Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
File:                     aiElvfZalVLVuOF6s2FaoQuAWXY.mft (raw, json)
Hash identifier:          vwpK3sAM4WLhmmellZHp1/SFSeAVYEp8VtRNM/JGK8o=
Subject key identifier:   05:10:FA:90:25:31:37:9A:77:FF:7A:AF:33:DE:41:5C:09:AF:61:DC
Authority key identifier: 6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76
Certificate issuer:       /CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
Certificate serial:       0197499EF98A5F0379FCB114B3C380FCAA2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
Manifest number:          017E
Signing time:             Sat 07 Jun 2025 09:00:44 +0000
Manifest this update:     Sat 07 Jun 2025 09:00:44 +0000
Manifest next update:     Sun 08 Jun 2025 09:00:44 +0000
Files and hashes:         1: aiElvfZalVLVuOF6s2FaoQuAWXY.crl (hash: Zjv6BnRsNWF3KEcWi8HW9qjSTDvJlCSnAwX9mShSuAA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:9e:f9:8a:5f:03:79:fc:b1:14:b3:c3:80:fc:aa:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a2125bdf65a9552d5b8e17ab3615aa10b805976
        Validity
            Not Before: Jun  7 09:00:44 2025 GMT
            Not After : Jun  8 09:00:44 2025 GMT
        Subject: CN=0510fa902531379a77ff7aaf33de415c09af61dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a1:c3:64:94:56:87:d7:24:23:6f:dc:33:7a:
                    a2:80:15:8e:8d:71:66:30:01:91:7b:56:aa:d1:84:
                    85:af:44:f3:ad:1e:c2:29:ac:93:13:fb:d4:10:99:
                    b3:40:a6:7c:23:73:f8:6f:5c:38:de:34:ac:2f:44:
                    34:5f:90:d1:8b:89:9a:29:02:c0:f2:9d:74:dc:64:
                    06:42:2c:06:da:d9:2c:d5:73:20:b1:7f:56:fa:af:
                    ee:81:27:e2:d2:99:cd:f4:fa:6f:79:3f:1f:41:c5:
                    0d:5b:35:b2:e4:23:6c:33:d2:9f:7b:a3:8f:a1:ad:
                    f8:dd:ec:97:a3:fd:19:85:86:18:44:e0:56:d6:a9:
                    d9:f2:9b:67:aa:b6:91:fb:94:5a:32:e0:8b:45:e3:
                    18:cd:d3:82:b0:c1:51:e7:70:82:9a:37:dc:77:bd:
                    5e:d8:b2:14:64:f9:47:8f:61:e8:d5:68:4e:09:69:
                    e7:ed:07:b3:a4:56:f1:b6:d5:ad:88:ed:71:ac:46:
                    a8:82:f4:f3:1e:6d:7a:ec:c2:04:ec:7a:d9:d7:9d:
                    85:8f:dd:60:0c:cd:52:ab:90:3d:99:29:7f:72:6e:
                    86:14:a1:4f:72:f7:52:30:08:6c:f5:c4:cf:0a:03:
                    d7:ab:fd:11:4a:9a:b6:09:20:3a:5a:db:d8:a8:77:
                    eb:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:10:FA:90:25:31:37:9A:77:FF:7A:AF:33:DE:41:5C:09:AF:61:DC
            X509v3 Authority Key Identifier:
