Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
File:                     aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json)
Hash identifier:          /f+0fgYUdLoQz4MGh5nbEEOrZcLIh+ClyJAKrVIlTkQ=
Subject key identifier:   63:2A:8E:13:52:54:7E:BF:4D:91:44:2A:8D:53:34:D7:21:3E:64:56
Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52
Certificate issuer:       /CN=680928a91f8f7e6397e6c65d0e0b66291796d352
Certificate serial:       01963F54E1500A25E1E74923DE6E6BB34502
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
Manifest number:          10B6
Signing time:             Wed 16 Apr 2025 16:00:49 +0000
Manifest this update:     Wed 16 Apr 2025 16:00:49 +0000
Manifest next update:     Thu 17 Apr 2025 16:00:49 +0000
Files and hashes:         1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: sfg4+SQnIFPQd07WrANsC0EuwLMVDAwVNcOW7ALH1nE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:54:e1:50:0a:25:e1:e7:49:23:de:6e:6b:b3:45:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352
        Validity
            Not Before: Apr 16 16:00:49 2025 GMT
            Not After : Apr 17 16:00:49 2025 GMT
        Subject: CN=632a8e1352547ebf4d91442a8d5334d7213e6456
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:5b:a9:64:e7:fa:9f:ab:87:3b:4c:27:e9:42:
                    78:c1:b4:cb:95:da:40:5a:71:26:57:8d:2d:e4:f2:
                    75:e8:0a:30:93:1c:47:04:e2:e2:3c:d6:09:e5:af:
                    80:c4:85:ef:45:87:c0:9b:07:57:5d:a1:ee:40:a4:
                    fb:b8:97:39:ea:69:76:f8:88:cb:25:c6:d9:16:12:
                    e8:88:d4:7d:e5:e4:48:b8:80:f0:3f:23:39:3f:c4:
                    e5:5b:b5:62:be:b9:ba:3e:e9:ce:e3:5f:15:a3:ff:
                    b0:28:46:90:5e:fd:e6:12:51:42:b4:68:2f:fb:22:
                    c3:9a:3f:de:b8:08:9b:28:78:8d:e2:1b:4a:e7:8d:
                    07:95:44:43:9a:10:2c:d8:14:46:d5:a2:36:49:be:
                    4e:38:95:75:45:a5:8a:d7:8d:bb:99:f3:b8:2a:6c:
                    bc:4f:17:f3:c2:ff:3a:0a:d1:65:d8:5e:c4:42:c8:
                    a9:a3:42:a7:4f:8d:85:7b:fa:cb:c2:e4:e5:5c:52:
                    ee:d9:fa:22:dd:be:50:be:3e:95:1b:d1:bc:4d:77:
                    ae:5d:80:bf:1b:57:4a:7d:5c:3f:f1:ab:5c:32:42:
                    c1:39:f4:6d:fe:da:f1:3c:7c:31:85:74:c5:74:49:
                    7f:42:3b:c6:9e:b3:93:bd:ba:94:8f:5f:92:e9:4e:
                    30:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:2A:8E:13:52:54:7E:BF:4D:91:44:2A:8D:53:34:D7:21:3E:64:56
            X509v3 Authority Key Identifier:
                keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:0f:47:6f:10:03:ec:03:0d:91:17:d8:18:5f:cf:0f:45:2a:
         80:3c:69:5c:bf:3b:b6:a8:0c:b8:2e:36:9b:34:71:8a:45:29:
         2c:39:d0:a6:aa:69:9d:03:d3:af:a9:2e:fe:31:b3:cc:a4:20:
         68:1f:4d:e4:e8:eb:16:46:c3:37:25:ee:eb:73:8e:a6:cd:93:
         d2:36:a9:40:2f:14:e4:42:5d:fa:cb:dd:15:b7:1c:49:ff:9f:
         62:ba:ac:32:08:ad:dd:e5:ab:e8:f7:de:7d:22:16:46:a5:64:
         ab:bb:6e:df:33:1b:df:f7:6b:40:85:b5:f7:93:0e:4b:ab:dc:
         0d:36:71:0e:18:df:dd:38:49:eb:21:27:dd:aa:d8:91:24:87:
         d0:46:fc:1f:f3:fc:3b:7d:22:25:53:31:08:7a:60:50:8d:2e:
         2c:42:90:a9:1c:ec:a7:46:62:b7:61:20:a9:1c:8e:84:2b:c2:
         4a:8b:20:49:ea:ef:25:18:59:88:b9:bd:1e:d0:b6:a8:62:c8:
         3b:60:ac:53:1e:73:54:ff:c1:34:9c:ac:b4:99:3b:95:7f:3b:
         d7:a3:66:83:5f:7b:5c:0d:5c:63:12:bb:d3:80:5a:87:12:d1:
         93:8f:a6:17:65:b1:fd:d3:fd:6b:73:ad:78:5b:0e:9a:77:8a:
         49:0a:24:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/VOFQCiXh50kj3m5rs0UCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5
NmQzNTIwHhcNMjUwNDE2MTYwMDQ5WhcNMjUwNDE3MTYwMDQ5WjAzMTEwLwYDVQQD
Eyg2MzJhOGUxMzUyNTQ3ZWJmNGQ5MTQ0MmE4ZDUzMzRkNzIxM2U2NDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVupZOf6n6uHO0wn6UJ4wbTLldpA
WnEmV40t5PJ16AowkxxHBOLiPNYJ5a+AxIXvRYfAmwdXXaHuQKT7uJc56ml2+IjL
JcbZFhLoiNR95eRIuIDwPyM5P8TlW7Vivrm6PunO418Vo/+wKEaQXv3mElFCtGgv
+yLDmj/euAibKHiN4htK540HlURDmhAs2BRG1aI2Sb5OOJV1RaWK1427mfO4Kmy8
Txfzwv86CtFl2F7EQsipo0KnT42Fe/rLwuTlXFLu2foi3b5Qvj6VG9G8TXeuXYC/
G1dKfVw/8atcMkLBOfRt/trxPHwxhXTFdEl/QjvGnrOTvbqUj1+S6U4wLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMqjhNSVH6/TZFEKo1TNNchPmRWMB8GA1UdIwQY
MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt
OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5
LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWA9HbxAD
7AMNkRfYGF/PD0UqgDxpXL87tqgMuC42mzRxikUpLDnQpqppnQPTr6ku/jGzzKQg
aB9N5OjrFkbDNyXu63OOps2T0japQC8U5EJd+svdFbccSf+fYrqsMgit3eWr6Pfe
fSIWRqVkq7tu3zMb3/drQIW195MOS6vcDTZxDhjf3ThJ6yEn3arYkSSH0Eb8H/P8
O30iJVMxCHpgUI0uLEKQqRzsp0Zit2EgqRyOhCvCSosgServJRhZiLm9HtC2qGLI
O2CsUx5zVP/BNJystJk7lX8716Nmg197XA1cYxK704BahxLRk4+mF2Wx/dP9a3Ot
eFsOmneKSQok/A==
-----END CERTIFICATE-----