Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
File:                     aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft (raw, json)
Hash identifier:          QHJiHIMxlylEweyfu0741HqEEHKrEbyfwlY30jYv6GE=
Subject key identifier:   4F:66:CA:DF:F5:BF:1E:B5:73:37:B7:94:60:76:10:83:06:5D:89:A9
Authority key identifier: 68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2
Certificate issuer:       /CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
Certificate serial:       01974A7B7219D1EF27383D7EDB136368B2DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
Manifest number:          1561
Signing time:             Sat 07 Jun 2025 13:01:33 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:33 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:33 +0000
Files and hashes:         1: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl (hash: L+QFeu8rmYnn/9DEfc9uu1AOJNmNKB5sphZ9/u/FVhc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:72:19:d1:ef:27:38:3d:7e:db:13:63:68:b2:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
        Validity
            Not Before: Jun  7 13:01:33 2025 GMT
            Not After : Jun  8 13:01:33 2025 GMT
        Subject: CN=4f66cadff5bf1eb57337b79460761083065d89a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:6f:f4:a6:25:d0:cb:30:d5:14:49:29:aa:03:
                    bd:c2:8f:e4:74:7d:d0:35:f1:94:85:19:38:d3:06:
                    e6:a1:f8:f8:4a:bf:71:60:b1:ca:8c:7a:10:d9:02:
                    0a:0b:22:af:4c:39:5a:54:2a:4e:d9:7f:06:af:c4:
                    79:f8:c9:35:3c:01:b7:00:e0:44:8a:34:7e:e5:49:
                    9e:f7:67:1e:57:51:68:3f:b7:70:6b:d5:47:fc:85:
                    b4:14:71:6b:dd:98:a1:63:f1:f3:70:9a:9e:99:14:
                    cd:45:f1:25:e2:8e:fc:29:84:a9:af:26:15:33:54:
                    87:19:cb:02:01:ed:59:8c:ed:ad:3f:c3:56:19:d3:
                    22:98:0e:f9:59:73:3b:04:e1:0d:66:5d:2b:7e:dd:
                    92:ae:0e:38:50:9b:38:ab:ad:fc:16:c6:1d:ce:81:
                    2d:b1:ee:9f:09:c4:dd:58:db:d2:6d:41:32:4a:91:
                    28:0e:51:85:90:c6:f2:bc:12:25:e6:b7:4e:56:f3:
                    f0:e4:e7:42:4a:8b:0a:43:e9:b6:f8:b1:ea:95:d5:
                    79:18:f9:10:d7:53:1d:29:bc:58:25:96:03:50:87:
                    4d:ed:ed:b9:62:79:62:fc:9e:3d:1f:a0:2d:2f:25:
                    5c:0c:b8:bb:c5:cb:d7:5c:a5:d5:97:2a:15:76:b9:
                    de:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:66:CA:DF:F5:BF:1E:B5:73:37:B7:94:60:76:10:83:06:5D:89:A9
            X509v3 Authority Key Identifier:
                keyid:68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:77:88:92:84:da:65:5f:fc:3e:ff:cf:11:9c:3d:a2:16:8f:
         e6:41:69:e6:c9:55:6b:5c:2f:fa:6a:19:03:3e:71:e4:d0:c4:
         04:e2:a4:4a:7d:86:4c:65:4d:41:b3:de:ab:b1:1f:01:68:01:
         9d:85:3c:6b:6e:06:d6:85:7d:b6:e4:a1:89:54:48:1c:c8:a3:
         d1:98:75:0b:08:bb:98:83:ea:87:28:6c:eb:25:45:16:d6:1a:
         da:af:d6:32:87:a6:d3:49:86:e9:f6:1b:40:53:91:04:0e:19:
         b8:5f:af:42:0d:78:38:ef:49:22:cb:93:54:db:e5:6e:76:94:
         a2:8e:79:5d:d1:c4:a0:37:f6:7e:27:b0:62:13:e4:26:31:2c:
         07:59:7f:cd:d3:a8:06:8f:39:f3:cd:2a:d7:f0:68:83:1d:c8:
         61:08:06:1a:00:03:f4:60:86:41:8b:9b:84:43:1d:9d:39:db:
         45:31:ec:b4:2e:fa:13:75:5e:5e:0e:fa:da:d1:b8:21:63:f2:
         51:99:98:ab:29:68:da:c3:2d:1b:b7:02:12:d3:be:98:07:5e:
         b8:e1:99:7a:f5:ac:a3:13:ed:2b:2c:f3:f9:dd:0f:5a:5a:09:
         2f:48:9a:1f:d5:f3:2d:e4:55:03:9a:e4:ba:3a:1a:21:a2:58:
         88:3f:18:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe3IZ0e8nOD1+2xNjaLLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTFlNmVhNTI3ZGMzODVhNzlhM2UwODgyN2RiZjY5MGM5
MWM0YzIwHhcNMjUwNjA3MTMwMTMzWhcNMjUwNjA4MTMwMTMzWjAzMTEwLwYDVQQD
Eyg0ZjY2Y2FkZmY1YmYxZWI1NzMzN2I3OTQ2MDc2MTA4MzA2NWQ4OWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW/0piXQyzDVFEkpqgO9wo/kdH3Q
NfGUhRk40wbmofj4Sr9xYLHKjHoQ2QIKCyKvTDlaVCpO2X8Gr8R5+Mk1PAG3AOBE
ijR+5Ume92ceV1FoP7dwa9VH/IW0FHFr3ZihY/HzcJqemRTNRfEl4o78KYSpryYV
M1SHGcsCAe1ZjO2tP8NWGdMimA75WXM7BOENZl0rft2Srg44UJs4q638FsYdzoEt
se6fCcTdWNvSbUEySpEoDlGFkMbyvBIl5rdOVvPw5OdCSosKQ+m2+LHqldV5GPkQ
11MdKbxYJZYDUIdN7e25Ynli/J49H6AtLyVcDLi7xcvXXKXVlyoVdrneFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE9myt/1vx61cze3lGB2EIMGXYmpMB8GA1UdIwQY
MBaAFGjh5upSfcOFp5o+CIJ9v2kMkcTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4Mzkt
MTdkMDk3ZmY4OWMyLzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4MzktMTdkMDk3ZmY4OWMy
LzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaHeIkoTa
ZV/8Pv/PEZw9ohaP5kFp5slVa1wv+moZAz5x5NDEBOKkSn2GTGVNQbPeq7EfAWgB
nYU8a24G1oV9tuShiVRIHMij0Zh1Cwi7mIPqhyhs6yVFFtYa2q/WMoem00mG6fYb
QFORBA4ZuF+vQg14OO9JIsuTVNvlbnaUoo55XdHEoDf2fiewYhPkJjEsB1l/zdOo
Bo85880q1/Bogx3IYQgGGgAD9GCGQYubhEMdnTnbRTHstC76E3VeXg762tG4IWPy
UZmYqylo2sMtG7cCEtO+mAdeuOGZevWsoxPtKyzz+d0PWloJL0iaH9XzLeRVA5rk
ujoaIaJYiD8Y7A==
-----END CERTIFICATE-----