Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
File:                     aweCDo1ADzwl3dC-G0bFTpVZYKE.mft (raw, json)
Hash identifier:          YrDlJ3zMUM2ffyNSxLfQBerF+7DQwh72ixBmzxnXHK4=
Subject key identifier:   F4:0B:83:4F:3A:03:45:B6:93:F5:57:0C:60:EE:3B:A9:38:7A:1F:ED
Authority key identifier: 6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1
Certificate issuer:       /CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
Certificate serial:       019644B1D8B5A2F239DD80F117A3390F0C8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
Manifest number:          0C0F
Signing time:             Thu 17 Apr 2025 17:00:28 +0000
Manifest this update:     Thu 17 Apr 2025 17:00:28 +0000
Manifest next update:     Fri 18 Apr 2025 17:00:28 +0000
Files and hashes:         1: aweCDo1ADzwl3dC-G0bFTpVZYKE.crl (hash: SLyzuqywEM05fVbN2Oe+bhsxZC/A4ICegG8fukVrSRo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 18 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:44:b1:d8:b5:a2:f2:39:dd:80:f1:17:a3:39:0f:0c:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
        Validity
            Not Before: Apr 17 17:00:28 2025 GMT
            Not After : Apr 18 17:00:28 2025 GMT
        Subject: CN=f40b834f3a0345b693f5570c60ee3ba9387a1fed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1d:9a:10:a4:7a:9b:b1:38:27:19:b5:0b:7e:
                    4c:78:60:d6:1f:3d:23:f0:44:06:95:5c:57:75:c8:
                    4b:20:c2:eb:0a:aa:dd:e8:5d:03:dd:b4:2f:24:47:
                    f1:bd:ed:6d:32:3c:a6:7d:b8:db:13:bb:8e:23:69:
                    d4:fe:48:26:ad:1e:59:29:28:85:7d:63:e3:bd:ee:
                    9a:5d:9e:9f:56:7d:bd:ef:4c:26:65:3d:33:4a:31:
                    5c:c6:35:48:00:8c:9b:e0:de:d8:e7:e7:97:df:52:
                    0d:dd:b3:ca:48:f2:f6:27:a4:c8:65:8d:40:eb:61:
                    16:39:ec:42:22:84:31:37:30:e1:6e:f3:ae:52:9b:
                    38:14:10:16:7a:ba:5a:ad:e9:49:3e:e0:00:1a:49:
                    45:24:44:dd:ef:05:04:0e:c7:a1:71:e4:cf:23:86:
                    3c:ec:48:c8:40:2c:60:16:06:9b:09:39:c7:d3:ef:
                    ed:31:f2:78:eb:5a:bb:cf:38:e5:ee:f2:07:01:6b:
                    bc:7f:7f:a4:ce:c8:b3:0d:89:4b:b4:a7:5e:12:ed:
                    db:7e:35:86:5a:76:c5:8e:b3:a4:c6:5b:00:df:1d:
                    28:f2:84:22:3f:36:c9:b6:72:84:3d:6a:27:a3:17:
                    84:bd:34:60:be:98:c8:eb:73:8f:08:25:87:94:4b:
                    ae:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:0B:83:4F:3A:03:45:B6:93:F5:57:0C:60:EE:3B:A9:38:7A:1F:ED
            X509v3 Authority Key Identifier:
                keyid:6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:66:2a:68:2d:a5:ed:12:e6:6a:9b:f6:94:d7:27:d4:80:cb:
         6a:53:a8:55:f5:46:57:f3:2f:e9:d8:7e:f6:ce:48:72:19:cc:
         a6:93:c1:3c:b2:1d:61:58:86:f8:0d:7b:e5:f9:00:42:33:0a:
         a6:33:15:e6:03:7d:8f:4a:d3:b5:0f:f5:ea:29:ea:90:bf:80:
         01:e6:c0:72:1d:20:0b:4c:7f:c8:5c:f1:a5:31:e3:ca:3c:70:
         e3:47:47:5a:fe:50:56:11:d6:16:c9:03:3b:4f:43:28:e2:e2:
         2b:5f:31:0a:82:d6:4b:a3:51:8f:f5:62:96:8e:36:cd:db:2e:
         72:06:e2:c1:58:4a:ad:76:0e:52:fc:b2:22:b7:af:65:42:a9:
         61:5c:cb:62:ac:27:dd:6f:f2:02:d0:fc:c3:71:52:68:ef:6a:
         5b:b4:4f:9f:aa:e9:db:94:5b:0d:fa:55:da:bf:f2:96:bd:f8:
         a9:b2:d7:80:3f:0c:52:4b:ab:9f:c9:52:e4:1f:94:30:5d:70:
         d9:3f:3c:4a:64:51:0e:f7:e4:b8:35:c9:29:94:2d:d2:0d:5c:
         97:d5:88:f0:09:c8:af:af:e8:51:6d:d3:52:2c:d5:51:e4:ff:
         d3:56:5e:7a:ca:4a:e4:39:19:01:34:5d:50:12:d3:39:4d:81:
         67:cc:42:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZEsdi1ovI53YDxF6M5DwyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMDc4MjBlOGQ0MDBmM2MyNWRkZDBiZTFiNDZjNTRlOTU1
OTYwYTEwHhcNMjUwNDE3MTcwMDI4WhcNMjUwNDE4MTcwMDI4WjAzMTEwLwYDVQQD
EyhmNDBiODM0ZjNhMDM0NWI2OTNmNTU3MGM2MGVlM2JhOTM4N2ExZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB2aEKR6m7E4Jxm1C35MeGDWHz0j
8EQGlVxXdchLIMLrCqrd6F0D3bQvJEfxve1tMjymfbjbE7uOI2nU/kgmrR5ZKSiF
fWPjve6aXZ6fVn2970wmZT0zSjFcxjVIAIyb4N7Y5+eX31IN3bPKSPL2J6TIZY1A
62EWOexCIoQxNzDhbvOuUps4FBAWerparelJPuAAGklFJETd7wUEDsehceTPI4Y8
7EjIQCxgFgabCTnH0+/tMfJ461q7zzjl7vIHAWu8f3+kzsizDYlLtKdeEu3bfjWG
WnbFjrOkxlsA3x0o8oQiPzbJtnKEPWonoxeEvTRgvpjI63OPCCWHlEuuHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQLg086A0W2k/VXDGDuO6k4eh/tMB8GA1UdIwQY
MBaAFGsHgg6NQA88Jd3QvhtGxU6VWWChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQt
NGQ0OTMwODJkYTFjLzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQtNGQ0OTMwODJkYTFj
LzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbGYqaC2l
7RLmapv2lNcn1IDLalOoVfVGV/Mv6dh+9s5IchnMppPBPLIdYViG+A175fkAQjMK
pjMV5gN9j0rTtQ/16inqkL+AAebAch0gC0x/yFzxpTHjyjxw40dHWv5QVhHWFskD
O09DKOLiK18xCoLWS6NRj/Vilo42zdsucgbiwVhKrXYOUvyyIrevZUKpYVzLYqwn
3W/yAtD8w3FSaO9qW7RPn6rp25RbDfpV2r/ylr34qbLXgD8MUkurn8lS5B+UMF1w
2T88SmRRDvfkuDXJKZQt0g1cl9WI8AnIr6/oUW3TUizVUeT/01ZeespK5DkZATRd
UBLTOU2BZ8xCLQ==
-----END CERTIFICATE-----