Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
File:                     aWZRzL2U9r6et0MyEiM1yrvvw5o.mft (raw, json)
Hash identifier:          5nwIVCa1M53wXXq1dVqS/VXUDC/u/qCYi2SJLfIKXjU=
Subject key identifier:   75:59:50:71:D5:C7:52:83:91:36:61:31:7C:79:75:9E:90:5B:EA:BE
Authority key identifier: 69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A
Certificate issuer:       /CN=696651ccbd94f6be9eb74332122335cabbefc39a
Certificate serial:       01976BBD7545BE7FDAF2001F9DEF4A5B53DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
Manifest number:          04BB
Signing time:             Sat 14 Jun 2025 00:01:07 +0000
Manifest this update:     Sat 14 Jun 2025 00:01:07 +0000
Manifest next update:     Sun 15 Jun 2025 00:01:07 +0000
Files and hashes:         1: aWZRzL2U9r6et0MyEiM1yrvvw5o.crl (hash: 0dimQU84gYCfcE7kd1LdwrymE8LO2mRGZwdN9Cav8Gk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bd:75:45:be:7f:da:f2:00:1f:9d:ef:4a:5b:53:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=696651ccbd94f6be9eb74332122335cabbefc39a
        Validity
            Not Before: Jun 14 00:01:07 2025 GMT
            Not After : Jun 15 00:01:07 2025 GMT
        Subject: CN=75595071d5c75283913661317c79759e905beabe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cf:e2:f3:d1:74:1b:52:49:f4:b6:33:27:25:
                    8a:ef:43:ec:88:8e:82:22:02:d6:34:a8:b6:42:53:
                    a1:12:18:04:ed:e0:98:da:d3:51:29:e3:3d:5e:1a:
                    2b:bc:b3:86:57:52:bc:e6:11:89:64:c4:f1:37:4f:
                    58:f5:16:93:34:63:83:98:7d:f6:c9:c3:49:0e:1a:
                    14:38:20:8e:e0:a6:81:c1:47:2c:00:1d:f2:59:39:
                    19:85:29:b4:83:8f:59:62:a6:a7:28:f3:3d:02:a1:
                    66:f0:9e:a3:58:30:50:ad:2f:0f:49:e1:af:36:bc:
                    49:98:77:20:4f:b6:56:d0:37:b3:4f:b3:37:e1:76:
                    a7:cd:d1:a7:ee:29:b5:0c:86:25:7f:95:43:ee:ee:
                    51:a9:42:1f:80:ef:83:ac:b3:ff:fd:40:78:ad:92:
                    2c:7c:2a:e4:58:58:8f:6a:1e:ee:7e:70:2a:63:b6:
                    3a:35:d8:04:67:17:74:6f:40:74:19:eb:e9:d8:44:
                    29:47:65:68:89:a5:fd:c5:5b:71:57:35:5e:27:cd:
                    1e:06:c8:18:9b:aa:36:5a:02:0a:b3:43:f7:5e:22:
                    49:e2:f9:1f:17:6d:01:8f:dc:ac:ec:1f:c5:f5:70:
                    01:35:13:86:ed:64:cf:f4:ab:d6:05:bb:de:06:6d:
                    b1:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:59:50:71:D5:C7:52:83:91:36:61:31:7C:79:75:9E:90:5B:EA:BE
            X509v3 Authority Key Identifier:
                keyid:69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:1a:a2:d9:eb:a4:04:00:8b:88:56:77:f9:9d:7a:dc:d1:fd:
         d7:e8:98:65:30:1c:bd:84:66:5c:a0:ed:25:d6:85:68:06:b0:
         54:39:28:37:d3:99:0e:bc:a5:7b:83:86:dc:c0:61:55:a5:ac:
         cb:f0:e7:58:fd:61:5c:e7:75:86:29:1c:4d:1b:31:bb:80:6d:
         02:ee:39:d0:73:58:7d:cd:2c:e3:a3:20:32:b8:28:1f:72:8f:
         0d:73:76:17:87:2b:4f:b1:50:6d:6e:88:5e:2d:37:9e:42:79:
         d5:53:9d:6f:55:a2:e2:3e:b6:e9:80:dd:b8:cd:c0:ad:af:9f:
         9a:b3:cd:b6:fe:ca:ca:b8:48:f2:c6:d3:54:91:15:3d:11:a5:
         1f:e7:95:bb:7d:16:9c:f7:6c:d2:c2:00:34:28:60:32:5a:dd:
         96:2c:f6:1d:01:3d:36:ea:8c:5d:cc:89:0d:7d:19:7e:0e:5a:
         d3:70:fb:fb:fa:34:58:41:73:f0:73:15:cb:4c:27:5a:31:eb:
         55:91:9a:97:1f:75:e6:f0:29:4b:38:b4:16:be:c3:66:8d:fe:
         7f:89:e4:66:d4:4e:3d:fa:8d:73:ec:50:20:f3:f4:f3:1f:b5:
         e5:3c:6f:f4:5c:f0:46:6e:3b:eb:f1:bc:f7:b9:d0:76:58:98:
         a2:9a:fa:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvXVFvn/a8gAfne9KW1PcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY1MWNjYmQ5NGY2YmU5ZWI3NDMzMjEyMjMzNWNhYmJl
ZmMzOWEwHhcNMjUwNjE0MDAwMTA3WhcNMjUwNjE1MDAwMTA3WjAzMTEwLwYDVQQD
Eyg3NTU5NTA3MWQ1Yzc1MjgzOTEzNjYxMzE3Yzc5NzU5ZTkwNWJlYWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyM/i89F0G1JJ9LYzJyWK70PsiI6C
IgLWNKi2QlOhEhgE7eCY2tNRKeM9XhorvLOGV1K85hGJZMTxN09Y9RaTNGODmH32
ycNJDhoUOCCO4KaBwUcsAB3yWTkZhSm0g49ZYqanKPM9AqFm8J6jWDBQrS8PSeGv
NrxJmHcgT7ZW0DezT7M34XanzdGn7im1DIYlf5VD7u5RqUIfgO+DrLP//UB4rZIs
fCrkWFiPah7ufnAqY7Y6NdgEZxd0b0B0Gevp2EQpR2VoiaX9xVtxVzVeJ80eBsgY
m6o2WgIKs0P3XiJJ4vkfF20Bj9ys7B/F9XABNROG7WTP9KvWBbveBm2xiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHVZUHHVx1KDkTZhMXx5dZ6QW+q+MB8GA1UdIwQY
MBaAFGlmUcy9lPa+nrdDMhIjNcq778OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAt
ZDg3MDE3ZDdhNmFjLzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAtZDg3MDE3ZDdhNmFj
LzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYBqi2euk
BACLiFZ3+Z163NH91+iYZTAcvYRmXKDtJdaFaAawVDkoN9OZDryle4OG3MBhVaWs
y/DnWP1hXOd1hikcTRsxu4BtAu450HNYfc0s46MgMrgoH3KPDXN2F4crT7FQbW6I
Xi03nkJ51VOdb1Wi4j626YDduM3Ara+fmrPNtv7KyrhI8sbTVJEVPRGlH+eVu30W
nPds0sIANChgMlrdliz2HQE9NuqMXcyJDX0Zfg5a03D7+/o0WEFz8HMVy0wnWjHr
VZGalx915vApSzi0Fr7DZo3+f4nkZtROPfqNc+xQIPP08x+15Txv9FzwRm476/G8
97nQdliYopr60A==
-----END CERTIFICATE-----