:a5:5a:c9:fd:c0:b4:
                    db:e0:ee:70:04:d6:8f:bd:05:6b:df:b4:c6:cb:69:
                    0e:9c:23:c8:58:3b:96:7d:74:a9:e2:ca:a2:bd:dd:
                    7c:dc:4c:46:36:c5:11:63:a9:0b:1a:16:31:5d:de:
                    7f:49:61:a5:63:a4:e8:b0:de:38:b7:9c:99:44:73:
                    76:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:27:76:D7:90:3D:CF:38:8D:CA:89:65:EE:D5:42:21:A9:14:6B:18
            X509v3 Authority Key Identifier:
                keyid:69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:cf:11:d4:bd:64:d1:61:74:2b:89:f3:45:77:a2:d2:34:ae:
         ed:bb:ba:39:fe:8e:ef:41:df:ea:f3:99:3f:da:18:d0:a9:5e:
         3a:39:5d:25:b7:6c:cc:8a:d4:f1:ad:4b:9f:2f:5b:9e:cd:d9:
         67:8f:17:c2:83:24:8e:7a:47:24:7b:8e:ad:f3:a1:48:d4:ac:
         7e:2a:f8:c4:9c:1b:69:43:d9:bb:f2:25:f7:ca:32:15:d2:aa:
         ac:5b:d3:43:38:c9:b2:39:29:81:ff:fa:11:6c:ae:3a:e9:0f:
         3a:30:fb:55:df:ed:af:ef:0a:83:33:b0:d7:cd:ff:05:78:a5:
         ba:b0:bb:39:08:61:d7:24:88:44:dc:1e:ee:ca:44:25:ac:bc:
         9c:b2:cb:6a:c4:10:e8:10:8f:70:0b:61:26:40:dd:e8:b1:51:
         f2:b1:5f:8f:9e:78:06:f2:ab:f5:03:57:6f:d5:68:2c:78:0f:
         6e:9e:f5:fc:57:59:79:bf:af:49:20:2b:16:22:31:29:75:01:
         bd:87:ff:f0:1b:d6:ab:66:7e:eb:49:2c:8b:a4:fa:a7:77:00:
         8a:28:50:80:4e:c0:ec:b2:4e:d3:7b:dd:42:db:2e:d6:71:12:
         ea:22:d4:87:6f:9d:73:50:8b:bf:9d:50:58:c9:15:ca:30:59:
         59:28:4f:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLxKo1nRAGw/nSX/JNn2UdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzBiN2FmNGVkMTE4YTA1YTE1MzE1ZTdkOGI5NDYzNGM5
ZmVhMjAwHhcNMjUwNjA3MTkwMTA5WhcNMjUwNjA4MTkwMTA5WjAzMTEwLwYDVQQD
EygzNDI3NzZkNzkwM2RjZjM4OGRjYTg5NjVlZWQ1NDIyMWE5MTQ2YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33Rs+K6UpmgMScRXclmR3tMx6LW8
FVsolnqS6m3/yoVQDp0CvEJMnFrlOmx+prsUgDLB4CRVkRWqDm9uuEJBVFKrSGxk
Nur465UfY3t2uzLLIGwTZ/FisjA40tW8ZYFoMVWgedH1bpDO1LxcveRH/f1Lq0rO
W6W8vlj2Su/93tsw7SWdQq/qrKascl1eE/+TQHKdLxhlozndWhFeAXoRGQkzBmaI
LdeRlcCisAlh7QEWmwfFPnDWm4zzWZ+lWsn9wLTb4O5wBNaPvQVr37TGy2kOnCPI
WDuWfXSp4sqivd183ExGNsURY6kLGhYxXd5/SWGlY6TosN44t5yZRHN26wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQndteQPc84jcqJZe7VQiGpFGsYMB8GA1UdIwQY
MBaAFGlwt69O0RigWhUxXn2LlGNMn+ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEt
YjEwNjIzMmEzNDJjLzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEtYjEwNjIzMmEzNDJj
LzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAss8R1L1k
0WF0K4nzRXei0jSu7bu6Of6O70Hf6vOZP9oY0KleOjldJbdszIrU8a1Lny9bns3Z
Z48XwoMkjnpHJHuOrfOhSNSsfir4xJwbaUPZu/Il98oyFdKqrFvTQzjJsjkpgf/6
EWyuOukPOjD7Vd/tr+8KgzOw183/BXilurC7OQhh1ySIRNwe7spEJay8nLLLasQQ
6BCPcAthJkDd6LFR8rFfj554BvKr9QNXb9VoLHgPbp71/FdZeb+vSSArFiIxKXUB
vYf/8BvWq2Z+60ksi6T6p3cAiihQgE7A7LJO03vdQtsu1nES6iLUh2+dc1CLv51Q
WMkVyjBZWShPJw==
-----END CERTIFICATE-----