Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
File:                     AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json)
Hash identifier:          t0uwzHYFWt/Q+kHD5duyDbWgocpfCm/ShpT8VmGYk38=
Subject key identifier:   44:73:5B:EB:DB:7E:FA:5B:2C:65:1B:F3:9F:00:60:5D:74:4D:6B:19
Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
Certificate issuer:       /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Certificate serial:       019875D25931602DEC916FC600916CD45CA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
Manifest number:          1614
Signing time:             Mon 04 Aug 2025 16:02:56 +0000
Manifest this update:     Mon 04 Aug 2025 16:02:56 +0000
Manifest next update:     Tue 05 Aug 2025 16:02:56 +0000
Files and hashes:         1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: QrFtb09y0stYpVUUyrluE3uv0aR3H+4mhYaDvdNzyAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:d2:59:31:60:2d:ec:91:6f:c6:00:91:6c:d4:5c:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
        Validity
            Not Before: Aug  4 16:02:56 2025 GMT
            Not After : Aug  5 16:02:56 2025 GMT
        Subject: CN=44735bebdb7efa5b2c651bf39f00605d744d6b19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b0:f8:98:62:8f:b3:33:eb:e8:0e:41:ac:0d:
                    a9:e9:db:5c:08:1a:61:fa:0a:de:df:eb:22:79:41:
                    7f:99:10:e9:43:dd:4d:85:82:70:89:e7:cf:80:a0:
                    24:06:f5:ee:4a:1f:31:c0:ab:1d:c4:cd:f2:2a:c8:
                    cb:2f:46:af:99:75:de:c9:c1:f2:f8:e4:52:e0:61:
                    25:a9:a8:66:2b:a3:c2:63:37:99:57:41:30:2e:90:
                    cb:2d:ee:b1:d6:6a:d5:78:de:3e:14:63:8a:87:82:
                    e5:bb:e6:97:4a:72:d3:53:f5:13:4f:ca:f5:a8:9a:
                    c8:4a:99:ec:de:7f:1f:9c:d9:0f:1f:c9:56:4e:e9:
                    10:24:1d:ba:08:f5:45:65:e8:30:5f:cf:9e:11:fd:
                    a4:7c:ea:82:41:21:46:08:85:76:a7:bb:47:b1:05:
                    dc:63:85:a7:82:e3:f0:a2:b5:7b:43:25:a1:95:c1:
                    3a:11:99:5f:98:66:b7:62:35:4a:8d:dc:d8:98:73:
                    63:e2:5d:99:82:23:64:c8:0e:c1:39:ca:21:a2:72:
                    ce:6d:91:c3:85:18:5a:b9:1a:e6:14:49:eb:b6:b3:
                    46:f1:ca:c2:d3:8e:ce:8f:5f:a2:d7:95:92:2f:3b:
                    05:25:b4:16:b9:e1:cf:62:29:d4:02:a4:01:ab:9f:
                    9a:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:73:5B:EB:DB:7E:FA:5B:2C:65:1B:F3:9F:00:60:5D:74:4D:6B:19
            X509v3 Authority Key Identifier:
                keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:be:47:2d:e0:dd:3d:94:9c:1d:f4:4f:e9:5c:95:25:6f:a5:
         53:d9:e6:4d:2a:b9:ca:cb:6b:ed:10:60:f4:91:88:c1:0c:af:
         6f:c3:3a:2d:81:77:a0:dd:56:db:28:6c:94:d7:ca:7f:e8:6c:
         0f:e3:0c:da:7d:d9:d6:62:aa:9a:9c:ab:01:e1:d3:3d:3c:4d:
         54:9e:3b:53:52:25:67:97:25:ca:05:fc:90:61:44:5d:80:14:
         43:09:d5:61:1a:8f:ad:c4:38:fa:d5:63:18:5a:2f:b8:5c:6a:
         7f:f3:ca:5f:f0:d1:e1:b3:36:0d:fc:62:38:51:ad:37:06:87:
         c4:f9:4e:27:bd:ec:de:fb:bc:b3:c9:64:6a:9b:44:d3:e3:ba:
         e0:57:ed:50:41:db:79:7c:4d:3d:0d:c2:8d:c2:82:d8:cf:d9:
         de:61:5d:17:87:87:9f:9a:f0:1e:34:9a:2b:3b:77:71:f1:30:
         a3:73:c9:33:35:99:b0:e6:ce:2d:ef:e5:06:15:8c:5b:07:9e:
         77:87:94:47:3a:9c:20:5b:9b:fd:b4:ce:24:be:1c:40:92:85:
         81:d5:d1:35:50:12:6f:31:33:ff:69:07:6d:65:a0:b7:0f:74:
         d3:a7:ca:8c:73:3b:45:97:ad:a6:ca:02:eb:29:12:b6:57:e3:
         6e:d3:6a:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh10lkxYC3skW/GAJFs1FygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi
NzhhMDUwHhcNMjUwODA0MTYwMjU2WhcNMjUwODA1MTYwMjU2WjAzMTEwLwYDVQQD
Eyg0NDczNWJlYmRiN2VmYTViMmM2NTFiZjM5ZjAwNjA1ZDc0NGQ2YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLD4mGKPszPr6A5BrA2p6dtcCBph
+gre3+sieUF/mRDpQ91NhYJwiefPgKAkBvXuSh8xwKsdxM3yKsjLL0avmXXeycHy
+ORS4GElqahmK6PCYzeZV0EwLpDLLe6x1mrVeN4+FGOKh4Llu+aXSnLTU/UTT8r1
qJrISpns3n8fnNkPH8lWTukQJB26CPVFZegwX8+eEf2kfOqCQSFGCIV2p7tHsQXc
Y4WnguPworV7QyWhlcE6EZlfmGa3YjVKjdzYmHNj4l2ZgiNkyA7BOcohonLObZHD
hRhauRrmFEnrtrNG8crC047Oj1+i15WSLzsFJbQWueHPYinUAqQBq5+awwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERzW+vbfvpbLGUb858AYF10TWsZMB8GA1UdIwQY
MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt
MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1
LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARr5HLeDd
PZScHfRP6VyVJW+lU9nmTSq5ystr7RBg9JGIwQyvb8M6LYF3oN1W2yhslNfKf+hs
D+MM2n3Z1mKqmpyrAeHTPTxNVJ47U1IlZ5clygX8kGFEXYAUQwnVYRqPrcQ4+tVj
GFovuFxqf/PKX/DR4bM2DfxiOFGtNwaHxPlOJ73s3vu8s8lkaptE0+O64FftUEHb
eXxNPQ3CjcKC2M/Z3mFdF4eHn5rwHjSaKzt3cfEwo3PJMzWZsObOLe/lBhWMWwee
d4eURzqcIFub/bTOJL4cQJKFgdXRNVASbzEz/2kHbWWgtw9006fKjHM7RZetpsoC
6ykStlfjbtNqIg==
-----END CERTIFICATE-----