Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
File:                     AquPiJLQHdTIQHJMu6uQwMpglDI.mft (raw, json)
Hash identifier:          c5TMU9idMvBepA6sEe+nrTtexcBlKoAgwUgqUtoKKSw=
Subject key identifier:   D1:23:70:76:39:5E:15:65:71:D9:6C:FD:2E:14:13:6B:47:3D:85:EC
Authority key identifier: 02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32
Certificate issuer:       /CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
Certificate serial:       019879AE66F42CB70DC96B17CEC66404AFCE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
Manifest number:          1615
Signing time:             Tue 05 Aug 2025 10:02:09 +0000
Manifest this update:     Tue 05 Aug 2025 10:02:09 +0000
Manifest next update:     Wed 06 Aug 2025 10:02:09 +0000
Files and hashes:         1: AquPiJLQHdTIQHJMu6uQwMpglDI.crl (hash: NwvvPUNbiZq67mYLgmdNb7eoQ83gHLIXisyrO+A8bLo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 10:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:79:ae:66:f4:2c:b7:0d:c9:6b:17:ce:c6:64:04:af:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
        Validity
            Not Before: Aug  5 10:02:09 2025 GMT
            Not After : Aug  6 10:02:09 2025 GMT
        Subject: CN=d1237076395e156571d96cfd2e14136b473d85ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:36:b9:66:14:90:d8:4e:91:64:93:3c:ac:cd:
                    9e:c5:ab:a9:e3:e6:8d:b4:63:60:62:99:1a:a4:f3:
                    47:80:44:10:47:bc:5b:a4:e0:75:73:fd:c4:61:b6:
                    d6:1e:09:10:f1:2d:a0:68:d2:b4:64:25:58:09:22:
                    bb:4c:74:8c:c0:48:02:ab:ba:61:ce:15:b3:f3:5e:
                    97:25:57:bb:25:b1:a4:ff:f3:0d:b7:84:87:7c:f8:
                    98:58:88:71:69:0f:52:0b:05:d2:7f:d3:2a:f1:6b:
                    96:72:69:b3:cd:87:ce:f3:ba:4a:be:c3:72:dd:bb:
                    d8:85:33:89:7b:2d:83:bf:25:b8:e2:cf:49:34:e5:
                    b4:1f:96:5b:16:73:c5:4d:af:56:c4:70:5f:d4:93:
                    4c:18:25:74:ab:2f:1c:bf:94:81:3a:0e:12:90:c3:
                    9a:b9:d3:8d:ec:ec:5e:f9:14:a5:2b:5b:4a:40:24:
                    cd:60:5e:1a:54:43:01:96:f1:c9:bc:c1:b5:53:b8:
                    4f:3c:66:5c:15:24:64:2b:56:8e:ca:7e:02:27:9e:
                    bf:06:7a:e4:20:76:21:c8:92:0d:e1:78:37:d5:62:
                    d3:f8:4b:a2:93:69:3c:34:76:26:d5:54:43:c0:9f:
                    9a:e6:d0:ee:f7:9b:b5:a1:39:19:8a:1c:95:4c:95:
                    97:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:23:70:76:39:5E:15:65:71:D9:6C:FD:2E:14:13:6B:47:3D:85:EC
            X509v3 Authority Key Identifier:
                keyid:02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:a2:5d:05:ec:89:2a:24:7b:bc:8b:06:f2:28:9c:96:4a:56:
         e9:d2:0f:1a:80:66:64:c9:20:b2:89:6a:af:4e:ab:b1:16:05:
         a3:17:cc:80:be:5b:83:2c:02:10:df:c3:f8:e3:4b:3c:c3:64:
         cb:25:5e:19:a4:e9:32:63:4f:ca:26:ed:1b:aa:14:f1:6f:d5:
         28:1c:b4:8a:c4:bd:9b:0c:fa:e0:e7:34:f5:3b:d0:68:87:d0:
         04:d7:02:c7:94:b6:56:20:f9:af:05:38:ba:38:bd:61:96:a6:
         fc:5f:b2:d2:94:da:6a:73:08:23:f6:1e:e2:98:9c:51:d4:b9:
         fe:c0:cc:71:eb:eb:00:c5:71:17:7d:50:ab:46:1c:17:0d:59:
         3a:9d:cf:eb:b7:1a:dd:65:04:9c:8c:58:d0:0b:59:29:e5:be:
         36:7b:8a:2d:42:90:64:f3:bb:df:b4:6c:52:57:d5:92:36:fe:
         07:98:a5:63:5c:34:fa:16:95:37:3d:9a:75:c4:d0:58:0e:65:
         34:71:ec:d1:c8:2c:a7:6f:8c:e6:0e:cb:6a:a8:59:3c:32:1c:
         15:7e:53:b7:aa:04:19:05:35:48:cd:86:d9:4f:76:40:cb:57:
         69:27:cb:b9:8f:d3:a1:0a:67:9f:33:60:00:1a:ae:24:20:03:
         76:45:a6:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh5rmb0LLcNyWsXzsZkBK/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYWI4Zjg4OTJkMDFkZDRjODQwNzI0Y2JiYWI5MGMwY2E2
MDk0MzIwHhcNMjUwODA1MTAwMjA5WhcNMjUwODA2MTAwMjA5WjAzMTEwLwYDVQQD
EyhkMTIzNzA3NjM5NWUxNTY1NzFkOTZjZmQyZTE0MTM2YjQ3M2Q4NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvza5ZhSQ2E6RZJM8rM2exaup4+aN
tGNgYpkapPNHgEQQR7xbpOB1c/3EYbbWHgkQ8S2gaNK0ZCVYCSK7THSMwEgCq7ph
zhWz816XJVe7JbGk//MNt4SHfPiYWIhxaQ9SCwXSf9Mq8WuWcmmzzYfO87pKvsNy
3bvYhTOJey2DvyW44s9JNOW0H5ZbFnPFTa9WxHBf1JNMGCV0qy8cv5SBOg4SkMOa
udON7Oxe+RSlK1tKQCTNYF4aVEMBlvHJvMG1U7hPPGZcFSRkK1aOyn4CJ56/Bnrk
IHYhyJIN4Xg31WLT+Euik2k8NHYm1VRDwJ+a5tDu95u1oTkZihyVTJWXHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEjcHY5XhVlcdls/S4UE2tHPYXsMB8GA1UdIwQY
MBaAFAKrj4iS0B3UyEByTLurkMDKYJQyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEt
ZTNiNzcwMTNmZGI3LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEtZTNiNzcwMTNmZGI3
LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgqJdBeyJ
KiR7vIsG8iiclkpW6dIPGoBmZMkgsolqr06rsRYFoxfMgL5bgywCEN/D+ONLPMNk
yyVeGaTpMmNPyibtG6oU8W/VKBy0isS9mwz64Oc09TvQaIfQBNcCx5S2ViD5rwU4
uji9YZam/F+y0pTaanMII/Ye4picUdS5/sDMcevrAMVxF31Qq0YcFw1ZOp3P67ca
3WUEnIxY0AtZKeW+NnuKLUKQZPO737RsUlfVkjb+B5ilY1w0+haVNz2adcTQWA5l
NHHs0cgsp2+M5g7LaqhZPDIcFX5Tt6oEGQU1SM2G2U92QMtXaSfLuY/ToQpnnzNg
ABquJCADdkWmMA==
-----END CERTIFICATE-----