Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft
File:                     AhtowZzVXWul-GX7DdDW-MnZ49o.mft (raw, json)
Hash identifier:          3a0qtbZy9+iPB62DVDT2arU9hO3Fqvt8hV/AuHPYiWo=
Subject key identifier:   54:9B:0B:B4:4C:B1:4E:72:EB:7B:07:B6:28:9D:F1:D8:5A:DB:96:D3
Authority key identifier: 02:1B:68:C1:9C:D5:5D:6B:A5:F8:65:FB:0D:D0:D6:F8:C9:D9:E3:DA
Certificate issuer:       /CN=021b68c19cd55d6ba5f865fb0dd0d6f8c9d9e3da
Certificate serial:       01974E20383CBBF4B47783A7841A55A2F1AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft
Manifest number:          33
Signing time:             Sun 08 Jun 2025 06:00:23 +0000
Manifest this update:     Sun 08 Jun 2025 06:00:23 +0000
Manifest next update:     Mon 09 Jun 2025 06:00:23 +0000
Files and hashes:         1: AhtowZzVXWul-GX7DdDW-MnZ49o.crl (hash: +EmxCm5MO4Q0jBdyGND5K6rbnjx8qCL64z+cZ4HuogQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:20:38:3c:bb:f4:b4:77:83:a7:84:1a:55:a2:f1:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=021b68c19cd55d6ba5f865fb0dd0d6f8c9d9e3da
        Validity
            Not Before: Jun  8 06:00:23 2025 GMT
            Not After : Jun  9 06:00:23 2025 GMT
        Subject: CN=549b0bb44cb14e72eb7b07b6289df1d85adb96d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:37:ce:1a:06:06:96:4a:af:92:55:88:2f:4f:
                    1a:4a:86:f5:e1:78:fc:bf:84:2b:80:7b:8d:5a:ba:
                    35:b2:c6:06:fe:3a:17:8e:5b:64:2d:b2:08:aa:06:
                    9f:4b:85:81:11:b4:0b:39:95:57:3b:26:40:8f:b1:
                    f4:a5:f6:89:fa:f1:c5:af:1f:d6:cc:4c:20:b2:a4:
                    9c:58:5d:a9:f1:dc:92:0d:92:3e:a1:eb:7d:62:43:
                    8c:5f:5c:64:17:82:58:98:b0:d1:52:47:f2:7d:be:
                    1a:57:5c:a7:89:1c:57:32:af:ed:09:8e:1c:a6:61:
                    a0:c1:6a:cb:ac:a9:e6:5a:8e:3e:ce:69:93:d1:ba:
                    60:02:51:28:e9:02:7c:b7:63:15:f5:3b:96:63:3c:
                    9f:85:e0:70:5e:df:54:b0:d9:1b:c5:41:81:f4:a5:
                    c8:d1:4d:76:51:2c:2f:6d:ab:8d:e2:89:55:0e:9b:
                    ed:0a:ec:52:aa:d5:2d:d7:bd:66:3a:67:d2:fe:84:
                    a7:ea:70:19:77:3c:49:a8:74:39:c1:14:10:97:6c:
                    7d:45:5d:42:c6:1e:cf:e3:7e:54:80:d1:da:ef:ed:
                    c5:86:00:96:15:b4:8d:76:41:12:65:cb:3a:7c:af:
                    b1:51:4e:99:b9:bb:09:46:73:b9:49:03:08:ea:2b:
                    ef:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:9B:0B:B4:4C:B1:4E:72:EB:7B:07:B6:28:9D:F1:D8:5A:DB:96:D3
            X509v3 Authority Key Identifier:
