Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.mft
File:                     aRWYIN1xgAT7FchbJweWy06EpOo.mft (raw, json)
Hash identifier:          lamW/jhWiwv/ihA/jaBJ2i69pxrHIWheUuFBGDyPwyU=
Subject key identifier:   67:E2:73:59:5F:DA:16:76:B9:35:D0:70:48:36:D1:63:64:F0:2D:D9
Authority key identifier: 69:15:98:20:DD:71:80:04:FB:15:C8:5B:27:07:96:CB:4E:84:A4:EA
Certificate issuer:       /CN=69159820dd718004fb15c85b270796cb4e84a4ea
Certificate serial:       0197488C01AEE3C69273703168C37CAAC4DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aRWYIN1xgAT7FchbJweWy06EpOo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.mft
Manifest number:          A3
Signing time:             Sat 07 Jun 2025 04:00:24 +0000
Manifest this update:     Sat 07 Jun 2025 04:00:24 +0000
Manifest next update:     Sun 08 Jun 2025 04:00:24 +0000
Files and hashes:         1: aRWYIN1xgAT7FchbJweWy06EpOo.crl (hash: yjGVI/yRGoxjcnhJhwLxQVOl3sr9lkaoKhZGGIn5BGI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aRWYIN1xgAT7FchbJweWy06EpOo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:8c:01:ae:e3:c6:92:73:70:31:68:c3:7c:aa:c4:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69159820dd718004fb15c85b270796cb4e84a4ea
        Validity
            Not Before: Jun  7 04:00:24 2025 GMT
            Not After : Jun  8 04:00:24 2025 GMT
        Subject: CN=67e273595fda1676b935d0704836d16364f02dd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:15:3e:1e:d6:47:ed:25:73:60:83:16:77:99:
                    36:36:8d:e5:ea:b4:8f:07:d9:58:62:47:bd:35:0e:
                    c2:88:15:2d:5d:63:93:2f:88:e1:58:97:e6:4d:bf:
                    c1:b5:f4:1e:96:e8:94:18:d0:83:40:05:2d:11:ec:
                    c9:1c:14:b5:9f:a5:8b:80:03:17:44:f5:84:11:39:
                    10:09:36:fc:34:52:f0:b3:6d:de:f5:81:d3:64:64:
                    e2:e7:7e:18:28:93:71:cd:10:b9:4e:7d:01:50:6f:
                    8b:eb:1d:7c:0f:4b:8a:d7:89:1b:03:59:e3:1f:ef:
                    43:14:e4:0f:7d:11:fa:85:00:21:f1:53:04:bd:8a:
                    1c:e9:f4:98:60:90:ca:17:39:90:ba:bd:86:9a:bd:
                    93:f0:97:ae:10:8d:d7:7b:44:b0:32:ed:6c:e5:c9:
                    45:26:36:bb:3a:8b:ce:45:a4:20:4f:5c:e5:f2:e7:
                    8b:8e:a8:5e:34:51:7b:b3:23:cd:63:1a:2d:1b:0d:
                    5a:4f:9c:21:3d:1d:ab:7d:c6:66:36:f0:18:73:7d:
                    08:5c:07:bc:99:96:47:40:cd:a0:8d:b3:5b:b6:92:
                    90:56:78:08:a1:19:f1:37:48:56:77:e4:04:dd:4d:
                    7f:f8:28:1b:da:2e:60:86:10:6f:59:15:5a:f1:fc:
                    be:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:E2:73:59:5F:DA:16:76:B9:35:D0:70:48:36:D1:63:64:F0:2D:D9
            X509v3 Authority Key Identifier:
