Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
File:                     aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json)
Hash identifier:          0L12oRWsMDaGBRTpCY97A/kF11ITlly36hl6O2Y0yt0=
Subject key identifier:   21:5B:2F:82:16:C6:04:22:D3:F5:7A:67:02:C4:C5:65:2D:7A:D9:BB
Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0
Certificate issuer:       /CN=69a10a129558c8380bc13d9ac45401d21dab9df0
Certificate serial:       01988CFE2015D93EAF37C16EF93B4B351D2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
Manifest number:          1621
Signing time:             Sat 09 Aug 2025 04:02:01 +0000
Manifest this update:     Sat 09 Aug 2025 04:02:01 +0000
Manifest next update:     Sun 10 Aug 2025 04:02:01 +0000
Files and hashes:         1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: 5Ww6OV8n32fdCE7mHFZfpa5lWuc/+v+dxWryGLYewXs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 04:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8c:fe:20:15:d9:3e:af:37:c1:6e:f9:3b:4b:35:1d:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0
        Validity
            Not Before: Aug  9 04:02:01 2025 GMT
            Not After : Aug 10 04:02:01 2025 GMT
        Subject: CN=215b2f8216c60422d3f57a6702c4c5652d7ad9bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:f2:fa:b4:08:c8:4a:03:f9:65:54:69:05:d0:
                    55:4d:ca:45:18:ce:73:4a:cd:99:01:86:44:82:da:
                    4f:89:a3:ae:d7:16:13:0a:68:ff:f8:42:7a:ab:e5:
                    49:9f:62:74:c1:f8:52:76:0f:c2:2c:e1:42:3e:10:
                    33:b6:4a:30:cd:c6:f4:46:bd:06:0f:a4:7b:07:ea:
                    a3:04:ee:a4:e5:53:c1:d6:47:02:03:52:a7:6c:fd:
                    f0:3e:e2:2f:2f:49:5f:de:04:c5:b9:40:bc:f1:28:
                    13:d5:b2:af:c6:f6:aa:c5:6e:b1:ac:c1:b8:e8:d2:
                    8b:7b:a9:68:d6:d4:81:2b:24:26:92:13:7b:c5:7d:
                    f9:43:77:dc:4a:d6:2d:be:40:11:e7:d3:5a:17:27:
                    6d:8d:47:11:cc:bd:3c:4d:65:1f:c7:9b:36:57:be:
                    73:0d:df:54:90:ca:58:fb:54:f7:a0:57:7e:2e:7c:
                    09:46:56:40:6e:18:a8:06:d1:52:ee:8a:eb:d7:d0:
                    b4:92:be:54:e4:a2:8d:fb:ba:d4:da:62:41:5a:d1:
                    95:c9:13:48:e3:e4:29:32:9f:fc:47:f9:2b:e4:ba:
                    a8:7c:b4:55:91:bd:c7:55:7b:f1:4f:45:c3:33:61:
                    ad:97:3b:51:4d:cf:50:a8:45:67:3b:0b:93:1f:2c:
                    7f:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:5B:2F:82:16:C6:04:22:D3:F5:7A:67:02:C4:C5:65:2D:7A:D9:BB
            X509v3 Authority Key Identifier:
                keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:ec:3c:f2:f0:d4:21:ab:56:08:2a:7d:36:a2:df:ff:63:c3:
         49:d4:6a:e9:6f:d9:5d:3d:0d:f7:f2:c7:fa:9c:11:b4:a2:f8:
         d1:65:96:e7:4e:0e:9c:70:d8:90:3e:2a:13:3e:5f:5b:c8:2c:
         84:82:80:fd:df:44:1a:1e:3b:b6:8a:4d:b2:c3:2c:d7:09:c4:
         ac:a6:33:c6:7f:c3:b4:ce:7c:71:3f:cd:7b:19:6d:10:23:2e:
         bf:e9:d7:be:7a:af:30:d5:9f:c7:6a:68:48:6c:48:15:ea:b2:
         dd:cd:37:c9:3a:04:1a:1e:54:2f:5f:c3:27:59:3a:a5:9b:a6:
         13:a6:bb:0f:9d:05:d5:44:2f:1c:47:90:ed:89:49:ff:ee:bf:
         25:e3:ff:65:cb:74:99:be:94:3f:dd:19:cf:3a:68:b0:f7:98:
         68:14:09:a3:03:43:f1:b5:1f:34:8f:38:e9:27:98:16:79:19:
         46:38:51:07:8f:83:d2:0e:38:72:46:6d:e5:c2:1d:18:8b:0a:
         0c:f3:b5:92:44:e2:e2:68:91:7e:4d:41:eb:6a:e4:93:4e:ad:
         4b:cc:c7:04:af:1b:9e:1f:14:e0:41:f1:d1:8d:0a:32:e5:37:
         88:e3:e2:43:fd:ef:ea:bc:fc:af:89:cc:4b:60:70:63:34:f1:
         d0:98:3d:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiM/iAV2T6vN8Fu+TtLNR0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh
YjlkZjAwHhcNMjUwODA5MDQwMjAxWhcNMjUwODEwMDQwMjAxWjAzMTEwLwYDVQQD
EygyMTViMmY4MjE2YzYwNDIyZDNmNTdhNjcwMmM0YzU2NTJkN2FkOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvL6tAjISgP5ZVRpBdBVTcpFGM5z
Ss2ZAYZEgtpPiaOu1xYTCmj/+EJ6q+VJn2J0wfhSdg/CLOFCPhAztkowzcb0Rr0G
D6R7B+qjBO6k5VPB1kcCA1KnbP3wPuIvL0lf3gTFuUC88SgT1bKvxvaqxW6xrMG4
6NKLe6lo1tSBKyQmkhN7xX35Q3fcStYtvkAR59NaFydtjUcRzL08TWUfx5s2V75z
Dd9UkMpY+1T3oFd+LnwJRlZAbhioBtFS7orr19C0kr5U5KKN+7rU2mJBWtGVyRNI
4+QpMp/8R/kr5LqofLRVkb3HVXvxT0XDM2GtlztRTc9QqEVnOwuTHyx/5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFbL4IWxgQi0/V6ZwLExWUtetm7MB8GA1UdIwQY
MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt
ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2
LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuOw88vDU
IatWCCp9NqLf/2PDSdRq6W/ZXT0N9/LH+pwRtKL40WWW504OnHDYkD4qEz5fW8gs
hIKA/d9EGh47topNssMs1wnErKYzxn/DtM58cT/NexltECMuv+nXvnqvMNWfx2po
SGxIFeqy3c03yToEGh5UL1/DJ1k6pZumE6a7D50F1UQvHEeQ7YlJ/+6/JeP/Zct0
mb6UP90ZzzposPeYaBQJowND8bUfNI846SeYFnkZRjhRB4+D0g44ckZt5cIdGIsK
DPO1kkTi4miRfk1B62rkk06tS8zHBK8bnh8U4EHx0Y0KMuU3iOPiQ/3v6rz8r4nM
S2BwYzTx0Jg9Bg==
-----END CERTIFICATE-----