Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          08qfBr0GtDwZv7jicchtZvCtW0HUeAW+iH4j9WYod7Q=
Subject key identifier:   31:DC:92:70:87:F7:C7:1C:41:EE:8D:A5:66:DD:23:6C:23:AC:73:5A
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       01976E871E134CEB1ED5AD8162F8F0C17C16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          158D
Signing time:             Sat 14 Jun 2025 13:00:38 +0000
Manifest this update:     Sat 14 Jun 2025 13:00:38 +0000
Manifest next update:     Sun 15 Jun 2025 13:00:38 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: rQTB4KRbZr2pTFIXcN0G+aXRVsxXWAUmhbXuWVWd3To=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:87:1e:13:4c:eb:1e:d5:ad:81:62:f8:f0:c1:7c:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: Jun 14 13:00:38 2025 GMT
            Not After : Jun 15 13:00:38 2025 GMT
        Subject: CN=31dc927087f7c71c41ee8da566dd236c23ac735a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7f:b0:ec:ba:d1:0b:7b:2b:6c:28:69:aa:bd:
                    07:3d:2a:45:1f:e5:f4:7f:f3:29:0a:13:b7:9e:df:
                    21:76:69:40:43:2b:58:35:06:91:f2:a3:33:a8:62:
                    e7:2b:47:0b:63:60:4f:de:d6:60:b7:38:f1:2d:84:
                    4d:6f:96:d7:56:d4:ec:f6:9d:8e:4d:ab:45:98:75:
                    10:2c:93:94:e5:86:1e:12:b6:07:fd:6b:26:e5:48:
                    93:91:a8:96:af:49:fd:8f:8f:c5:a9:e4:b5:0b:6c:
                    1b:1d:37:32:4e:2e:1d:e4:30:4a:a9:08:50:79:ce:
                    34:1a:4f:10:85:0b:38:50:04:93:85:2b:cb:d2:a7:
                    fd:63:56:79:5b:69:27:a8:ea:c9:78:7c:ad:ba:5f:
                    59:3b:1d:20:d7:4c:b4:85:7d:19:8f:55:cf:e5:f2:
                    3a:3a:4c:a2:ec:23:0c:cf:86:16:17:f6:b4:1f:a6:
                    7c:bf:06:2c:c7:a6:d1:59:86:86:eb:c7:42:a4:04:
                    e7:c0:5c:9a:f3:a3:ce:09:ce:98:00:7f:b9:40:2c:
                    05:55:02:cd:f0:61:4c:5a:5c:a4:2d:bd:fc:06:60:
                    81:c7:de:8f:dc:77:9b:71:44:51:71:d7:66:23:c4:
                    b4:e6:a7:68:08:91:0e:d0:54:3a:76:cf:df:9d:d2:
                    94:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:DC:92:70:87:F7:C7:1C:41:EE:8D:A5:66:DD:23:6C:23:AC:73:5A
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:f8:59:d7:d6:25:51:ba:16:c5:8d:3c:b7:1f:ce:37:a2:33:
         cc:fe:df:9d:81:1b:a4:7f:9f:23:97:60:1f:fb:15:5a:73:1e:
         9c:df:87:64:b8:9a:40:89:da:8c:e3:55:c7:85:8e:37:f4:76:
         6b:cd:fd:2e:2d:5b:73:c6:86:42:77:52:2d:db:3f:6a:47:24:
         51:48:3d:51:82:c9:b7:ee:3d:89:3e:77:bb:92:e7:ae:04:eb:
         95:a4:1d:9d:8e:a6:70:fc:1b:10:9b:52:d9:e7:c4:a7:dc:88:
         10:24:06:8c:ae:70:13:5a:1b:82:56:fe:8e:e0:2f:30:9f:71:
         d3:95:dd:bf:e4:89:3b:8b:9e:d8:41:17:f8:fc:09:a4:f8:2b:
         40:4b:d6:28:b9:0e:95:8c:05:72:1d:d9:b0:a2:f6:89:63:2c:
         a9:90:98:58:84:37:a6:89:b9:9e:62:b6:b2:c6:c6:78:c0:31:
         b5:5c:b7:0b:4d:a9:de:e8:7f:b7:3c:43:ae:98:60:7e:81:ff:
         75:23:46:bd:42:f2:bf:87:05:44:18:b0:be:93:79:91:18:72:
         a9:71:b8:49:1e:a7:7d:2d:8f:ff:95:45:80:bf:85:96:3f:f6:
         99:42:2b:f0:2a:a0:a4:c4:97:65:e7:99:18:84:03:45:88:ed:
         d3:48:5b:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduhx4TTOse1a2BYvjwwXwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjUwNjE0MTMwMDM4WhcNMjUwNjE1MTMwMDM4WjAzMTEwLwYDVQQD
EygzMWRjOTI3MDg3ZjdjNzFjNDFlZThkYTU2NmRkMjM2YzIzYWM3MzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H+w7LrRC3srbChpqr0HPSpFH+X0
f/MpChO3nt8hdmlAQytYNQaR8qMzqGLnK0cLY2BP3tZgtzjxLYRNb5bXVtTs9p2O
TatFmHUQLJOU5YYeErYH/Wsm5UiTkaiWr0n9j4/FqeS1C2wbHTcyTi4d5DBKqQhQ
ec40Gk8QhQs4UASThSvL0qf9Y1Z5W2knqOrJeHytul9ZOx0g10y0hX0Zj1XP5fI6
Okyi7CMMz4YWF/a0H6Z8vwYsx6bRWYaG68dCpATnwFya86POCc6YAH+5QCwFVQLN
8GFMWlykLb38BmCBx96P3HebcURRcddmI8S05qdoCJEO0FQ6ds/fndKUowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHcknCH98ccQe6NpWbdI2wjrHNaMB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOfhZ19Yl
UboWxY08tx/ON6IzzP7fnYEbpH+fI5dgH/sVWnMenN+HZLiaQInajONVx4WON/R2
a839Li1bc8aGQndSLds/akckUUg9UYLJt+49iT53u5LnrgTrlaQdnY6mcPwbEJtS
2efEp9yIECQGjK5wE1obglb+juAvMJ9x05Xdv+SJO4ue2EEX+PwJpPgrQEvWKLkO
lYwFch3ZsKL2iWMsqZCYWIQ3pom5nmK2ssbGeMAxtVy3C02p3uh/tzxDrphgfoH/
dSNGvULyv4cFRBiwvpN5kRhyqXG4SR6nfS2P/5VFgL+Flj/2mUIr8CqgpMSXZeeZ
GIQDRYjt00hbxA==
-----END CERTIFICATE-----