Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
File:                     aaEKEpVYyDgLwT2axFQB0h2rnfA.mft (raw, json)
Hash identifier:          60zUfnz2/yj2i8lRTs55or4t9Jm/L1vu+UNZlOnclh8=
Subject key identifier:   F2:9C:F0:61:E6:38:A8:D7:C7:B5:1C:18:D1:4A:07:BF:0D:97:89:13
Authority key identifier: 69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0
Certificate issuer:       /CN=69a10a129558c8380bc13d9ac45401d21dab9df0
Certificate serial:       0197711AB607092AD31D9CC07F46BBEC46B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
Manifest number:          158E
Signing time:             Sun 15 Jun 2025 01:01:05 +0000
Manifest this update:     Sun 15 Jun 2025 01:01:05 +0000
Manifest next update:     Mon 16 Jun 2025 01:01:05 +0000
Files and hashes:         1: aaEKEpVYyDgLwT2axFQB0h2rnfA.crl (hash: Bz4+oBzAhnKo0+aRuZlzF1rbGOt8reu+Kz3LoKHOhmU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 19:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:1a:b6:07:09:2a:d3:1d:9c:c0:7f:46:bb:ec:46:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a10a129558c8380bc13d9ac45401d21dab9df0
        Validity
            Not Before: Jun 15 01:01:05 2025 GMT
            Not After : Jun 16 01:01:05 2025 GMT
        Subject: CN=f29cf061e638a8d7c7b51c18d14a07bf0d978913
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:1f:69:8e:b2:d7:cd:2b:72:46:37:de:ec:5f:
                    3e:45:bb:f6:34:fb:c2:9a:b2:85:ac:2b:f2:81:7f:
                    a3:e4:f1:df:3f:0f:3a:d3:ee:b8:69:c2:34:61:e0:
                    0e:f2:0b:00:6a:38:63:2e:a8:0a:e1:d3:9c:ec:09:
                    92:9c:5e:32:fa:23:96:69:0e:b5:4f:61:6c:8f:54:
                    15:68:33:e2:fc:6d:d0:94:0f:d4:f8:ff:2f:db:44:
                    7c:c3:51:d2:b5:3f:d3:15:9f:4f:a1:61:5b:8c:6f:
                    dc:50:0f:69:92:4a:d5:67:6c:1b:a3:5a:9a:59:4d:
                    65:8d:1d:c4:dd:89:d2:09:e7:09:cf:2c:d0:9f:78:
                    6c:3c:d9:b6:99:c8:52:56:1e:09:8c:c5:c3:bd:74:
                    e0:82:32:46:f2:66:75:09:d8:5b:07:a9:5e:cb:71:
                    4b:ac:bb:f5:7c:ec:dc:5a:8a:11:48:81:53:b0:c5:
                    19:00:4c:3d:9f:5c:38:0e:7a:c0:e4:da:40:2f:49:
                    1e:30:93:27:d9:57:e5:c1:67:22:3c:3e:65:d7:d6:
                    e3:04:0e:b3:28:c8:d1:d5:f3:97:cf:fa:63:4f:1d:
                    76:8a:73:69:1f:fc:0a:01:6d:67:d7:a7:9a:46:3c:
                    f0:dd:d6:91:76:e6:b9:65:1e:04:57:67:8d:a8:bb:
                    8f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:9C:F0:61:E6:38:A8:D7:C7:B5:1C:18:D1:4A:07:BF:0D:97:89:13
            X509v3 Authority Key Identifier:
