Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
File:                     AquPiJLQHdTIQHJMu6uQwMpglDI.mft (raw, json)
Hash identifier:          kE0Rr7rRVaUibj/fzjQJ6UMG2JECOfilHvqQdok4EkI=
Subject key identifier:   4A:50:C5:36:BD:BF:3A:1A:35:81:93:E5:F1:9F:20:DB:B9:E3:AF:F2
Authority key identifier: 02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32
Certificate issuer:       /CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
Certificate serial:       01976D3E3804D6D26D961A129FA8FFEC68A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
Manifest number:          158A
Signing time:             Sat 14 Jun 2025 07:01:23 +0000
Manifest this update:     Sat 14 Jun 2025 07:01:23 +0000
Manifest next update:     Sun 15 Jun 2025 07:01:23 +0000
Files and hashes:         1: AquPiJLQHdTIQHJMu6uQwMpglDI.crl (hash: xRHmL6MoewZ0vipFWGfVpyAvzOA7PQUIn1L9kxLQnUo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3e:38:04:d6:d2:6d:96:1a:12:9f:a8:ff:ec:68:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02ab8f8892d01dd4c840724cbbab90c0ca609432
        Validity
            Not Before: Jun 14 07:01:23 2025 GMT
            Not After : Jun 15 07:01:23 2025 GMT
        Subject: CN=4a50c536bdbf3a1a358193e5f19f20dbb9e3aff2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b4:fd:75:94:21:b7:4b:d3:9c:2b:9f:2f:4d:
                    c5:5f:d3:6e:76:cb:a8:19:7f:8b:df:5b:66:de:46:
                    55:e8:0a:2c:20:90:96:1d:bb:0b:28:82:93:56:dd:
                    09:29:ef:f8:98:8d:c0:fe:86:ad:0a:0e:35:bc:f6:
                    77:6d:89:11:d7:bb:9b:40:bd:f4:82:7f:a9:ac:88:
                    6e:66:0f:83:c7:3f:22:3d:33:64:c4:fc:07:70:5c:
                    91:fe:02:60:b8:90:b5:98:c2:88:e3:1c:28:62:d3:
                    9c:96:a9:3a:f5:c3:e5:a7:c7:3c:d8:b4:04:97:05:
                    17:5c:4b:10:b7:b1:38:36:b5:da:d0:78:30:4a:31:
                    17:ba:d6:ae:05:6c:d5:b7:12:b8:40:0d:54:b2:ab:
                    b5:bb:90:1c:6f:85:f5:67:b6:fb:2f:0a:dd:e2:03:
                    96:80:e0:bd:7f:d2:81:80:07:fe:5d:2b:a3:ca:8a:
                    72:54:4a:51:81:bf:f0:e5:d5:8b:96:38:d5:8e:50:
                    17:a1:a9:3c:03:4b:a3:e9:bb:df:fe:e1:ec:6b:f3:
                    44:ab:3d:d9:6b:bd:e0:69:cd:8c:39:9d:49:21:78:
                    dd:fc:7a:1e:00:fc:84:b0:7a:f1:65:9a:9c:9c:19:
                    ee:4d:2a:d9:68:42:8b:ee:d6:74:42:60:a3:18:2d:
                    5e:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:50:C5:36:BD:BF:3A:1A:35:81:93:E5:F1:9F:20:DB:B9:E3:AF:F2
            X509v3 Authority Key Identifier:
