Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
File:                     AKTVv_pzY0hD6QPjexj97g2sWFs.mft (raw, json)
Hash identifier:          H0jVMNFEMYH+LbDCq8wpwu372nkBnMTAkoGHUzLNhBc=
Subject key identifier:   10:23:63:98:C1:42:E4:0D:E4:FB:22:FB:E4:82:65:A2:8D:1F:20:72
Authority key identifier: 00:A4:D5:BF:FA:73:63:48:43:E9:03:E3:7B:18:FD:EE:0D:AC:58:5B
Certificate issuer:       /CN=00a4d5bffa73634843e903e37b18fdee0dac585b
Certificate serial:       01965726BC19AB604776488A6B870665BBB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
Manifest number:          23
Signing time:             Mon 21 Apr 2025 07:01:18 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:18 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:18 +0000
Files and hashes:         1: AKTVv_pzY0hD6QPjexj97g2sWFs.crl (hash: VPcVDM+b0EwtpYbfHgqLxPL0IQczunyYDa7UXg4LZJE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 07:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:bc:19:ab:60:47:76:48:8a:6b:87:06:65:bb:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00a4d5bffa73634843e903e37b18fdee0dac585b
        Validity
            Not Before: Apr 21 07:01:18 2025 GMT
            Not After : Apr 22 07:01:18 2025 GMT
        Subject: CN=10236398c142e40de4fb22fbe48265a28d1f2072
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ff:1c:60:e0:86:f5:4f:6a:8d:16:56:0e:8c:
                    71:34:68:f7:1a:b9:06:44:1e:aa:3d:a8:f1:e6:ef:
                    8d:09:f0:86:c5:a9:23:15:25:b9:c0:8d:3d:88:75:
                    67:58:3c:09:67:63:4c:c5:6e:dd:e0:e1:09:50:6c:
                    3b:e3:61:d7:b3:18:f4:65:d1:01:3c:bc:98:41:3a:
                    97:a0:36:01:a2:9d:9e:73:cf:df:44:d4:f2:37:b0:
                    98:91:f9:fa:ac:be:89:a8:84:cc:72:4a:e5:19:24:
                    a2:4c:fe:a4:74:32:cd:5d:8e:ee:93:87:fa:6a:83:
                    2d:db:cd:87:f6:f4:46:d5:c8:ae:60:bd:fa:50:79:
                    60:73:39:f1:cd:f9:3b:3a:2e:c6:0f:84:e6:6c:e5:
                    20:96:73:4f:38:cd:e0:d1:04:74:d9:08:d2:2c:94:
                    be:6c:78:31:ae:f0:93:6e:e6:b2:55:6e:5b:c3:b2:
                    e2:e5:0b:a4:44:bb:c9:e2:0b:1e:7d:09:28:dc:53:
                    33:eb:60:74:68:42:cd:ec:d9:58:c5:96:12:1c:67:
                    bd:6e:dc:e6:0b:b2:a3:56:a3:ea:72:fd:38:a6:8b:
                    50:ac:6f:60:1d:0f:e0:c7:5b:55:c5:f6:42:00:64:
                    b7:d3:33:4f:a9:28:15:76:34:fe:21:c4:32:51:a7:
                    53:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:23:63:98:C1:42:E4:0D:E4:FB:22:FB:E4:82:65:A2:8D:1F:20:72
