Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          h+oPcaeNn8JoxB8MAHRCyF8CN5wX1nFbHTf35ESQH84=
Subject key identifier:   E2:9E:CE:14:6F:07:46:D3:90:38:23:78:1D:05:C3:9A:DD:39:EE:2A
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       01976BF488682C554D61D6801CDC5B35FAFD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          0637
Signing time:             Sat 14 Jun 2025 01:01:17 +0000
Manifest this update:     Sat 14 Jun 2025 01:01:17 +0000
Manifest next update:     Sun 15 Jun 2025 01:01:17 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: O2XKrHQ+v23bCcsD/RvuU9nMo04B3TdzhIe/Vm7MdZA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f4:88:68:2c:55:4d:61:d6:80:1c:dc:5b:35:fa:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Jun 14 01:01:17 2025 GMT
            Not After : Jun 15 01:01:17 2025 GMT
        Subject: CN=e29ece146f0746d3903823781d05c39add39ee2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ad:ea:20:1e:d9:4e:51:3f:da:c6:39:47:77:
                    17:8d:94:70:23:0f:88:99:bb:d0:1f:53:46:9c:15:
                    60:5e:9f:d9:28:14:12:f8:fa:59:26:41:8b:5f:ce:
                    fb:e4:c0:4f:7b:f9:6a:a8:00:4c:b6:62:3a:db:f7:
                    36:3f:2e:ba:ed:27:b6:1e:a1:2e:be:7a:64:58:81:
                    b2:64:a2:b3:99:ab:c2:ef:7f:df:c4:d4:16:c6:18:
                    4d:41:d4:79:1f:74:ad:da:e4:05:0e:74:69:2a:a4:
                    c5:ba:4e:c2:3c:35:60:19:07:1a:a7:e7:dc:9a:c7:
                    f1:fa:65:90:ad:1e:7d:a9:70:9d:a8:f7:34:6d:45:
                    ed:13:90:91:6b:62:22:ad:ce:73:bc:bc:af:25:1a:
                    a9:0b:43:09:da:b4:af:78:b3:06:b6:23:0e:a0:a1:
                    d2:71:0c:ea:43:24:fd:4f:b5:e9:4e:55:46:5b:e1:
                    d1:b0:15:2f:d8:94:0a:56:e5:15:06:c6:64:a2:0f:
                    cb:9d:29:0d:ac:34:33:2a:bb:51:8c:75:2e:da:c2:
                    d0:65:6c:03:9f:55:1d:21:ee:40:22:a2:47:a8:e6:
                    69:e9:81:d7:d8:99:d2:5a:22:9f:fe:94:2e:88:18:
                    24:39:43:3d:61:57:5d:64:25:5b:33:26:11:8d:93:
                    1d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:9E:CE:14:6F:07:46:D3:90:38:23:78:1D:05:C3:9A:DD:39:EE:2A
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:01:4c:34:24:90:a3:84:2d:42:46:7a:8c:16:c2:4d:70:06:
         80:92:cd:c4:e2:56:4f:e5:2a:0f:a9:6d:80:ee:ba:27:94:0e:
         d8:a3:f7:34:d4:d6:e5:68:41:06:a0:fc:5d:d8:12:c9:a2:77:
         cb:f5:15:11:00:c3:cf:82:e7:ba:f9:fd:82:93:04:89:7c:45:
         49:2f:ac:d9:59:6f:ed:b6:1b:97:95:96:d3:5e:c1:97:f6:03:
         50:7d:03:ae:24:21:f6:81:ee:2b:4d:15:3a:a4:c6:e5:27:9c:
         a7:ec:ad:03:ca:2f:fc:8d:72:67:b7:47:9b:20:ae:ff:77:55:
         e4:2a:32:40:16:fc:f8:08:1c:eb:fa:66:c4:55:a6:b2:73:d6:
         b9:8f:41:0f:6f:fe:72:df:f2:2a:cb:d9:e3:8e:a0:40:76:fc:
         95:d1:8a:ef:ab:0b:fe:7a:fd:b0:65:21:27:12:b8:99:fe:61:
         60:d8:b6:29:77:d2:15:47:18:9b:33:23:72:3f:db:02:a6:98:
         43:1b:5e:6f:e5:6d:70:19:83:45:f9:53:51:6b:a3:d0:96:28:
         9a:4c:b5:d9:0b:fa:d5:c7:e4:c7:ec:b0:2b:95:ff:d8:02:43:
         51:03:47:25:48:09:d4:2a:6a:07:de:e9:5f:4c:eb:8e:9b:92:
         73:88:4e:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr9IhoLFVNYdaAHNxbNfr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjUwNjE0MDEwMTE3WhcNMjUwNjE1MDEwMTE3WjAzMTEwLwYDVQQD
EyhlMjllY2UxNDZmMDc0NmQzOTAzODIzNzgxZDA1YzM5YWRkMzllZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK3qIB7ZTlE/2sY5R3cXjZRwIw+I
mbvQH1NGnBVgXp/ZKBQS+PpZJkGLX8775MBPe/lqqABMtmI62/c2Py667Se2HqEu
vnpkWIGyZKKzmavC73/fxNQWxhhNQdR5H3St2uQFDnRpKqTFuk7CPDVgGQcap+fc
msfx+mWQrR59qXCdqPc0bUXtE5CRa2Iirc5zvLyvJRqpC0MJ2rSveLMGtiMOoKHS
cQzqQyT9T7XpTlVGW+HRsBUv2JQKVuUVBsZkog/LnSkNrDQzKrtRjHUu2sLQZWwD
n1UdIe5AIqJHqOZp6YHX2JnSWiKf/pQuiBgkOUM9YVddZCVbMyYRjZMd6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOKezhRvB0bTkDgjeB0Fw5rdOe4qMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwFMNCSQ
o4QtQkZ6jBbCTXAGgJLNxOJWT+UqD6ltgO66J5QO2KP3NNTW5WhBBqD8XdgSyaJ3
y/UVEQDDz4Lnuvn9gpMEiXxFSS+s2Vlv7bYbl5WW017Bl/YDUH0DriQh9oHuK00V
OqTG5Secp+ytA8ov/I1yZ7dHmyCu/3dV5CoyQBb8+Agc6/pmxFWmsnPWuY9BD2/+
ct/yKsvZ446gQHb8ldGK76sL/nr9sGUhJxK4mf5hYNi2KXfSFUcYmzMjcj/bAqaY
Qxteb+VtcBmDRflTUWuj0JYomky12Qv61cfkx+ywK5X/2AJDUQNHJUgJ1CpqB97p
X0zrjpuSc4hO2A==
-----END CERTIFICATE-----