Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
File:                     pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json)
Hash identifier:          Ahaz9T+WZSP4b5Z2rR8bXkrbmCV39/wsZvB7FJtbmSk=
Subject key identifier:   83:A1:06:BA:26:24:F8:EE:91:2E:61:3C:C3:68:AD:E4:1A:B7:C0:DC
Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4
Certificate issuer:       /CN=a4068c6655c333fc712832c113f67f1fd688aec4
Certificate serial:       019694F21BCC3F9C110E84AB83E183E8DF28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
Manifest number:          121C
Signing time:             Sat 03 May 2025 07:00:16 +0000
Manifest this update:     Sat 03 May 2025 07:00:16 +0000
Manifest next update:     Sun 04 May 2025 07:00:16 +0000
Files and hashes:         1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: 1DLDl7fqMfw3/5OgA8oDuC/prVcEox/T058g3BwKQiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:94:f2:1b:cc:3f:9c:11:0e:84:ab:83:e1:83:e8:df:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4
        Validity
            Not Before: May  3 07:00:16 2025 GMT
            Not After : May  4 07:00:16 2025 GMT
        Subject: CN=83a106ba2624f8ee912e613cc368ade41ab7c0dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:c1:e6:8f:75:d7:f8:cb:b7:f6:d2:f9:95:07:
                    67:43:d4:2f:ea:86:29:17:74:3f:72:26:63:0f:a9:
                    f3:b6:72:04:95:11:58:8a:56:05:21:ea:85:8a:c0:
                    56:bc:e1:3b:09:75:ee:fe:6f:4f:d5:97:5b:02:09:
                    61:8f:dc:bc:a3:03:89:24:8e:2b:98:5a:dd:63:e7:
                    81:b2:21:c0:6e:4a:72:d4:21:6b:2c:00:32:20:1b:
                    a9:91:49:74:74:b4:8c:b2:ee:b8:de:42:79:dc:da:
                    78:55:ca:44:99:26:19:9a:e7:73:0d:a6:4c:b6:86:
                    94:79:3a:a7:e4:3a:e2:ec:2e:f0:cb:c6:d4:a8:36:
                    d2:31:5d:8f:d7:e1:74:a9:7f:5a:28:9c:30:4d:97:
                    f4:cc:ce:49:48:08:54:d7:4f:9c:75:33:73:c1:72:
                    99:1d:2f:da:82:32:4e:28:d6:32:ed:eb:86:d6:b2:
                    2a:bb:c4:60:89:c2:61:9e:43:d5:cc:5d:ab:05:4b:
                    b9:b3:f3:58:dc:78:77:06:7d:b9:47:5c:da:8a:d8:
                    e3:9a:c4:d1:e5:c4:7f:cc:5d:ce:a7:21:6d:45:1b:
                    5d:13:d5:06:35:e0:6f:ac:36:39:fc:ef:d4:b9:21:
                    5a:39:0a:42:f2:7b:0d:03:aa:a3:fd:bd:da:3b:f9:
                    cc:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:A1:06:BA:26:24:F8:EE:91:2E:61:3C:C3:68:AD:E4:1A:B7:C0:DC
            X509v3 Authority Key Identifier:
                keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:8b:fc:b7:b6:dc:dd:92:8c:4b:14:41:09:71:fb:9e:de:24:
         b6:4e:8b:82:60:a9:54:96:88:e3:4d:9c:e8:c8:47:77:a1:25:
         01:70:ca:fe:18:ff:b2:2f:b2:7a:f0:96:6d:8c:43:ed:74:01:
         2a:dc:cd:22:03:87:18:7a:91:2b:5e:1c:c9:a3:fb:91:d2:54:
         6f:2e:55:e0:44:07:4c:67:b9:ed:27:c1:a3:90:e5:56:57:aa:
         58:a2:62:7c:1b:fa:8c:13:18:48:27:c9:a6:07:9e:92:ae:e2:
         d5:3d:9c:1d:d1:be:20:a8:f0:70:9b:ae:73:3f:0c:e8:10:f3:
         3a:c3:47:12:7a:80:3e:8f:76:ed:5c:04:65:67:d1:d8:37:82:
         9e:a5:46:41:a0:11:11:80:88:50:49:c6:65:42:72:7a:63:f7:
         06:e2:fd:6a:8b:dc:64:69:a6:3e:98:21:ab:4a:8b:85:97:27:
         ad:64:0a:36:b1:c2:d8:a9:6f:c7:6d:77:f9:e3:b9:41:a5:40:
         bf:36:10:a1:03:79:0e:a6:f3:12:a6:b8:e5:05:82:4f:f8:3a:
         b4:83:63:59:20:f5:f2:47:64:52:1b:86:81:59:62:4c:ae:c0:
         ea:8b:86:31:2a:e5:0a:d3:9d:48:87:05:dd:d7:48:32:a7:9a:
         ab:2e:87:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaU8hvMP5wRDoSrg+GD6N8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4
OGFlYzQwHhcNMjUwNTAzMDcwMDE2WhcNMjUwNTA0MDcwMDE2WjAzMTEwLwYDVQQD
Eyg4M2ExMDZiYTI2MjRmOGVlOTEyZTYxM2NjMzY4YWRlNDFhYjdjMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcHmj3XX+Mu39tL5lQdnQ9Qv6oYp
F3Q/ciZjD6nztnIElRFYilYFIeqFisBWvOE7CXXu/m9P1ZdbAglhj9y8owOJJI4r
mFrdY+eBsiHAbkpy1CFrLAAyIBupkUl0dLSMsu643kJ53Np4VcpEmSYZmudzDaZM
toaUeTqn5Dri7C7wy8bUqDbSMV2P1+F0qX9aKJwwTZf0zM5JSAhU10+cdTNzwXKZ
HS/agjJOKNYy7euG1rIqu8RgicJhnkPVzF2rBUu5s/NY3Hh3Bn25R1zaitjjmsTR
5cR/zF3OpyFtRRtdE9UGNeBvrDY5/O/UuSFaOQpC8nsNA6qj/b3aO/nMVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOhBromJPjukS5hPMNoreQat8DcMB8GA1UdIwQY
MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt
ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl
LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIv8t7bc
3ZKMSxRBCXH7nt4ktk6LgmCpVJaI402c6MhHd6ElAXDK/hj/si+yevCWbYxD7XQB
KtzNIgOHGHqRK14cyaP7kdJUby5V4EQHTGe57SfBo5DlVleqWKJifBv6jBMYSCfJ
pgeekq7i1T2cHdG+IKjwcJuucz8M6BDzOsNHEnqAPo927VwEZWfR2DeCnqVGQaAR
EYCIUEnGZUJyemP3BuL9aovcZGmmPpghq0qLhZcnrWQKNrHC2Klvx213+eO5QaVA
vzYQoQN5DqbzEqa45QWCT/g6tINjWSD18kdkUhuGgVliTK7A6ouGMSrlCtOdSIcF
3ddIMqeaqy6HAw==
-----END CERTIFICATE-----