                keyid:02:1B:68:C1:9C:D5:5D:6B:A5:F8:65:FB:0D:D0:D6:F8:C9:D9:E3:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AhtowZzVXWul-GX7DdDW-MnZ49o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c6167-ff9d-451b-84eb-7770e790720f/1/AhtowZzVXWul-GX7DdDW-MnZ49o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:5c:64:9c:97:3f:84:bf:c9:a1:25:bf:3a:36:a6:b4:10:f0:
         89:5e:0f:4f:48:c4:b3:a4:46:4c:4a:41:86:57:73:b9:3e:d3:
         56:b0:52:5d:31:c6:1d:d3:29:dd:94:bd:a4:45:df:47:9b:fb:
         09:d6:2f:49:cd:e7:d4:93:13:e4:16:14:78:2d:ed:ae:9c:0a:
         a8:39:e5:7c:32:7f:54:9b:d0:2e:51:70:34:fd:0c:3b:4d:35:
         97:16:98:21:d4:e9:b0:bb:22:f6:7e:5b:6c:8e:d0:4e:07:f9:
         d6:fa:f5:f5:6e:60:aa:d5:76:e4:67:1b:f3:30:e5:15:d9:60:
         6a:fe:39:9c:ad:5b:b3:7b:c9:e9:06:b8:c9:e4:ac:65:ca:23:
         42:ff:93:61:bd:b4:88:82:bf:28:3b:c8:b5:c9:42:fc:20:26:
         0a:07:3b:ac:83:40:74:d6:3e:b3:1c:96:0b:64:e2:62:ca:97:
         4f:8f:40:62:1b:ed:b8:c8:82:17:f7:2e:97:65:26:76:ae:45:
         45:3a:2f:3f:eb:30:77:87:1e:57:91:9a:c7:06:52:74:d6:7e:
         99:e7:e5:96:e5:8b:60:a6:ff:b0:17:e2:04:07:d5:0d:04:4e:
         b0:0f:c4:e9:62:ce:5c:a8:1c:88:3e:ab:87:25:1b:71:79:85:
         d6:c9:62:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOIDg8u/S0d4OnhBpVovGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMWI2OGMxOWNkNTVkNmJhNWY4NjVmYjBkZDBkNmY4Yzlk
OWUzZGEwHhcNMjUwNjA4MDYwMDIzWhcNMjUwNjA5MDYwMDIzWjAzMTEwLwYDVQQD
Eyg1NDliMGJiNDRjYjE0ZTcyZWI3YjA3YjYyODlkZjFkODVhZGI5NmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zfOGgYGlkqvklWIL08aSob14Xj8
v4QrgHuNWro1ssYG/joXjltkLbIIqgafS4WBEbQLOZVXOyZAj7H0pfaJ+vHFrx/W
zEwgsqScWF2p8dySDZI+oet9YkOMX1xkF4JYmLDRUkfyfb4aV1yniRxXMq/tCY4c
pmGgwWrLrKnmWo4+zmmT0bpgAlEo6QJ8t2MV9TuWYzyfheBwXt9UsNkbxUGB9KXI
0U12USwvbauN4olVDpvtCuxSqtUt171mOmfS/oSn6nAZdzxJqHQ5wRQQl2x9RV1C
xh7P435UgNHa7+3FhgCWFbSNdkESZcs6fK+xUU6ZubsJRnO5SQMI6ivv5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFSbC7RMsU5y63sHtiid8dha25bTMB8GA1UdIwQY
MBaAFAIbaMGc1V1rpfhl+w3Q1vjJ2ePaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85YzYxNjctZmY5ZC00NTFiLTg0ZWIt
Nzc3MGU3OTA3MjBmLzEvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85YzYxNjctZmY5ZC00NTFiLTg0ZWItNzc3MGU3OTA3MjBm
LzEvQWh0b3daelZYV3VsLUdYN0RkRFctTW5aNDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAolxknJc/
hL/JoSW/OjamtBDwiV4PT0jEs6RGTEpBhldzuT7TVrBSXTHGHdMp3ZS9pEXfR5v7
CdYvSc3n1JMT5BYUeC3trpwKqDnlfDJ/VJvQLlFwNP0MO001lxaYIdTpsLsi9n5b
bI7QTgf51vr19W5gqtV25Gcb8zDlFdlgav45nK1bs3vJ6Qa4yeSsZcojQv+TYb20
iIK/KDvItclC/CAmCgc7rINAdNY+sxyWC2TiYsqXT49AYhvtuMiCF/cul2Umdq5F
RTovP+swd4ceV5GaxwZSdNZ+meflluWLYKb/sBfiBAfVDQROsA/E6WLOXKgciD6r
hyUbcXmF1slijg==
-----END CERTIFICATE-----