Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File:                     AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier:          5J2hFBGdqhV4ntpFWmnGkle2+b+QHb80O7xfim0k/Zk=
Subject key identifier:   47:96:1D:32:97:F1:1A:25:AF:AF:DC:8D:DE:AF:F0:80:D1:B8:E7:E9
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer:       /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial:       01984776EC053F4A4A358CA3A54AFF1D2C0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number:          0DAB
Signing time:             Sat 26 Jul 2025 16:00:32 +0000
Manifest this update:     Sat 26 Jul 2025 16:00:32 +0000
Manifest next update:     Sun 27 Jul 2025 16:00:32 +0000
Files and hashes:         1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: 7Fa+4p0LzjdUewgzRSrHFsNkc1MfUEQS2pbPeCxLg/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 11:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:47:76:ec:05:3f:4a:4a:35:8c:a3:a5:4a:ff:1d:2c:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
        Validity
            Not Before: Jul 26 16:00:32 2025 GMT
            Not After : Jul 27 16:00:32 2025 GMT
        Subject: CN=47961d3297f11a25afafdc8ddeaff080d1b8e7e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:10:d0:40:5e:6f:77:69:a6:a1:60:76:bb:a1:
                    a7:89:f2:f3:70:f9:3d:b7:7d:37:d7:8d:2a:af:f7:
                    78:99:05:5a:b7:22:fb:d3:9a:17:b7:32:9a:2b:dc:
                    aa:9f:5a:af:66:c7:6d:2d:53:a4:f1:b3:28:3e:45:
                    98:60:c5:bd:93:ec:c2:28:52:d7:5f:2e:9d:39:ab:
                    35:84:98:b6:e8:dd:65:26:95:84:95:c0:e5:67:74:
                    9e:04:5f:6b:fc:de:14:f4:13:17:aa:32:a8:24:66:
                    dc:bf:20:20:5b:6a:aa:14:56:ce:8e:a9:5c:df:e9:
                    eb:52:9a:83:c5:cb:b0:58:f2:ae:9b:ed:98:1c:85:
                    b4:bd:c0:e0:02:07:fa:a7:cb:a6:73:76:f7:e0:ab:
                    99:60:b1:10:c3:f2:81:0e:7b:cc:66:9c:49:9e:df:
                    66:24:d7:42:47:3f:23:02:0c:2b:38:a0:4a:6b:79:
                    09:53:cd:eb:1c:a2:75:c8:95:e2:2b:51:ce:24:ef:
                    55:ae:e7:a7:dd:09:58:c0:7b:ec:24:90:dd:0c:44:
                    03:24:fa:20:47:91:89:d1:ec:8d:30:27:c7:4d:92:
                    cc:48:3a:3f:35:67:3f:d0:78:74:76:a8:45:e6:a5:
                    ab:b7:0d:a4:5e:7c:ff:2e:c0:6b:d2:7a:6d:23:ad:
                    24:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:96:1D:32:97:F1:1A:25:AF:AF:DC:8D:DE:AF:F0:80:D1:B8:E7:E9
            X509v3 Authority Key Identifier:
                keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:db:d3:10:a6:f5:87:fd:60:b9:f7:20:4f:67:26:24:8f:c6:
         b6:34:eb:22:48:fc:7b:fa:74:03:bc:45:07:8b:ea:7b:87:2a:
         69:04:af:11:55:1d:c4:09:2f:71:5f:74:90:03:a8:c2:d4:ff:
         6e:66:63:09:da:1d:0b:1c:1a:70:bc:f7:bf:0a:04:da:5e:06:
         6a:fb:fd:56:7b:c1:72:ec:33:e0:68:86:8c:d8:4c:9c:95:c1:
         21:cb:e8:dc:71:8e:c1:7c:69:fc:7e:90:b0:2f:d0:ca:6a:8a:
         74:f3:dd:01:2c:5c:50:79:1f:cb:85:11:b6:d2:cc:74:88:09:
         19:ae:e6:e7:40:71:45:27:7f:3f:38:18:85:61:10:68:cb:e2:
         75:ac:10:e9:77:a0:d9:cc:4b:21:43:38:d8:00:98:c4:34:8a:
         8d:bf:f8:6a:68:bf:c6:3f:3c:a9:35:9a:39:0f:a7:21:8b:5e:
         ef:1b:44:c9:bc:f6:d7:70:64:c9:a2:62:6f:76:10:28:ab:c8:
         52:e8:da:ef:db:06:6e:c2:4c:72:64:24:17:ac:e9:a0:05:10:
         f7:ea:a3:21:c0:82:f3:d3:2b:11:23:27:47:93:66:b8:fc:ca:
         1b:05:ea:c2:56:4a:4b:f1:97:1d:83:f6:de:d5:1d:86:92:96:
         e6:72:75:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhHduwFP0pKNYyjpUr/HSwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjUwNzI2MTYwMDMyWhcNMjUwNzI3MTYwMDMyWjAzMTEwLwYDVQQD
Eyg0Nzk2MWQzMjk3ZjExYTI1YWZhZmRjOGRkZWFmZjA4MGQxYjhlN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBDQQF5vd2mmoWB2u6GnifLzcPk9
t303140qr/d4mQVatyL705oXtzKaK9yqn1qvZsdtLVOk8bMoPkWYYMW9k+zCKFLX
Xy6dOas1hJi26N1lJpWElcDlZ3SeBF9r/N4U9BMXqjKoJGbcvyAgW2qqFFbOjqlc
3+nrUpqDxcuwWPKum+2YHIW0vcDgAgf6p8umc3b34KuZYLEQw/KBDnvMZpxJnt9m
JNdCRz8jAgwrOKBKa3kJU83rHKJ1yJXiK1HOJO9Vruen3QlYwHvsJJDdDEQDJPog
R5GJ0eyNMCfHTZLMSDo/NWc/0Hh0dqhF5qWrtw2kXnz/LsBr0nptI60kBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEeWHTKX8Rolr6/cjd6v8IDRuOfpMB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEtvTEKb1
h/1gufcgT2cmJI/GtjTrIkj8e/p0A7xFB4vqe4cqaQSvEVUdxAkvcV90kAOowtT/
bmZjCdodCxwacLz3vwoE2l4Gavv9VnvBcuwz4GiGjNhMnJXBIcvo3HGOwXxp/H6Q
sC/QymqKdPPdASxcUHkfy4URttLMdIgJGa7m50BxRSd/PzgYhWEQaMvidawQ6Xeg
2cxLIUM42ACYxDSKjb/4ami/xj88qTWaOQ+nIYte7xtEybz213BkyaJib3YQKKvI
Uuja79sGbsJMcmQkF6zpoAUQ9+qjIcCC89MrESMnR5NmuPzKGwXqwlZKS/GXHYP2
3tUdhpKW5nJ1Qw==
-----END CERTIFICATE-----