Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          tnXKY+Rzbk065nKXsDKMFXR+zzbQcwR7dKGXg75fW/I=
Subject key identifier:   E2:B9:B8:F5:40:8C:BE:56:DD:D4:23:F4:F1:FE:21:A5:30:CA:20:CB
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       01965793CD0E1FCE9E579ADE54B654EFE5A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0A76
Signing time:             Mon 21 Apr 2025 09:00:26 +0000
Manifest this update:     Mon 21 Apr 2025 09:00:26 +0000
Manifest next update:     Tue 22 Apr 2025 09:00:26 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: jsx7PKPR4/sMLOOYfTA6k7cu4jLnXgdssroN1b3S/eY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:93:cd:0e:1f:ce:9e:57:9a:de:54:b6:54:ef:e5:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Apr 21 09:00:26 2025 GMT
            Not After : Apr 22 09:00:26 2025 GMT
        Subject: CN=e2b9b8f5408cbe56ddd423f4f1fe21a530ca20cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c8:f8:87:8f:07:4b:3b:55:37:4d:88:9f:54:
                    eb:91:b4:b1:f5:73:75:59:59:c2:33:c5:b6:5f:e6:
                    ed:96:12:6e:55:ad:1c:4f:df:bc:c6:1a:ec:27:99:
                    fc:f9:65:1c:ac:20:5b:38:a2:5b:ce:72:22:43:81:
                    ea:e3:81:e4:91:51:14:ee:7b:ae:84:0a:78:41:c2:
                    a7:c2:f7:eb:45:35:11:2f:54:ce:29:f6:6e:47:b7:
                    24:37:13:17:d4:34:8b:de:ef:a6:da:4a:fe:34:5b:
                    f7:72:64:0c:0e:96:11:ff:ae:b8:19:90:fe:46:a0:
                    55:f6:8b:bd:43:7e:76:71:8f:fb:0b:3e:f8:bb:d0:
                    9a:d2:81:a5:61:d2:38:88:1a:81:3d:c7:c7:6c:b1:
                    37:8a:15:45:40:25:e2:d5:99:cf:7a:49:c1:02:72:
                    84:36:5e:6e:10:e7:16:90:eb:66:aa:bb:95:d5:d7:
                    6a:b2:01:59:ba:8f:1e:22:ef:c4:74:5d:99:86:77:
                    26:f2:4a:b5:4f:d9:d5:f4:de:c1:ee:aa:23:6d:bd:
                    2d:28:a5:ef:1b:f3:49:31:e6:8e:00:90:48:8c:39:
                    2a:09:b5:b4:f7:4e:2c:f6:4f:5a:98:31:a5:59:eb:
                    1e:3b:b1:f7:55:48:6d:3d:5c:40:38:a6:1d:bb:9e:
                    73:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:B9:B8:F5:40:8C:BE:56:DD:D4:23:F4:F1:FE:21:A5:30:CA:20:CB
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:eb:dd:15:23:0d:46:49:7c:64:51:70:f6:d2:62:14:c1:35:
         99:21:33:76:d8:05:71:6a:58:45:25:09:46:77:11:eb:9a:8d:
         56:6d:80:ea:bb:57:e2:ed:27:b3:64:e4:39:d0:02:35:5b:55:
         6b:e1:d1:7d:6b:5d:96:da:ac:ca:f3:f2:36:3b:09:49:b2:1e:
         68:f2:3f:b8:5b:b8:ac:29:c2:69:66:e8:ab:b4:4d:c2:0b:a6:
         e3:ad:44:65:f9:eb:be:33:af:d0:40:f3:8a:69:64:56:68:ce:
         67:da:08:aa:a0:c9:86:49:25:eb:29:87:ab:73:22:a6:4b:bf:
         61:53:f4:ab:89:26:9a:44:1b:1d:96:89:a9:72:6d:c7:67:b6:
         11:c4:f8:a0:c0:5f:21:97:61:c1:26:41:85:ba:51:3c:50:25:
         ad:64:d4:7f:18:7f:9c:43:10:c0:ce:94:81:aa:cf:20:17:bd:
         e9:a0:93:1b:42:2c:04:24:da:3b:6f:7b:93:75:a6:6a:5c:8f:
         fd:34:ef:dd:ad:1b:dc:2b:10:2b:db:07:0d:e9:5f:fd:d7:d4:
         d6:23:01:fd:b9:d4:50:71:9c:64:c5:54:96:d7:31:b5:d2:92:
         2b:31:05:11:65:0f:d0:97:86:4f:eb:9b:80:81:ac:98:6c:15:
         60:47:38:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXk80OH86eV5reVLZU7+WlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUwNDIxMDkwMDI2WhcNMjUwNDIyMDkwMDI2WjAzMTEwLwYDVQQD
EyhlMmI5YjhmNTQwOGNiZTU2ZGRkNDIzZjRmMWZlMjFhNTMwY2EyMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcj4h48HSztVN02In1TrkbSx9XN1
WVnCM8W2X+btlhJuVa0cT9+8xhrsJ5n8+WUcrCBbOKJbznIiQ4Hq44HkkVEU7nuu
hAp4QcKnwvfrRTURL1TOKfZuR7ckNxMX1DSL3u+m2kr+NFv3cmQMDpYR/664GZD+
RqBV9ou9Q352cY/7Cz74u9Ca0oGlYdI4iBqBPcfHbLE3ihVFQCXi1ZnPeknBAnKE
Nl5uEOcWkOtmqruV1ddqsgFZuo8eIu/EdF2Zhncm8kq1T9nV9N7B7qojbb0tKKXv
G/NJMeaOAJBIjDkqCbW0904s9k9amDGlWeseO7H3VUhtPVxAOKYdu55zEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOK5uPVAjL5W3dQj9PH+IaUwyiDLMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApOvdFSMN
Rkl8ZFFw9tJiFME1mSEzdtgFcWpYRSUJRncR65qNVm2A6rtX4u0ns2TkOdACNVtV
a+HRfWtdltqsyvPyNjsJSbIeaPI/uFu4rCnCaWboq7RNwgum461EZfnrvjOv0EDz
imlkVmjOZ9oIqqDJhkkl6ymHq3Mipku/YVP0q4kmmkQbHZaJqXJtx2e2EcT4oMBf
IZdhwSZBhbpRPFAlrWTUfxh/nEMQwM6UgarPIBe96aCTG0IsBCTaO297k3WmalyP
/TTv3a0b3CsQK9sHDelf/dfU1iMB/bnUUHGcZMVUltcxtdKSKzEFEWUP0JeGT+ub
gIGsmGwVYEc4MA==
-----END CERTIFICATE-----