Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          sZvP2jIwA3uJt7xbhKwQkfEuAp37Q7/bZU9RWUDXxaI=
Subject key identifier:   DA:21:B0:21:EB:D1:33:3A:34:90:BE:02:C5:08:BE:C9:E0:12:E0:0F
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       019678D6A12919E72B7BEF40AA97FD783A32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          110F
Signing time:             Sun 27 Apr 2025 20:00:53 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:53 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:53 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: J9cB2+JhoB3I4PFH8npQqyd1dXR8gERT9d8b4eB/LRw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:a1:29:19:e7:2b:7b:ef:40:aa:97:fd:78:3a:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: Apr 27 20:00:53 2025 GMT
            Not After : Apr 28 20:00:53 2025 GMT
        Subject: CN=da21b021ebd1333a3490be02c508bec9e012e00f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:83:79:6d:5c:36:67:c5:3d:26:76:d7:fd:f6:
                    e8:01:a2:e0:da:ef:4b:98:a6:c9:62:1f:48:1c:d5:
                    af:d1:e5:90:6b:8a:ec:dd:fa:1b:57:01:10:7d:b8:
                    41:98:fc:f9:b8:4e:94:13:dc:b4:59:19:c6:23:b7:
                    f4:e8:6f:d2:ab:bd:6b:71:ba:15:9a:2f:71:a7:9d:
                    63:ac:8c:ae:52:09:f4:30:fc:52:28:b0:d2:21:63:
                    ba:4f:f5:3a:5e:1e:73:3a:3a:47:57:41:db:1a:36:
                    f2:9a:de:8c:7c:c0:98:d1:93:34:16:65:f6:e6:f3:
                    4e:c6:53:c7:f4:fc:33:84:3c:2e:d6:a6:97:c2:05:
                    f6:07:a4:a1:02:a5:92:10:e9:8e:a3:72:d6:71:66:
                    e5:5f:01:10:52:8c:33:8f:95:42:66:db:28:04:d8:
                    e4:70:fe:e2:8d:34:f3:39:91:13:9a:96:67:d9:17:
                    46:5a:4c:e1:3d:0b:a0:26:50:ff:60:07:35:9f:05:
                    bb:e2:cb:e1:f0:96:b6:e6:24:a2:f7:07:e4:4d:f2:
                    a8:ba:96:61:99:2d:b1:e0:38:25:d0:16:14:62:b7:
                    5c:ff:77:f1:5a:2f:73:8f:0f:e4:7b:85:22:ca:e4:
                    df:29:ca:42:75:e5:ff:de:3e:df:62:63:46:92:0e:
                    be:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:21:B0:21:EB:D1:33:3A:34:90:BE:02:C5:08:BE:C9:E0:12:E0:0F
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:cb:03:c1:9d:be:38:54:34:3b:fc:26:9b:df:ef:32:dd:7e:
         f0:7b:8a:cb:6c:f0:69:ef:9b:b8:c3:06:5a:9f:d0:c0:33:81:
         f9:ca:46:a0:c9:25:c6:f4:53:7c:4f:5d:d2:8f:3b:b3:1c:c2:
         78:c1:74:b6:28:7a:74:82:b8:f8:f3:15:29:a7:72:e9:6d:ad:
         09:6d:9f:f5:dc:8c:88:14:0e:24:2b:f1:5a:e9:99:ec:9c:54:
         6a:02:cd:94:6d:fd:d8:c8:4a:52:eb:3d:42:6d:fe:ee:37:ce:
         a5:9b:d0:b3:3a:aa:e8:31:45:5e:66:57:18:50:eb:c1:c9:6f:
         6b:32:05:cc:dc:cf:0f:f8:9e:98:41:6f:8f:03:2a:b6:fb:a4:
         24:35:ab:79:0a:05:e6:01:ed:8c:d7:2d:4e:34:72:a3:af:dd:
         24:79:e3:44:bc:17:88:05:3d:cd:14:10:ba:93:9a:41:23:24:
         d7:92:04:1c:23:e6:8a:6a:ac:55:44:ee:5c:39:a1:0d:de:d6:
         ee:9a:7a:12:a2:3e:7e:63:7b:12:d9:a4:57:01:1f:b5:b7:6c:
         44:a8:b7:1a:e6:4d:ec:e1:b5:ee:85:a8:80:a2:2e:f2:85:dd:
         35:db:eb:11:16:3a:5a:c7:5c:7c:9c:6b:06:d0:d5:3e:1e:d4:
         8d:72:47:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41qEpGecre+9Aqpf9eDoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjUwNDI3MjAwMDUzWhcNMjUwNDI4MjAwMDUzWjAzMTEwLwYDVQQD
EyhkYTIxYjAyMWViZDEzMzNhMzQ5MGJlMDJjNTA4YmVjOWUwMTJlMDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4N5bVw2Z8U9JnbX/fboAaLg2u9L
mKbJYh9IHNWv0eWQa4rs3fobVwEQfbhBmPz5uE6UE9y0WRnGI7f06G/Sq71rcboV
mi9xp51jrIyuUgn0MPxSKLDSIWO6T/U6Xh5zOjpHV0HbGjbymt6MfMCY0ZM0FmX2
5vNOxlPH9PwzhDwu1qaXwgX2B6ShAqWSEOmOo3LWcWblXwEQUowzj5VCZtsoBNjk
cP7ijTTzOZETmpZn2RdGWkzhPQugJlD/YAc1nwW74svh8Ja25iSi9wfkTfKoupZh
mS2x4Dgl0BYUYrdc/3fxWi9zjw/ke4UiyuTfKcpCdeX/3j7fYmNGkg6+ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNohsCHr0TM6NJC+AsUIvsngEuAPMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHcsDwZ2+
OFQ0O/wmm9/vMt1+8HuKy2zwae+buMMGWp/QwDOB+cpGoMklxvRTfE9d0o87sxzC
eMF0tih6dIK4+PMVKady6W2tCW2f9dyMiBQOJCvxWumZ7JxUagLNlG392MhKUus9
Qm3+7jfOpZvQszqq6DFFXmZXGFDrwclvazIFzNzPD/iemEFvjwMqtvukJDWreQoF
5gHtjNctTjRyo6/dJHnjRLwXiAU9zRQQupOaQSMk15IEHCPmimqsVUTuXDmhDd7W
7pp6EqI+fmN7EtmkVwEftbdsRKi3GuZN7OG17oWogKIu8oXdNdvrERY6WsdcfJxr
BtDVPh7UjXJHYQ==
-----END CERTIFICATE-----