Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
File:                     aXC3r07RGKBaFTFefYuUY0yf6iA.mft (raw, json)
Hash identifier:          QxONDw6YRFd9yqNJpHA2EAKmqs0oOHnxuwqrvjZJAlA=
Subject key identifier:   D2:0A:85:7C:28:46:B3:1D:46:7D:BD:7A:06:32:94:6B:F7:C4:AE:27
Authority key identifier: 69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20
Certificate issuer:       /CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
Certificate serial:       0198752BFC636676C9E6991E8427B660E857
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
Manifest number:          0BA2
Signing time:             Mon 04 Aug 2025 13:01:13 +0000
Manifest this update:     Mon 04 Aug 2025 13:01:13 +0000
Manifest next update:     Tue 05 Aug 2025 13:01:13 +0000
Files and hashes:         1: aXC3r07RGKBaFTFefYuUY0yf6iA.crl (hash: /QkyJFiZen6C9tTqH+ETxmVqRuwpSdJMHgiIPaz0sxA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:2b:fc:63:66:76:c9:e6:99:1e:84:27:b6:60:e8:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
        Validity
            Not Before: Aug  4 13:01:13 2025 GMT
            Not After : Aug  5 13:01:13 2025 GMT
        Subject: CN=d20a857c2846b31d467dbd7a0632946bf7c4ae27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:00:bc:fb:a8:b1:c4:0c:24:24:48:57:03:a8:
                    a2:b7:18:c9:33:1e:66:2d:f7:9a:bd:e3:1e:82:1e:
                    a3:76:ed:23:af:ef:bc:05:cb:53:e1:0c:c8:27:b2:
                    d2:97:61:d9:19:7a:e8:ba:1e:72:93:9b:ac:01:24:
                    e2:14:f3:60:c1:59:33:08:9d:c5:3f:2d:4c:ed:b7:
                    db:d9:5d:12:ed:2b:12:a4:0d:1f:de:a0:ad:1c:1e:
                    8f:36:a2:5f:95:ba:5a:d5:40:70:a0:c8:83:52:5c:
                    0d:30:f0:2b:20:4f:ab:61:89:00:d6:34:13:fe:76:
                    e6:23:99:ec:43:30:d2:1c:6e:06:7f:fb:05:4f:e1:
                    49:76:06:3a:35:bd:7a:ec:39:b5:54:3e:e8:60:1c:
                    76:31:83:33:ac:4f:34:80:83:d6:09:46:54:86:a3:
                    19:71:91:11:0c:fe:eb:fb:d0:97:0b:28:49:f8:9d:
                    9c:06:15:93:9a:e3:b6:21:7d:91:22:16:38:31:ac:
                    28:00:8e:c5:d2:c7:88:f1:56:46:56:c4:9b:48:0c:
                    07:11:2e:f9:78:84:04:29:a3:bf:8d:20:6c:67:8b:
                    53:cd:3b:ab:69:37:2f:8d:bb:ed:09:68:17:5e:f3:
                    6b:eb:08:e9:d3:66:89:ca:ca:7e:d4:46:41:2a:77:
                    cd:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:0A:85:7C:28:46:B3:1D:46:7D:BD:7A:06:32:94:6B:F7:C4:AE:27
            X509v3 Authority Key Identifier:
                keyid:69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bf:4c:0c:db:67:1b:ac:57:68:b1:53:64:af:06:d9:39:31:29:
         cb:f1:6d:3d:85:06:0a:08:4d:f0:54:8b:c5:d3:d8:d0:64:c5:
         80:60:92:24:57:5c:55:28:9b:20:88:44:73:54:b2:28:2f:43:
         e9:05:be:4c:b6:ba:5b:5b:b8:aa:4e:69:b0:d0:86:8a:ea:05:
         21:14:3c:32:78:f2:63:f9:57:25:ee:f1:a9:49:31:7c:c6:c5:
         9b:aa:cd:09:48:fb:7e:5f:ef:d8:f3:d2:22:31:20:7c:90:d0:
         26:f3:3f:82:af:4b:60:e9:9e:e9:ed:de:40:45:0d:9f:9c:a1:
         5b:7f:84:d8:8c:bb:06:e3:f3:08:2b:8a:c0:c9:e9:04:a4:50:
         82:e8:a5:38:e6:66:e5:db:22:33:f0:2e:fb:57:4f:f5:c0:c8:
         67:7d:ab:ce:38:c0:96:fa:d9:a8:1b:70:da:1e:84:a5:ed:0b:
         43:b5:b7:f2:63:6a:4e:71:cf:16:bf:57:82:2c:74:8b:18:24:
         0a:fb:95:20:f2:15:81:cf:35:9f:2e:08:ce:68:8d:6a:26:02:
         92:b5:66:03:cb:b7:04:87:0e:2b:82:32:e5:9e:49:89:2d:73:
         62:b5:cb:69:ff:43:d3:c5:98:ca:ab:3d:aa:b0:66:c7:fd:74:
         da:51:5c:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh1K/xjZnbJ5pkehCe2YOhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzBiN2FmNGVkMTE4YTA1YTE1MzE1ZTdkOGI5NDYzNGM5
ZmVhMjAwHhcNMjUwODA0MTMwMTEzWhcNMjUwODA1MTMwMTEzWjAzMTEwLwYDVQQD
EyhkMjBhODU3YzI4NDZiMzFkNDY3ZGJkN2EwNjMyOTQ2YmY3YzRhZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QC8+6ixxAwkJEhXA6iitxjJMx5m
LfeaveMegh6jdu0jr++8BctT4QzIJ7LSl2HZGXrouh5yk5usASTiFPNgwVkzCJ3F
Py1M7bfb2V0S7SsSpA0f3qCtHB6PNqJflbpa1UBwoMiDUlwNMPArIE+rYYkA1jQT
/nbmI5nsQzDSHG4Gf/sFT+FJdgY6Nb167Dm1VD7oYBx2MYMzrE80gIPWCUZUhqMZ
cZERDP7r+9CXCyhJ+J2cBhWTmuO2IX2RIhY4MawoAI7F0seI8VZGVsSbSAwHES75
eIQEKaO/jSBsZ4tTzTuraTcvjbvtCWgXXvNr6wjp02aJysp+1EZBKnfNSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIKhXwoRrMdRn29egYylGv3xK4nMB8GA1UdIwQY
MBaAFGlwt69O0RigWhUxXn2LlGNMn+ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEt
YjEwNjIzMmEzNDJjLzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEtYjEwNjIzMmEzNDJj
LzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv0wM22cb
rFdosVNkrwbZOTEpy/FtPYUGCghN8FSLxdPY0GTFgGCSJFdcVSibIIhEc1SyKC9D
6QW+TLa6W1u4qk5psNCGiuoFIRQ8MnjyY/lXJe7xqUkxfMbFm6rNCUj7fl/v2PPS
IjEgfJDQJvM/gq9LYOme6e3eQEUNn5yhW3+E2Iy7BuPzCCuKwMnpBKRQguilOOZm
5dsiM/Au+1dP9cDIZ32rzjjAlvrZqBtw2h6Epe0LQ7W38mNqTnHPFr9Xgix0ixgk
CvuVIPIVgc81ny4IzmiNaiYCkrVmA8u3BIcOK4Iy5Z5JiS1zYrXLaf9D08WYyqs9
qrBmx/102lFcSg==
-----END CERTIFICATE-----