                keyid:69:A1:0A:12:95:58:C8:38:0B:C1:3D:9A:C4:54:01:D2:1D:AB:9D:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaEKEpVYyDgLwT2axFQB0h2rnfA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/2a6fb0-48b2-4f93-855b-877c65b01456/1/aaEKEpVYyDgLwT2axFQB0h2rnfA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:c2:d9:0b:1b:0e:e3:1f:31:20:65:c7:e8:9f:8d:c6:fb:7b:
         a9:a0:97:30:c2:a5:49:b8:8b:ee:08:04:30:d9:98:24:03:c0:
         cc:4c:4a:ad:dd:a9:d3:4c:fd:38:91:1b:9e:c8:14:eb:bb:55:
         7f:ed:95:e5:ef:fe:3a:2f:ee:ae:c2:6a:24:a5:d6:62:e0:73:
         f0:7f:3f:5e:91:08:80:71:cd:c5:fd:bb:65:e0:3c:51:f7:74:
         54:b0:dc:e8:f6:22:25:c6:cb:f5:da:9a:c9:42:c9:24:2e:79:
         78:c5:4b:08:5a:80:f2:3e:00:0e:0c:77:3b:47:3f:3e:62:ea:
         d4:e6:8a:27:32:77:c5:98:fd:0a:8f:1e:f9:96:89:3e:50:a8:
         4e:f0:62:ab:bd:7c:c2:0e:cb:5d:e7:2f:26:18:a4:d6:2d:c3:
         0c:7b:7c:7b:7a:d1:23:4b:03:ca:30:38:30:a8:f3:0e:a4:06:
         50:90:cd:63:4c:cf:d3:85:db:41:8d:a3:98:c7:15:40:d2:76:
         bf:bf:4d:f3:a2:c0:db:15:8a:da:78:22:5b:6e:a9:06:67:d3:
         88:78:f7:99:17:db:2f:dd:92:cf:85:c3:f8:aa:3d:fc:15:4b:
         9d:85:62:18:66:7c:55:40:52:00:88:10:c4:be:a5:d3:66:44:
         57:2c:ce:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxGrYHCSrTHZzAf0a77Ea2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTEwYTEyOTU1OGM4MzgwYmMxM2Q5YWM0NTQwMWQyMWRh
YjlkZjAwHhcNMjUwNjE1MDEwMTA1WhcNMjUwNjE2MDEwMTA1WjAzMTEwLwYDVQQD
EyhmMjljZjA2MWU2MzhhOGQ3YzdiNTFjMThkMTRhMDdiZjBkOTc4OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph9pjrLXzStyRjfe7F8+Rbv2NPvC
mrKFrCvygX+j5PHfPw860+64acI0YeAO8gsAajhjLqgK4dOc7AmSnF4y+iOWaQ61
T2Fsj1QVaDPi/G3QlA/U+P8v20R8w1HStT/TFZ9PoWFbjG/cUA9pkkrVZ2wbo1qa
WU1ljR3E3YnSCecJzyzQn3hsPNm2mchSVh4JjMXDvXTggjJG8mZ1CdhbB6ley3FL
rLv1fOzcWooRSIFTsMUZAEw9n1w4DnrA5NpAL0keMJMn2VflwWciPD5l19bjBA6z
KMjR1fOXz/pjTx12inNpH/wKAW1n16eaRjzw3daRdua5ZR4EV2eNqLuPHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKc8GHmOKjXx7UcGNFKB78Nl4kTMB8GA1UdIwQY
MBaAFGmhChKVWMg4C8E9msRUAdIdq53wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWIt
ODc3YzY1YjAxNDU2LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8yYTZmYjAtNDhiMi00ZjkzLTg1NWItODc3YzY1YjAxNDU2
LzEvYWFFS0VwVll5RGdMd1QyYXhGUUIwaDJybmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABcLZCxsO
4x8xIGXH6J+Nxvt7qaCXMMKlSbiL7ggEMNmYJAPAzExKrd2p00z9OJEbnsgU67tV
f+2V5e/+Oi/ursJqJKXWYuBz8H8/XpEIgHHNxf27ZeA8Ufd0VLDc6PYiJcbL9dqa
yULJJC55eMVLCFqA8j4ADgx3O0c/PmLq1OaKJzJ3xZj9Co8e+ZaJPlCoTvBiq718
wg7LXecvJhik1i3DDHt8e3rRI0sDyjA4MKjzDqQGUJDNY0zP04XbQY2jmMcVQNJ2
v79N86LA2xWK2ngiW26pBmfTiHj3mRfbL92Sz4XD+Ko9/BVLnYViGGZ8VUBSAIgQ
xL6l02ZEVyzO0Q==
-----END CERTIFICATE-----