                keyid:02:AB:8F:88:92:D0:1D:D4:C8:40:72:4C:BB:AB:90:C0:CA:60:94:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AquPiJLQHdTIQHJMu6uQwMpglDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/613a95-b05a-4fc4-9d91-e3b77013fdb7/1/AquPiJLQHdTIQHJMu6uQwMpglDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:84:13:18:85:00:35:24:7a:f5:00:bc:f7:08:e9:8d:83:f1:
         9e:c6:3b:1e:72:0c:f5:f2:37:86:88:8b:00:0f:c8:7d:0c:f1:
         87:96:ca:a5:73:ee:99:9c:63:66:dc:2b:6c:63:5c:19:a2:71:
         9a:ec:1a:9e:2e:35:e1:fa:91:30:c4:c6:34:b9:e9:d8:7a:ea:
         38:2c:ac:37:59:f5:8b:76:aa:28:07:dc:f5:e8:ee:9b:c7:3b:
         75:c7:ba:de:d2:20:8a:45:04:00:4d:10:61:ad:96:36:e2:24:
         0a:5a:27:2c:1f:6a:1b:2b:70:55:03:70:8b:2b:71:98:1e:b0:
         41:23:25:5d:9d:2c:b3:83:7f:c0:72:91:14:56:25:21:d1:da:
         48:66:50:f8:87:4d:e3:66:95:68:68:ff:32:a5:86:bd:f0:25:
         27:89:dd:86:e0:ef:bc:d5:62:e3:20:04:64:96:5f:fe:a6:c7:
         5d:ee:15:59:40:33:22:2b:58:85:9f:24:1b:de:2e:a7:ae:47:
         3e:c3:3c:62:24:be:e1:1e:d5:42:d5:8a:2f:44:ed:6c:44:ef:
         c2:5f:be:b4:3b:fd:3e:34:06:5d:53:bd:67:e6:2f:e4:f7:cc:
         a2:1a:8e:b2:56:cb:b9:9e:07:47:ca:fb:23:c9:35:82:6c:09:
         ff:73:b4:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPjgE1tJtlhoSn6j/7GigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYWI4Zjg4OTJkMDFkZDRjODQwNzI0Y2JiYWI5MGMwY2E2
MDk0MzIwHhcNMjUwNjE0MDcwMTIzWhcNMjUwNjE1MDcwMTIzWjAzMTEwLwYDVQQD
Eyg0YTUwYzUzNmJkYmYzYTFhMzU4MTkzZTVmMTlmMjBkYmI5ZTNhZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobT9dZQht0vTnCufL03FX9Nudsuo
GX+L31tm3kZV6AosIJCWHbsLKIKTVt0JKe/4mI3A/oatCg41vPZ3bYkR17ubQL30
gn+prIhuZg+Dxz8iPTNkxPwHcFyR/gJguJC1mMKI4xwoYtOclqk69cPlp8c82LQE
lwUXXEsQt7E4NrXa0HgwSjEXutauBWzVtxK4QA1Usqu1u5Acb4X1Z7b7Lwrd4gOW
gOC9f9KBgAf+XSujyopyVEpRgb/w5dWLljjVjlAXoak8A0uj6bvf/uHsa/NEqz3Z
a73gac2MOZ1JIXjd/HoeAPyEsHrxZZqcnBnuTSrZaEKL7tZ0QmCjGC1enwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpQxTa9vzoaNYGT5fGfINu546/yMB8GA1UdIwQY
MBaAFAKrj4iS0B3UyEByTLurkMDKYJQyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEt
ZTNiNzcwMTNmZGI3LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi82MTNhOTUtYjA1YS00ZmM0LTlkOTEtZTNiNzcwMTNmZGI3
LzEvQXF1UGlKTFFIZFRJUUhKTXU2dVF3TXBnbERJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIQTGIUA
NSR69QC89wjpjYPxnsY7HnIM9fI3hoiLAA/IfQzxh5bKpXPumZxjZtwrbGNcGaJx
muwani414fqRMMTGNLnp2HrqOCysN1n1i3aqKAfc9ejum8c7dce63tIgikUEAE0Q
Ya2WNuIkClonLB9qGytwVQNwiytxmB6wQSMlXZ0ss4N/wHKRFFYlIdHaSGZQ+IdN
42aVaGj/MqWGvfAlJ4ndhuDvvNVi4yAEZJZf/qbHXe4VWUAzIitYhZ8kG94up65H
PsM8YiS+4R7VQtWKL0TtbETvwl++tDv9PjQGXVO9Z+Yv5PfMohqOslbLuZ4HR8r7
I8k1gmwJ/3O0Ww==
-----END CERTIFICATE-----