            X509v3 Authority Key Identifier:
                keyid:00:A4:D5:BF:FA:73:63:48:43:E9:03:E3:7B:18:FD:EE:0D:AC:58:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:7b:97:11:a7:98:99:54:c4:3d:f7:b7:e9:28:48:f7:e9:05:
         8c:7a:d7:55:87:98:ad:3a:81:c6:0d:9f:60:ff:e6:b5:d6:d0:
         0d:95:e7:fd:db:58:d7:f0:ff:1a:dc:9a:98:97:58:4e:f4:45:
         a5:18:3e:ac:9b:9e:ac:f0:a9:e5:a5:e0:62:3b:da:ba:b9:cb:
         3c:59:e8:e9:20:80:2a:7b:78:04:da:12:74:55:96:a9:78:3b:
         ca:f7:c6:b6:aa:e8:8e:eb:5b:07:7a:34:79:0b:b8:cc:02:d4:
         01:e7:d1:9b:12:76:e2:58:9f:5d:a9:6c:5a:08:ce:03:f1:61:
         b1:23:bc:51:37:f3:74:8a:53:03:fb:2d:7b:04:b0:25:67:b9:
         fc:4d:c9:10:23:25:6c:27:a7:02:86:b9:1f:21:8e:f8:ee:a6:
         3f:30:09:9b:dd:88:cf:b2:8e:38:5f:c8:5f:74:c4:54:8c:eb:
         1d:f2:f0:47:3f:9f:04:eb:25:57:a6:8c:e5:bb:2b:cd:f4:c9:
         4e:c5:44:63:17:ce:77:17:4a:6b:d2:06:d6:4b:2b:ac:e5:a5:
         76:f5:ea:98:11:f1:c5:9a:d1:4a:4d:2d:f7:2d:e8:3b:a3:7d:
         1b:8d:af:5b:df:39:28:78:8e:ad:32:5a:ba:b2:33:25:7f:f5:
         8b:db:aa:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJrwZq2BHdkiKa4cGZbuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYTRkNWJmZmE3MzYzNDg0M2U5MDNlMzdiMThmZGVlMGRh
YzU4NWIwHhcNMjUwNDIxMDcwMTE4WhcNMjUwNDIyMDcwMTE4WjAzMTEwLwYDVQQD
EygxMDIzNjM5OGMxNDJlNDBkZTRmYjIyZmJlNDgyNjVhMjhkMWYyMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4v8cYOCG9U9qjRZWDoxxNGj3GrkG
RB6qPajx5u+NCfCGxakjFSW5wI09iHVnWDwJZ2NMxW7d4OEJUGw742HXsxj0ZdEB
PLyYQTqXoDYBop2ec8/fRNTyN7CYkfn6rL6JqITMckrlGSSiTP6kdDLNXY7uk4f6
aoMt282H9vRG1ciuYL36UHlgcznxzfk7Oi7GD4TmbOUglnNPOM3g0QR02QjSLJS+
bHgxrvCTbuayVW5bw7Li5QukRLvJ4gsefQko3FMz62B0aELN7NlYxZYSHGe9btzm
C7KjVqPqcv04potQrG9gHQ/gx1tVxfZCAGS30zNPqSgVdjT+IcQyUadTBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBAjY5jBQuQN5Psi++SCZaKNHyByMB8GA1UdIwQY
MBaAFACk1b/6c2NIQ+kD43sY/e4NrFhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC85NmU2NDAtODVhNS00NzViLTk0Y2It
ODRlZTY5ZWQ5M2E0LzEvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC85NmU2NDAtODVhNS00NzViLTk0Y2ItODRlZTY5ZWQ5M2E0
LzEvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh3uXEaeY
mVTEPfe36ShI9+kFjHrXVYeYrTqBxg2fYP/mtdbQDZXn/dtY1/D/GtyamJdYTvRF
pRg+rJuerPCp5aXgYjvaurnLPFno6SCAKnt4BNoSdFWWqXg7yvfGtqrojutbB3o0
eQu4zALUAefRmxJ24lifXalsWgjOA/FhsSO8UTfzdIpTA/stewSwJWe5/E3JECMl
bCenAoa5HyGO+O6mPzAJm92Iz7KOOF/IX3TEVIzrHfLwRz+fBOslV6aM5bsrzfTJ
TsVEYxfOdxdKa9IG1ksrrOWldvXqmBHxxZrRSk0t9y3oO6N9G42vW985KHiOrTJa
urIzJX/1i9uq3A==
-----END CERTIFICATE-----