Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
File:                     aXC3r07RGKBaFTFefYuUY0yf6iA.mft (raw, json)
Hash identifier:          2Qop/JZf2c3VzumJcQyuavHnG1YFYCm+oUW+X0Ytlw4=
Subject key identifier:   A9:BC:52:50:59:98:BF:3B:AA:4E:4F:09:FC:E4:32:2E:C0:56:12:2B
Authority key identifier: 69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20
Certificate issuer:       /CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
Certificate serial:       019684DA56C7B154F67C9153E1E18A8E3FE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
Manifest number:          0AA1
Signing time:             Wed 30 Apr 2025 04:00:23 +0000
Manifest this update:     Wed 30 Apr 2025 04:00:23 +0000
Manifest next update:     Thu 01 May 2025 04:00:23 +0000
Files and hashes:         1: aXC3r07RGKBaFTFefYuUY0yf6iA.crl (hash: LB4mVr8NM8mToRurqa7iOLQqSQUhkSy4ciDshRm0wlw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:da:56:c7:b1:54:f6:7c:91:53:e1:e1:8a:8e:3f:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6970b7af4ed118a05a15315e7d8b94634c9fea20
        Validity
            Not Before: Apr 30 04:00:23 2025 GMT
            Not After : May  1 04:00:23 2025 GMT
        Subject: CN=a9bc52505998bf3baa4e4f09fce4322ec056122b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:92:b2:f2:da:50:6a:76:17:24:72:a5:0b:42:
                    bb:24:12:89:30:65:65:8c:44:74:2d:ef:ee:30:d2:
                    f4:65:24:1a:e4:74:f5:19:09:fe:56:08:5d:53:53:
                    42:ab:6b:cb:1f:b5:3a:13:c0:2a:5a:15:79:74:70:
                    31:ed:5d:d1:af:34:b7:56:b9:7c:c6:a8:d7:ed:6b:
                    27:43:d8:22:1c:38:0e:78:c0:40:93:00:d8:7d:14:
                    3f:33:73:fa:72:8f:37:05:b1:1e:76:c0:71:3d:b0:
                    24:f2:01:e1:ee:a9:43:18:52:fb:76:d2:72:52:4c:
                    1d:f5:8e:bb:ed:6d:fa:66:13:8c:53:dc:f5:24:26:
                    7d:8b:15:be:35:c2:c6:6c:d1:0a:8f:c8:82:bc:4d:
                    38:ff:03:ee:9a:d7:a9:16:d6:a8:0a:85:43:66:a9:
                    cc:42:18:62:c5:7f:97:e9:ff:24:46:98:4d:ee:67:
                    ee:87:d0:ad:4f:8e:61:57:1a:bc:f5:99:20:91:62:
                    3e:ff:b5:80:b4:3d:79:6d:83:cc:fc:70:fb:35:bc:
                    92:d7:c1:bc:96:45:1c:53:d2:aa:12:fa:24:8f:55:
                    fe:89:6b:f7:06:22:1b:9d:1e:a0:92:98:ac:06:0a:
                    c4:05:83:e7:8d:f9:1b:11:31:e4:07:52:99:13:f7:
                    39:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:BC:52:50:59:98:BF:3B:AA:4E:4F:09:FC:E4:32:2E:C0:56:12:2B
            X509v3 Authority Key Identifier:
