Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
File:                     aajmjRKuKTryNpBDzVmgINrCQGI.mft (raw, json)
Hash identifier:          xoYpThjgyBEFjmFuuVvwoqKXu0sai+OjlTzLvQGfY5E=
Subject key identifier:   1B:41:9B:9C:CA:C0:32:BC:1A:94:B7:FB:5C:AF:4E:DF:69:2C:16:62
Authority key identifier: 69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62
Certificate issuer:       /CN=69a8e68d12ae293af2369043cd59a020dac24062
Certificate serial:       019881D4D8C4A450346484A41531B9EDB0E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
Manifest number:          0B10
Signing time:             Thu 07 Aug 2025 00:01:06 +0000
Manifest this update:     Thu 07 Aug 2025 00:01:06 +0000
Manifest next update:     Fri 08 Aug 2025 00:01:06 +0000
Files and hashes:         1: aajmjRKuKTryNpBDzVmgINrCQGI.crl (hash: Y5aBPttxJYjbc0I9aG+t2YURAH3mzjATMm70BBR9Yxw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 20:46:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:d4:d8:c4:a4:50:34:64:84:a4:15:31:b9:ed:b0:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a8e68d12ae293af2369043cd59a020dac24062
        Validity
            Not Before: Aug  7 00:01:06 2025 GMT
            Not After : Aug  8 00:01:06 2025 GMT
        Subject: CN=1b419b9ccac032bc1a94b7fb5caf4edf692c1662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:83:79:2e:9b:27:4b:3a:0e:1a:e3:d6:53:8b:
                    82:e8:6e:f8:8c:ee:56:0c:ba:67:f5:dd:1d:dc:92:
                    64:62:13:77:2a:14:14:5e:f3:94:68:08:98:fa:fc:
                    72:9c:af:33:ca:ed:ce:fa:70:f9:c9:ab:70:2d:e6:
                    a3:6a:a9:e2:92:4f:5c:4e:13:14:eb:35:4b:2c:d8:
                    f8:18:f4:5f:f7:c4:85:b5:c7:06:9d:c2:33:44:d3:
                    3c:75:e2:eb:22:f7:f2:4a:85:18:44:2a:44:28:46:
                    20:4b:75:41:0f:2c:f8:1c:da:96:b4:80:3d:a7:79:
                    b1:cb:99:9e:25:e7:11:60:63:d4:3d:a9:83:a6:2c:
                    14:e2:f8:bc:c0:3a:44:f3:87:e2:a2:b3:56:78:9e:
                    b5:7e:01:5d:de:fd:a5:bb:a6:53:1c:96:11:2c:50:
                    63:90:18:d2:a5:d4:ae:94:5b:f4:27:cc:f4:df:ef:
                    53:e2:5f:67:d5:c1:aa:ef:79:9e:5f:45:9e:27:22:
                    de:f8:5c:ba:8d:7f:ce:c7:b5:d6:64:8f:ef:77:44:
                    2a:86:15:db:f3:a5:e5:eb:a4:63:9c:35:bc:9a:52:
                    b1:af:99:49:7f:77:f3:87:a0:1f:27:e2:55:8d:5d:
                    d7:46:4d:1a:b1:90:78:10:a2:cd:96:78:7b:50:58:
                    49:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:41:9B:9C:CA:C0:32:BC:1A:94:B7:FB:5C:AF:4E:DF:69:2C:16:62
            X509v3 Authority Key Identifier:
                keyid:69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:be:f6:6e:42:b5:80:5a:09:91:74:b5:10:28:20:e6:d9:3b:
         2b:6c:50:23:7b:de:bf:59:93:ec:e2:96:f7:91:ad:e9:d8:66:
         e3:e2:00:ef:62:e0:a7:d4:2d:69:08:ba:31:bd:48:c2:d9:38:
         c8:6b:c1:7b:d3:73:ef:06:e5:6d:8a:74:83:75:6f:4b:90:20:
         de:45:58:a5:58:48:83:86:dc:f5:d5:f8:72:ff:5c:f5:ca:0d:
         a4:07:64:53:57:7c:fa:cf:9d:9d:c7:e8:5e:bc:1f:f8:d1:09:
         55:78:bd:4f:00:15:7e:b3:b4:83:18:19:0a:c8:9e:fa:b1:35:
         46:cc:7a:37:a0:0d:a4:32:fd:10:2c:a8:41:7d:e3:6a:18:cc:
         5c:0b:9d:a9:1d:7e:62:c7:03:bb:bc:9e:6c:f8:11:36:47:fb:
         69:a1:7f:cb:f6:d4:b6:4b:04:39:d8:ee:52:73:fa:82:ba:a0:
         95:ff:16:2e:e5:61:77:d7:b0:bc:df:1f:fc:4a:84:83:be:8f:
         4a:2d:92:f0:ec:8a:6b:bf:b4:51:11:e8:9e:6f:e6:81:e0:8c:
         05:5f:75:54:72:3d:86:cb:7f:fc:1e:ee:b0:81:f9:ae:ac:8a:
         f1:29:b2:5b:c3:ab:95:a8:0e:f3:77:62:8e:2b:7f:f1:c1:5e:
         80:c4:51:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiB1NjEpFA0ZISkFTG57bDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YThlNjhkMTJhZTI5M2FmMjM2OTA0M2NkNTlhMDIwZGFj
MjQwNjIwHhcNMjUwODA3MDAwMTA2WhcNMjUwODA4MDAwMTA2WjAzMTEwLwYDVQQD
EygxYjQxOWI5Y2NhYzAzMmJjMWE5NGI3ZmI1Y2FmNGVkZjY5MmMxNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoN5LpsnSzoOGuPWU4uC6G74jO5W
DLpn9d0d3JJkYhN3KhQUXvOUaAiY+vxynK8zyu3O+nD5yatwLeajaqnikk9cThMU
6zVLLNj4GPRf98SFtccGncIzRNM8deLrIvfySoUYRCpEKEYgS3VBDyz4HNqWtIA9
p3mxy5meJecRYGPUPamDpiwU4vi8wDpE84fiorNWeJ61fgFd3v2lu6ZTHJYRLFBj
kBjSpdSulFv0J8z03+9T4l9n1cGq73meX0WeJyLe+Fy6jX/Ox7XWZI/vd0QqhhXb
86Xl66RjnDW8mlKxr5lJf3fzh6AfJ+JVjV3XRk0asZB4EKLNlnh7UFhJTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtBm5zKwDK8GpS3+1yvTt9pLBZiMB8GA1UdIwQY
MBaAFGmo5o0Srik68jaQQ81ZoCDawkBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQt
Mzg4MjA1NDg3NTVjLzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQtMzg4MjA1NDg3NTVj
LzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQb72bkK1
gFoJkXS1ECgg5tk7K2xQI3vev1mT7OKW95Gt6dhm4+IA72Lgp9QtaQi6Mb1Iwtk4
yGvBe9Nz7wblbYp0g3VvS5Ag3kVYpVhIg4bc9dX4cv9c9coNpAdkU1d8+s+dncfo
Xrwf+NEJVXi9TwAVfrO0gxgZCsie+rE1Rsx6N6ANpDL9ECyoQX3jahjMXAudqR1+
YscDu7yebPgRNkf7aaF/y/bUtksEOdjuUnP6grqglf8WLuVhd9ewvN8f/EqEg76P
Si2S8OyKa7+0URHonm/mgeCMBV91VHI9hst//B7usIH5rqyK8SmyW8OrlagO83di
jit/8cFegMRRaA==
-----END CERTIFICATE-----