                keyid:69:15:98:20:DD:71:80:04:FB:15:C8:5B:27:07:96:CB:4E:84:A4:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRWYIN1xgAT7FchbJweWy06EpOo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/7ddf30-3c91-43f9-b3b1-c949f0591f5b/1/aRWYIN1xgAT7FchbJweWy06EpOo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:4b:9b:a7:81:c8:78:c8:1e:ba:01:a9:ae:d5:d9:cd:6e:24:
         77:62:04:2b:36:da:9b:38:7a:ff:5b:04:23:bb:fc:7d:f7:ac:
         26:a3:e4:be:3b:d0:ea:57:c3:49:27:4f:7e:90:01:b1:fe:5f:
         13:29:2d:4b:f0:25:7e:ef:38:60:34:0b:86:3b:9e:ea:be:2c:
         fc:ca:a4:93:07:5b:1f:02:5b:ec:5c:eb:25:54:e1:c9:10:1b:
         22:41:f2:be:55:c6:26:ea:2c:a0:a9:a3:4c:91:84:5f:ac:6d:
         2f:81:cd:0b:c8:db:f8:ae:f8:03:9a:78:2d:3a:87:52:90:50:
         30:64:4c:a0:f0:75:de:e5:e9:3d:2b:d4:79:69:16:cd:34:3d:
         71:55:0b:65:f2:d3:87:53:fa:a7:a9:f6:a9:c2:84:19:85:62:
         26:e4:d5:74:e0:75:13:02:41:33:60:6c:8f:87:83:60:ca:1e:
         9d:8e:2a:e2:93:7f:dc:6d:bf:b7:c5:b1:5b:58:a8:ee:55:d7:
         fa:40:ad:5f:b4:89:fc:47:e7:5d:74:8e:cd:a2:b9:d7:cb:21:
         be:5f:cf:3b:f8:e6:2e:fd:cc:83:cf:a1:ee:c3:e5:22:e7:4a:
         8c:33:a6:7d:30:98:7d:fc:20:b9:db:31:60:05:1b:31:63:70:
         fd:86:b5:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdIjAGu48aSc3AxaMN8qsTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTU5ODIwZGQ3MTgwMDRmYjE1Yzg1YjI3MDc5NmNiNGU4
NGE0ZWEwHhcNMjUwNjA3MDQwMDI0WhcNMjUwNjA4MDQwMDI0WjAzMTEwLwYDVQQD
Eyg2N2UyNzM1OTVmZGExNjc2YjkzNWQwNzA0ODM2ZDE2MzY0ZjAyZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxU+HtZH7SVzYIMWd5k2No3l6rSP
B9lYYke9NQ7CiBUtXWOTL4jhWJfmTb/BtfQeluiUGNCDQAUtEezJHBS1n6WLgAMX
RPWEETkQCTb8NFLws23e9YHTZGTi534YKJNxzRC5Tn0BUG+L6x18D0uK14kbA1nj
H+9DFOQPfRH6hQAh8VMEvYoc6fSYYJDKFzmQur2Gmr2T8JeuEI3Xe0SwMu1s5clF
Jja7OovORaQgT1zl8ueLjqheNFF7syPNYxotGw1aT5whPR2rfcZmNvAYc30IXAe8
mZZHQM2gjbNbtpKQVngIoRnxN0hWd+QE3U1/+Cgb2i5ghhBvWRVa8fy+uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfic1lf2hZ2uTXQcEg20WNk8C3ZMB8GA1UdIwQY
MBaAFGkVmCDdcYAE+xXIWycHlstOhKTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJXWUlOMXhnQVQ3RmNoYkp3ZVd5MDZFcE9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy83ZGRmMzAtM2M5MS00M2Y5LWIzYjEt
Yzk0OWYwNTkxZjViLzEvYVJXWUlOMXhnQVQ3RmNoYkp3ZVd5MDZFcE9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy83ZGRmMzAtM2M5MS00M2Y5LWIzYjEtYzk0OWYwNTkxZjVi
LzEvYVJXWUlOMXhnQVQ3RmNoYkp3ZVd5MDZFcE9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZUubp4HI
eMgeugGprtXZzW4kd2IEKzbamzh6/1sEI7v8ffesJqPkvjvQ6lfDSSdPfpABsf5f
EyktS/Alfu84YDQLhjue6r4s/MqkkwdbHwJb7FzrJVThyRAbIkHyvlXGJuosoKmj
TJGEX6xtL4HNC8jb+K74A5p4LTqHUpBQMGRMoPB13uXpPSvUeWkWzTQ9cVULZfLT
h1P6p6n2qcKEGYViJuTVdOB1EwJBM2Bsj4eDYMoenY4q4pN/3G2/t8WxW1io7lXX
+kCtX7SJ/EfnXXSOzaK518shvl/PO/jmLv3Mg8+h7sPlIudKjDOmfTCYffwgudsx
YAUbMWNw/Ya1aw==
-----END CERTIFICATE-----