Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          IBMY4Gu3CW44YgNk5v5zlHZ6RScocTzZUAs+ptHgZvQ=
Subject key identifier:   78:1A:9F:A5:DE:3A:B1:93:36:B5:68:CA:51:AE:CF:28:AA:3F:A8:7F
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       0198752C2042315174EE864A1C2C7727D3A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          1615
Signing time:             Mon 04 Aug 2025 13:01:22 +0000
Manifest this update:     Mon 04 Aug 2025 13:01:22 +0000
Manifest next update:     Tue 05 Aug 2025 13:01:22 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: Ukd3LcX16Q5jDtvK1q4fhZZKbSh8NmlzZNz4yNIkdXY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2c:20:42:31:51:74:ee:86:4a:1c:2c:77:27:d3:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Aug  4 13:01:22 2025 GMT
            Not After : Aug  5 13:01:22 2025 GMT
        Subject: CN=781a9fa5de3ab19336b568ca51aecf28aa3fa87f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:82:a6:6a:f1:fa:34:f3:21:4b:1d:9f:a5:dd:
                    6c:8e:04:32:99:c8:33:72:5d:6c:c3:e4:1e:8e:fa:
                    b3:6a:69:26:56:a0:69:e1:9b:35:3c:6e:a0:58:12:
                    bf:15:48:1c:1a:bd:e8:3c:fb:7e:bc:d4:aa:76:4c:
                    a3:73:76:e1:9d:8e:b8:d8:2d:08:f7:3a:26:ce:46:
                    62:c1:ec:87:a9:85:0d:97:a1:fb:39:7a:57:8b:5c:
                    48:d8:b0:2b:c3:ba:70:c7:5f:d7:d2:e0:a7:05:86:
                    5e:a5:01:01:9f:69:b1:1d:5f:40:95:83:a4:d8:77:
                    05:e6:e3:83:2e:8b:0d:07:a0:23:0d:f8:f3:35:09:
                    fb:48:32:5c:03:f4:56:c5:51:ce:b2:b1:8e:72:bc:
                    65:a0:c7:6d:9b:a0:a2:bb:d9:61:41:98:91:e1:89:
                    47:72:4f:f3:e7:86:51:79:c5:d1:d5:59:66:41:2b:
                    07:39:5b:5f:34:a6:27:d5:56:63:23:58:13:94:93:
                    ed:fe:13:8f:cb:05:78:60:cf:99:ca:8e:5c:39:3b:
                    87:fc:7e:00:d3:57:95:fa:3f:8c:0a:fb:56:17:93:
                    4c:49:37:29:dd:b9:9b:2c:ff:b8:3f:53:cb:ab:3f:
                    3e:7a:83:3b:c9:b1:66:f6:fa:f4:9f:97:b1:57:ab:
                    41:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:1A:9F:A5:DE:3A:B1:93:36:B5:68:CA:51:AE:CF:28:AA:3F:A8:7F
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:c2:6b:29:7f:41:9e:c7:29:bf:52:a1:08:cc:06:48:85:eb:
         63:b0:62:79:e6:0f:2f:cd:51:dc:c9:90:aa:a3:c5:6a:e3:67:
         dd:bc:a8:c5:1c:6d:bc:26:8c:5d:59:b5:49:33:2e:ef:0f:f4:
         a5:da:e7:71:00:f3:7a:54:ae:d6:90:6c:be:9b:09:08:05:d8:
         48:d7:50:3b:a8:bd:f2:d0:5c:13:33:5e:25:6d:aa:55:14:6e:
         e5:3d:33:f2:c5:2e:c3:fe:11:27:36:81:83:45:7b:0d:1e:5e:
         a5:fc:13:74:9d:14:94:1b:4d:e8:af:bf:26:df:45:cf:16:4d:
         34:6e:5a:3c:f3:bd:d5:ff:69:02:7d:e6:fa:cd:71:9b:f7:50:
         3a:b5:36:23:91:e5:00:a7:63:c1:90:75:62:5b:ed:f6:67:cf:
         ad:b5:69:ed:fc:7f:8d:e0:6d:2c:c8:a6:fa:a2:44:9f:ac:b8:
         52:27:25:ab:70:f4:e1:85:eb:ce:46:1c:a0:91:42:43:c5:3e:
         aa:ea:7a:cc:56:bf:be:bf:e2:69:ce:30:e6:f5:f2:4c:72:eb:
         f5:a1:7c:8c:a5:d5:fd:c4:3c:13:a5:6e:ea:89:a3:16:07:07:
         9e:41:aa:eb:b8:42:e0:de:55:b4:e6:20:66:20:ad:9b:ff:d4:
         f6:db:6f:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1LCBCMVF07oZKHCx3J9OmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjUwODA0MTMwMTIyWhcNMjUwODA1MTMwMTIyWjAzMTEwLwYDVQQD
Eyg3ODFhOWZhNWRlM2FiMTkzMzZiNTY4Y2E1MWFlY2YyOGFhM2ZhODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14KmavH6NPMhSx2fpd1sjgQymcgz
cl1sw+QejvqzamkmVqBp4Zs1PG6gWBK/FUgcGr3oPPt+vNSqdkyjc3bhnY642C0I
9zomzkZiweyHqYUNl6H7OXpXi1xI2LArw7pwx1/X0uCnBYZepQEBn2mxHV9AlYOk
2HcF5uODLosNB6AjDfjzNQn7SDJcA/RWxVHOsrGOcrxloMdtm6Ciu9lhQZiR4YlH
ck/z54ZRecXR1VlmQSsHOVtfNKYn1VZjI1gTlJPt/hOPywV4YM+Zyo5cOTuH/H4A
01eV+j+MCvtWF5NMSTcp3bmbLP+4P1PLqz8+eoM7ybFm9vr0n5exV6tB0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgan6XeOrGTNrVoylGuzyiqP6h/MB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWMJrKX9B
nscpv1KhCMwGSIXrY7BieeYPL81R3MmQqqPFauNn3byoxRxtvCaMXVm1STMu7w/0
pdrncQDzelSu1pBsvpsJCAXYSNdQO6i98tBcEzNeJW2qVRRu5T0z8sUuw/4RJzaB
g0V7DR5epfwTdJ0UlBtN6K+/Jt9FzxZNNG5aPPO91f9pAn3m+s1xm/dQOrU2I5Hl
AKdjwZB1Ylvt9mfPrbVp7fx/jeBtLMim+qJEn6y4Uiclq3D04YXrzkYcoJFCQ8U+
qup6zFa/vr/iac4w5vXyTHLr9aF8jKXV/cQ8E6Vu6omjFgcHnkGq67hC4N5VtOYg
ZiCtm//U9ttvxg==
-----END CERTIFICATE-----