Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
File:                     aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json)
Hash identifier:          YaHJ707BvGy0XyJnDK4tKoiYf6mnOt/tOK169C4JIT0=
Subject key identifier:   78:5C:6F:97:70:64:38:11:52:30:71:34:9F:18:F7:53:73:4B:FD:20
Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F
Certificate issuer:       /CN=681146303f5751ec0dfc2ef547aab247af4e681f
Certificate serial:       019769612C6DB345D130A10B49DA04779C5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
Manifest number:          0C6D
Signing time:             Fri 13 Jun 2025 13:01:05 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:05 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:05 +0000
Files and hashes:         1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: N0fa7OxToZS1RtJ7DdwD2MJ+36pP4tijqHyMdNkWbYs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:2c:6d:b3:45:d1:30:a1:0b:49:da:04:77:9c:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f
        Validity
            Not Before: Jun 13 13:01:05 2025 GMT
            Not After : Jun 14 13:01:05 2025 GMT
        Subject: CN=785c6f9770643811523071349f18f753734bfd20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:96:45:c8:d2:3d:4c:8a:01:b6:ed:42:32:44:
                    a1:17:8d:05:ea:4a:d8:8f:9e:33:fd:e8:ae:7f:15:
                    2a:2a:85:ea:fc:40:f2:18:e4:da:77:12:7b:fa:8e:
                    bf:56:2d:06:2f:3c:da:d4:96:04:78:8b:da:9a:0f:
                    85:58:f7:5f:81:3b:d7:e9:db:e6:18:0c:1d:df:b9:
                    e0:25:4c:f5:a9:a1:ab:14:66:72:ba:b4:5d:2c:12:
                    02:35:aa:8b:49:4a:31:14:af:91:cf:ff:a9:31:70:
                    90:cd:11:e8:c1:47:7e:dd:6e:a4:44:f2:f5:b3:84:
                    98:64:15:f8:af:56:20:88:18:ee:19:de:46:6d:9b:
                    d9:75:11:8c:b6:08:20:36:bb:d6:dc:c7:24:00:15:
                    1a:36:97:a7:72:e9:f8:0f:bf:c7:b9:86:8d:86:c8:
                    3d:cd:05:8a:3c:1b:c1:9e:81:f9:6e:c8:e2:8b:9f:
                    e8:60:67:52:b9:eb:57:6e:3c:5f:e3:2d:4e:68:7d:
                    75:75:ab:ea:56:fe:62:b1:e3:63:b9:98:b2:f9:ac:
                    7e:31:1e:63:ae:ad:56:ec:38:d4:7e:cb:42:98:74:
                    c0:76:11:ad:64:ad:7c:81:78:dc:b4:3b:52:77:d3:
                    73:ac:00:be:7a:74:37:57:23:2c:41:e1:3b:c4:83:
                    49:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:5C:6F:97:70:64:38:11:52:30:71:34:9F:18:F7:53:73:4B:FD:20
            X509v3 Authority Key Identifier:
                keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:fd:5d:12:09:fa:39:d0:bf:7f:a0:f3:b6:22:85:c3:d7:65:
         14:b5:aa:03:20:60:2b:db:7c:bb:49:a5:f1:5d:42:53:a0:9c:
         75:b2:1f:be:e4:d6:5b:cc:21:f4:17:69:3f:54:5c:9e:48:a8:
         36:12:f4:46:be:c1:f5:94:18:fd:22:95:ff:33:4c:47:01:3d:
         f6:7d:b5:5b:d9:be:a8:70:46:83:a9:5b:02:47:c6:05:ec:f3:
         77:2e:3e:e9:cd:cf:16:87:97:ae:1c:74:fb:7e:3b:6f:3e:38:
         33:af:ba:95:91:f3:af:e8:0f:37:42:74:9e:f2:34:34:51:8b:
         36:76:24:9c:17:b4:b6:b6:44:d9:df:f2:2c:69:10:d7:43:0e:
         fb:6c:3a:89:da:55:c6:1a:e5:74:1f:09:92:6b:9b:0e:87:b1:
         cc:f3:0b:bc:2d:e2:fe:67:9d:a0:86:aa:5a:0c:89:dd:74:81:
         84:1e:8a:4c:37:da:f4:40:50:24:7b:e0:d3:24:38:11:31:b8:
         4f:9e:3e:94:8b:a3:73:f4:ac:91:94:3d:8a:94:c4:82:a5:b6:
         38:4b:e4:72:01:e4:c4:26:dd:30:f7:10:14:8e:4f:56:b1:e4:
         65:6a:35:e0:83:68:b5:cc:23:17:f8:b9:ca:13:f9:ff:e0:25:
         26:37:0b:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYSxts0XRMKELSdoEd5xdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0
ZTY4MWYwHhcNMjUwNjEzMTMwMTA1WhcNMjUwNjE0MTMwMTA1WjAzMTEwLwYDVQQD
Eyg3ODVjNmY5NzcwNjQzODExNTIzMDcxMzQ5ZjE4Zjc1MzczNGJmZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJZFyNI9TIoBtu1CMkShF40F6krY
j54z/eiufxUqKoXq/EDyGOTadxJ7+o6/Vi0GLzza1JYEeIvamg+FWPdfgTvX6dvm
GAwd37ngJUz1qaGrFGZyurRdLBICNaqLSUoxFK+Rz/+pMXCQzRHowUd+3W6kRPL1
s4SYZBX4r1YgiBjuGd5GbZvZdRGMtgggNrvW3MckABUaNpencun4D7/HuYaNhsg9
zQWKPBvBnoH5bsjii5/oYGdSuetXbjxf4y1OaH11davqVv5iseNjuZiy+ax+MR5j
rq1W7DjUfstCmHTAdhGtZK18gXjctDtSd9NzrAC+enQ3VyMsQeE7xINJgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhcb5dwZDgRUjBxNJ8Y91NzS/0gMB8GA1UdIwQY
MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt
NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi
LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoP1dEgn6
OdC/f6DztiKFw9dlFLWqAyBgK9t8u0ml8V1CU6CcdbIfvuTWW8wh9BdpP1Rcnkio
NhL0Rr7B9ZQY/SKV/zNMRwE99n21W9m+qHBGg6lbAkfGBezzdy4+6c3PFoeXrhx0
+347bz44M6+6lZHzr+gPN0J0nvI0NFGLNnYknBe0trZE2d/yLGkQ10MO+2w6idpV
xhrldB8JkmubDoexzPMLvC3i/medoIaqWgyJ3XSBhB6KTDfa9EBQJHvg0yQ4ETG4
T54+lIujc/SskZQ9ipTEgqW2OEvkcgHkxCbdMPcQFI5PVrHkZWo14INotcwjF/i5
yhP5/+AlJjcLOw==
-----END CERTIFICATE-----