                keyid:69:70:B7:AF:4E:D1:18:A0:5A:15:31:5E:7D:8B:94:63:4C:9F:EA:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXC3r07RGKBaFTFefYuUY0yf6iA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6c13ac-38a7-468c-b7f1-b106232a342c/1/aXC3r07RGKBaFTFefYuUY0yf6iA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:66:05:ca:1a:7e:a1:a4:b2:30:3f:32:b9:ae:e9:fe:c6:72:
         3e:e2:e9:36:0d:d6:76:14:da:ff:37:2f:a5:bb:29:a4:89:fc:
         eb:d7:9d:e8:f1:91:a6:91:88:f2:11:6b:11:26:a2:50:4c:fd:
         c2:69:d2:5f:7f:3f:29:62:70:e4:8c:7d:8e:1c:b0:fd:61:2c:
         95:e8:4a:a7:db:34:54:63:96:2b:df:e0:04:56:f0:d7:b1:97:
         52:01:a5:54:60:0f:f3:11:c1:c0:6d:89:b6:86:73:42:bd:39:
         af:a3:a0:1c:97:80:a6:e4:ab:18:15:f3:c9:d7:73:a3:16:fa:
         f4:d2:9f:71:0d:42:2c:69:d4:4d:8e:de:19:d4:c6:30:c0:c4:
         2b:2a:64:d8:4b:ac:4a:6b:70:0c:ca:d9:7e:f1:62:b1:e9:99:
         3f:f4:92:f9:cc:db:a9:e1:e2:ce:4a:36:22:b1:50:a8:2c:3a:
         50:d0:33:d1:2b:a9:84:1d:f8:25:c5:d5:29:f8:6d:18:1a:1f:
         05:42:2e:a4:96:f4:c0:91:93:f0:2a:6b:74:4a:57:17:62:0d:
         72:c7:a1:f5:4b:2c:0f:03:03:8d:62:0d:d5:b6:e6:68:4a:bb:
         02:6a:b2:05:94:ff:78:00:c0:d0:db:54:fe:68:5f:ea:13:a0:
         9d:9c:c4:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaE2lbHsVT2fJFT4eGKjj/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzBiN2FmNGVkMTE4YTA1YTE1MzE1ZTdkOGI5NDYzNGM5
ZmVhMjAwHhcNMjUwNDMwMDQwMDIzWhcNMjUwNTAxMDQwMDIzWjAzMTEwLwYDVQQD
EyhhOWJjNTI1MDU5OThiZjNiYWE0ZTRmMDlmY2U0MzIyZWMwNTYxMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5Ky8tpQanYXJHKlC0K7JBKJMGVl
jER0Le/uMNL0ZSQa5HT1GQn+VghdU1NCq2vLH7U6E8AqWhV5dHAx7V3RrzS3Vrl8
xqjX7WsnQ9giHDgOeMBAkwDYfRQ/M3P6co83BbEedsBxPbAk8gHh7qlDGFL7dtJy
Ukwd9Y677W36ZhOMU9z1JCZ9ixW+NcLGbNEKj8iCvE04/wPumtepFtaoCoVDZqnM
QhhixX+X6f8kRphN7mfuh9CtT45hVxq89ZkgkWI+/7WAtD15bYPM/HD7NbyS18G8
lkUcU9KqEvokj1X+iWv3BiIbnR6gkpisBgrEBYPnjfkbETHkB1KZE/c5VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKm8UlBZmL87qk5PCfzkMi7AVhIrMB8GA1UdIwQY
MBaAFGlwt69O0RigWhUxXn2LlGNMn+ogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEt
YjEwNjIzMmEzNDJjLzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS82YzEzYWMtMzhhNy00NjhjLWI3ZjEtYjEwNjIzMmEzNDJj
LzEvYVhDM3IwN1JHS0JhRlRGZWZZdVVZMHlmNmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHmYFyhp+
oaSyMD8yua7p/sZyPuLpNg3WdhTa/zcvpbsppIn869ed6PGRppGI8hFrESaiUEz9
wmnSX38/KWJw5Ix9jhyw/WEslehKp9s0VGOWK9/gBFbw17GXUgGlVGAP8xHBwG2J
toZzQr05r6OgHJeApuSrGBXzyddzoxb69NKfcQ1CLGnUTY7eGdTGMMDEKypk2Eus
SmtwDMrZfvFisemZP/SS+czbqeHizko2IrFQqCw6UNAz0SuphB34JcXVKfhtGBof
BUIupJb0wJGT8CprdEpXF2INcseh9UssDwMDjWIN1bbmaEq7AmqyBZT/eADA0NtU
/mhf6hOgnZzEVw==
-----END CERTIFICATE-----