Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
File:                     AZYrnNLlVrWW_HJDVlgHueLchoo.mft (raw, json)
Hash identifier:          KYH6F7fzDLzA3Ba++ILVAWXKarU3BuFx/Kw83IBMayY=
Subject key identifier:   B6:F4:72:7C:7F:F1:AB:46:4A:D6:D5:05:5B:AB:ED:61:5F:33:2C:2A
Authority key identifier: 01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A
Certificate issuer:       /CN=01962b9cd2e556b596fc7243565807b9e2dc868a
Certificate serial:       0196534A42F54E893DF19C4A816B07ED77AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
Manifest number:          0606
Signing time:             Sun 20 Apr 2025 13:01:37 +0000
Manifest this update:     Sun 20 Apr 2025 13:01:37 +0000
Manifest next update:     Mon 21 Apr 2025 13:01:37 +0000
Files and hashes:         1: AZYrnNLlVrWW_HJDVlgHueLchoo.crl (hash: T/PN1GYjjaTfyvYXDehnQ4ZN9eR8kLIbq/4Q26Zb6B0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:53:4a:42:f5:4e:89:3d:f1:9c:4a:81:6b:07:ed:77:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01962b9cd2e556b596fc7243565807b9e2dc868a
        Validity
            Not Before: Apr 20 13:01:37 2025 GMT
            Not After : Apr 21 13:01:37 2025 GMT
        Subject: CN=b6f4727c7ff1ab464ad6d5055babed615f332c2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:45:95:fb:02:73:ed:67:e7:4d:85:78:da:34:
                    4f:dd:7b:8c:e0:0c:1c:cb:bc:72:f6:c4:f5:d2:b0:
                    6f:ad:a9:96:8b:93:53:96:8d:3e:36:0c:2a:cc:c1:
                    2c:d1:d3:21:f7:4f:66:0c:9d:28:e0:bd:62:da:2f:
                    aa:d2:ab:93:21:12:5b:b8:62:78:33:a6:8c:69:d5:
                    d5:d3:b9:d8:c8:b4:1b:20:c6:b1:0a:08:68:52:4d:
                    f5:e7:82:03:01:dd:08:2d:0e:c2:bd:d4:7f:01:a7:
                    b2:64:be:75:c0:67:85:3e:ea:ba:ab:6b:65:ff:50:
                    1b:3c:da:d6:79:f7:f3:09:20:4a:b6:7a:db:04:d0:
                    b2:7c:10:85:a3:e9:7b:6d:40:94:23:99:2e:ea:43:
                    98:53:79:9b:a7:41:d7:07:2c:be:8f:42:9a:7d:9d:
                    38:dc:7f:6c:22:13:ff:42:f2:8f:3a:4b:0e:dd:75:
                    c8:de:8e:5d:4d:cd:c6:04:fd:f9:0a:93:d1:19:2f:
                    7e:af:d9:3c:34:a7:13:6c:f1:06:93:86:c8:a1:0e:
                    5c:d6:59:a1:c0:ca:bc:73:5c:7d:fd:92:bd:7b:fc:
                    a2:da:5e:cd:33:58:44:b6:ae:b0:c3:74:8a:b1:b9:
                    56:8b:2b:55:79:41:77:7d:7b:8c:bb:59:66:88:19:
                    b9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:F4:72:7C:7F:F1:AB:46:4A:D6:D5:05:5B:AB:ED:61:5F:33:2C:2A
            X509v3 Authority Key Identifier:
                keyid:01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:47:27:cb:e9:f2:09:aa:62:22:35:2e:cd:6c:df:f7:2e:4e:
         1a:c0:7d:17:08:0f:0a:9f:e5:71:8e:87:35:dc:df:87:a4:63:
         62:c8:9e:46:4c:67:71:f8:65:df:57:2c:e1:2c:4f:74:d0:43:
         0f:8d:2f:c5:59:83:3c:90:49:1c:e1:8f:27:ad:e6:13:5d:01:
         d6:99:f7:8f:60:e8:c8:b4:d9:14:74:6c:d2:28:fb:ed:22:66:
         db:81:d0:ae:cd:71:2b:3e:dc:e8:f1:9f:dd:e8:f8:fb:16:9b:
         45:45:36:c2:bc:4d:f3:14:b9:1f:c5:19:77:08:60:af:24:ae:
         72:8d:16:94:8c:63:5c:fb:75:8e:eb:d2:ac:dd:c4:2c:b7:05:
         68:51:89:bf:2e:fb:d6:c0:67:f4:cb:09:c3:7f:26:c2:00:3d:
         53:2a:f1:96:7e:d9:f9:26:7d:7f:c8:6a:10:38:01:41:0f:0d:
         14:34:6b:c1:29:e1:ea:1c:39:2e:ff:8e:59:f3:86:d4:98:cf:
         c2:d3:85:23:ad:74:68:b1:5c:d8:4c:b8:05:76:30:95:39:e2:
         0f:ed:bc:23:72:86:e3:45:b9:c7:e7:5f:e2:97:ef:0e:ed:3d:
         e1:cb:e8:99:d5:33:d0:9e:ce:8f:e6:19:b4:0c:a8:92:99:d7:
         2d:26:cd:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZTSkL1Tok98ZxKgWsH7XesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTYyYjljZDJlNTU2YjU5NmZjNzI0MzU2NTgwN2I5ZTJk
Yzg2OGEwHhcNMjUwNDIwMTMwMTM3WhcNMjUwNDIxMTMwMTM3WjAzMTEwLwYDVQQD
EyhiNmY0NzI3YzdmZjFhYjQ2NGFkNmQ1MDU1YmFiZWQ2MTVmMzMyYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0WV+wJz7WfnTYV42jRP3XuM4Awc
y7xy9sT10rBvramWi5NTlo0+NgwqzMEs0dMh909mDJ0o4L1i2i+q0quTIRJbuGJ4
M6aMadXV07nYyLQbIMaxCghoUk3154IDAd0ILQ7CvdR/AaeyZL51wGeFPuq6q2tl
/1AbPNrWeffzCSBKtnrbBNCyfBCFo+l7bUCUI5ku6kOYU3mbp0HXByy+j0KafZ04
3H9sIhP/QvKPOksO3XXI3o5dTc3GBP35CpPRGS9+r9k8NKcTbPEGk4bIoQ5c1lmh
wMq8c1x9/ZK9e/yi2l7NM1hEtq6ww3SKsblWiytVeUF3fXuMu1lmiBm5lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLb0cnx/8atGStbVBVur7WFfMywqMB8GA1UdIwQY
MBaAFAGWK5zS5Va1lvxyQ1ZYB7ni3IaKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEt
NzAzNDJhMmU3NTMzLzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEtNzAzNDJhMmU3NTMz
LzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnEcny+ny
CapiIjUuzWzf9y5OGsB9FwgPCp/lcY6HNdzfh6RjYsieRkxncfhl31cs4SxPdNBD
D40vxVmDPJBJHOGPJ63mE10B1pn3j2DoyLTZFHRs0ij77SJm24HQrs1xKz7c6PGf
3ej4+xabRUU2wrxN8xS5H8UZdwhgrySuco0WlIxjXPt1juvSrN3ELLcFaFGJvy77
1sBn9MsJw38mwgA9Uyrxln7Z+SZ9f8hqEDgBQQ8NFDRrwSnh6hw5Lv+OWfOG1JjP
wtOFI610aLFc2Ey4BXYwlTniD+28I3KG40W5x+df4pfvDu094cvomdUz0J7Oj+YZ
tAyokpnXLSbNyg==
-----END CERTIFICATE-----