Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
File:                     aKUCPY4CESaZfXkmpHcBYIqs48c.mft (raw, json)
Hash identifier:          euyVLwxJ+rL42nws4jVDVv5O9kbZKbF72lj01UkE14U=
Subject key identifier:   FE:5B:1C:5C:C2:43:26:E6:35:62:2A:43:63:D8:96:8B:18:57:16:70
Authority key identifier: 68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7
Certificate issuer:       /CN=68a5023d8e021126997d7926a47701608aace3c7
Certificate serial:       01987450A60AA3286FA912E1192636E6481F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
Manifest number:          0788
Signing time:             Mon 04 Aug 2025 09:01:38 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:38 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:38 +0000
Files and hashes:         1: aKUCPY4CESaZfXkmpHcBYIqs48c.crl (hash: pVIHIpqgm8r0RT2LYqHY+gFvTVKzhn2igb5O8Ywn0is=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:a6:0a:a3:28:6f:a9:12:e1:19:26:36:e6:48:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a5023d8e021126997d7926a47701608aace3c7
        Validity
            Not Before: Aug  4 09:01:38 2025 GMT
            Not After : Aug  5 09:01:38 2025 GMT
        Subject: CN=fe5b1c5cc24326e635622a4363d8968b18571670
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e7:ad:1a:75:06:9e:21:70:9f:82:8f:51:0a:
                    d2:5e:f7:1e:0c:bd:0a:6e:4b:d9:d7:e0:fc:01:67:
                    ee:b1:9a:f5:73:f4:7b:2e:a4:81:d5:ba:c0:f5:1d:
                    0b:68:b8:85:45:a3:ff:45:3e:a4:32:28:cf:5b:e2:
                    7d:7a:9c:0c:ce:15:e0:1e:90:44:65:7d:ae:e3:12:
                    dc:fc:01:ab:95:3c:20:11:3b:ec:0b:53:a6:89:10:
                    03:13:81:04:1f:98:df:47:99:83:61:7f:eb:0c:9e:
                    69:04:40:00:ad:8f:8b:18:dc:29:c2:3f:ca:08:73:
                    8d:93:52:18:7f:c6:5d:5c:62:36:02:f4:9a:90:0c:
                    00:c3:3d:e5:99:73:c7:24:5c:3b:6d:cb:7f:bf:9f:
                    5d:21:63:1a:dd:f6:41:29:e5:c8:7c:80:86:30:c3:
                    7f:51:f8:d5:40:27:2b:4d:9f:28:13:9c:56:b4:5d:
                    60:d5:62:69:6a:3e:29:66:36:6f:da:0e:ab:a2:9b:
                    7c:68:f0:b2:e7:69:97:c8:03:ce:55:96:9d:b7:47:
                    37:11:15:05:98:b3:f6:fd:9a:de:e9:af:e7:d9:6b:
                    c5:fd:0e:fd:b8:63:6f:cb:46:f8:02:f6:87:a5:87:
                    9c:81:06:d9:59:e9:a9:02:d5:2e:81:e4:65:2c:a9:
                    cb:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:5B:1C:5C:C2:43:26:E6:35:62:2A:43:63:D8:96:8B:18:57:16:70
            X509v3 Authority Key Identifier:
                keyid:68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:cd:5f:98:f5:b1:e4:a9:5d:4d:59:35:44:09:79:d6:b4:2e:
         22:33:b5:9f:7e:dc:ab:31:28:31:ac:05:27:80:d9:3f:41:9f:
         56:ba:f1:72:8b:10:61:fa:e3:c1:a6:e7:0e:88:68:4b:79:e8:
         bc:5b:4f:36:8b:bc:5a:f2:d7:28:1f:03:2c:43:95:8f:f6:76:
         9d:8c:06:ab:f3:90:c2:51:39:2b:f8:10:98:cf:65:4c:af:61:
         42:18:dc:5c:34:b2:19:22:04:a2:b7:eb:fd:f3:29:b0:74:e5:
         71:fd:1a:84:a7:6f:bd:e7:26:0d:48:5d:c5:45:bf:79:42:15:
         78:d8:47:bc:6d:9a:a7:bd:6c:4e:5f:93:2d:d5:67:74:08:70:
         80:08:c5:3e:41:20:22:4f:38:11:1b:ad:46:79:3a:66:08:19:
         1d:00:00:8c:4f:ed:9d:38:2d:77:1e:8c:0b:38:17:27:8b:8f:
         be:78:b2:f8:47:c4:63:8d:c2:a4:41:10:37:0b:59:76:db:d5:
         40:1f:f1:75:90:b5:ef:25:88:61:2d:60:91:d2:3f:66:35:1f:
         f3:f0:76:b8:bd:83:72:26:d0:db:d7:df:17:b6:54:65:1d:4b:
         5f:a5:96:b8:7c:a4:c7:91:cc:ba:56:3c:70:ae:8c:a9:0f:fe:
         dc:8f:41:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UKYKoyhvqRLhGSY25kgfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTUwMjNkOGUwMjExMjY5OTdkNzkyNmE0NzcwMTYwOGFh
Y2UzYzcwHhcNMjUwODA0MDkwMTM4WhcNMjUwODA1MDkwMTM4WjAzMTEwLwYDVQQD
EyhmZTViMWM1Y2MyNDMyNmU2MzU2MjJhNDM2M2Q4OTY4YjE4NTcxNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOetGnUGniFwn4KPUQrSXvceDL0K
bkvZ1+D8AWfusZr1c/R7LqSB1brA9R0LaLiFRaP/RT6kMijPW+J9epwMzhXgHpBE
ZX2u4xLc/AGrlTwgETvsC1OmiRADE4EEH5jfR5mDYX/rDJ5pBEAArY+LGNwpwj/K
CHONk1IYf8ZdXGI2AvSakAwAwz3lmXPHJFw7bct/v59dIWMa3fZBKeXIfICGMMN/
UfjVQCcrTZ8oE5xWtF1g1WJpaj4pZjZv2g6ropt8aPCy52mXyAPOVZadt0c3ERUF
mLP2/Zre6a/n2WvF/Q79uGNvy0b4AvaHpYecgQbZWempAtUugeRlLKnLqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP5bHFzCQybmNWIqQ2PYlosYVxZwMB8GA1UdIwQY
MBaAFGilAj2OAhEmmX15JqR3AWCKrOPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUt
ODQ4MWU2YzMzZTNjLzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUtODQ4MWU2YzMzZTNj
LzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIc1fmPWx
5KldTVk1RAl51rQuIjO1n37cqzEoMawFJ4DZP0GfVrrxcosQYfrjwabnDohoS3no
vFtPNou8WvLXKB8DLEOVj/Z2nYwGq/OQwlE5K/gQmM9lTK9hQhjcXDSyGSIEorfr
/fMpsHTlcf0ahKdvvecmDUhdxUW/eUIVeNhHvG2ap71sTl+TLdVndAhwgAjFPkEg
Ik84ERutRnk6ZggZHQAAjE/tnTgtdx6MCzgXJ4uPvniy+EfEY43CpEEQNwtZdtvV
QB/xdZC17yWIYS1gkdI/ZjUf8/B2uL2DcibQ29ffF7ZUZR1LX6WWuHykx5HMulY8
cK6MqQ/+3I9BnQ==
-----END CERTIFICATE-----