                keyid:6A:21:25:BD:F6:5A:95:52:D5:B8:E1:7A:B3:61:5A:A1:0B:80:59:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aiElvfZalVLVuOF6s2FaoQuAWXY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/f5b68e-e093-46d5-8d0d-63ed22cabc92/1/aiElvfZalVLVuOF6s2FaoQuAWXY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:c6:78:4e:f7:c5:8d:ad:a4:be:a9:23:5e:c7:f0:ce:71:25:
         b9:d4:c2:ac:f8:87:57:32:ec:4f:a9:d7:0a:87:d7:bf:fd:86:
         ac:39:a9:fa:d5:c1:f1:b9:fe:c5:b4:bc:d9:df:91:86:0d:41:
         f9:85:e3:80:c0:86:73:77:1c:ba:1b:47:df:ac:9d:05:01:a6:
         8a:c6:35:89:ad:d3:93:bb:17:c3:c7:5d:4b:90:17:89:c1:b6:
         fa:27:82:2d:9c:31:4a:a1:bf:b5:d5:03:e6:51:f6:6c:a2:88:
         f4:1e:e6:ef:ae:8b:1d:0d:5c:49:27:1b:2f:e5:34:34:2d:64:
         d3:f6:18:ea:f8:eb:c0:96:97:86:db:3d:a2:7c:8c:be:7c:dd:
         73:b3:db:f3:fc:79:88:06:22:0b:53:69:67:44:41:ba:78:11:
         02:87:fb:77:5b:2c:41:32:a4:8d:29:d8:b1:0b:d5:8e:9e:d6:
         d3:4e:e9:fb:e8:e2:69:4e:b5:f0:ad:d4:4d:8e:b6:d6:25:67:
         de:56:94:de:93:91:de:7c:e9:0c:d5:f2:1c:d2:d7:e6:7e:a2:
         37:2c:35:aa:1e:cf:4a:ae:12:8e:9d:bb:30:22:c2:6b:3a:b8:
         b9:65:33:a2:af:05:0e:e1:d4:f8:54:ff:a1:43:f4:50:d5:03:
         f3:18:1d:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJnvmKXwN5/LEUs8OA/KorMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMjEyNWJkZjY1YTk1NTJkNWI4ZTE3YWIzNjE1YWExMGI4
MDU5NzYwHhcNMjUwNjA3MDkwMDQ0WhcNMjUwNjA4MDkwMDQ0WjAzMTEwLwYDVQQD
EygwNTEwZmE5MDI1MzEzNzlhNzdmZjdhYWYzM2RlNDE1YzA5YWY2MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKHDZJRWh9ckI2/cM3qigBWOjXFm
MAGRe1aq0YSFr0TzrR7CKayTE/vUEJmzQKZ8I3P4b1w43jSsL0Q0X5DRi4maKQLA
8p103GQGQiwG2tks1XMgsX9W+q/ugSfi0pnN9PpveT8fQcUNWzWy5CNsM9Kfe6OP
oa343eyXo/0ZhYYYROBW1qnZ8ptnqraR+5RaMuCLReMYzdOCsMFR53CCmjfcd71e
2LIUZPlHj2Ho1WhOCWnn7QezpFbxttWtiO1xrEaogvTzHm167MIE7HrZ152Fj91g
DM1Sq5A9mSl/cm6GFKFPcvdSMAhs9cTPCgPXq/0RSpq2CSA6WtvYqHfrpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUQ+pAlMTead/96rzPeQVwJr2HcMB8GA1UdIwQY
MBaAFGohJb32WpVS1bjherNhWqELgFl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQt
NjNlZDIyY2FiYzkyLzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9mNWI2OGUtZTA5My00NmQ1LThkMGQtNjNlZDIyY2FiYzky
LzEvYWlFbHZmWmFsVkxWdU9GNnMyRmFvUXVBV1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWcZ4TvfF
ja2kvqkjXsfwznEludTCrPiHVzLsT6nXCofXv/2GrDmp+tXB8bn+xbS82d+Rhg1B
+YXjgMCGc3ccuhtH36ydBQGmisY1ia3Tk7sXw8ddS5AXicG2+ieCLZwxSqG/tdUD
5lH2bKKI9B7m766LHQ1cSScbL+U0NC1k0/YY6vjrwJaXhts9onyMvnzdc7Pb8/x5
iAYiC1NpZ0RBungRAof7d1ssQTKkjSnYsQvVjp7W007p++jiaU618K3UTY621iVn
3laU3pOR3nzpDNXyHNLX5n6iNyw1qh7PSq4Sjp27MCLCazq4uWUzoq8FDuHU+FT/
oUP0UNUD8xgdIg==
-----END CERTIFICATE-----