Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
File:                     aWZRzL2U9r6et0MyEiM1yrvvw5o.mft (raw, json)
Hash identifier:          bsHCNBxLr4+C9v4AIkR7xDz4XLRuLeezcYO9BMrebzA=
Subject key identifier:   42:17:2D:32:3A:0C:14:41:FE:C6:75:1B:6D:2B:91:F9:3C:E2:CE:20
Authority key identifier: 69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A
Certificate issuer:       /CN=696651ccbd94f6be9eb74332122335cabbefc39a
Certificate serial:       019655A55BFBE675DD50A18B87D0C0EB00DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
Manifest number:          042B
Signing time:             Mon 21 Apr 2025 00:00:22 +0000
Manifest this update:     Mon 21 Apr 2025 00:00:22 +0000
Manifest next update:     Tue 22 Apr 2025 00:00:22 +0000
Files and hashes:         1: aWZRzL2U9r6et0MyEiM1yrvvw5o.crl (hash: fSBzJ5Hr5n0TrsAJoV/JBWgNOTWNTZZMHBGG5V8rGEI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 00:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:a5:5b:fb:e6:75:dd:50:a1:8b:87:d0:c0:eb:00:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=696651ccbd94f6be9eb74332122335cabbefc39a
        Validity
            Not Before: Apr 21 00:00:22 2025 GMT
            Not After : Apr 22 00:00:22 2025 GMT
        Subject: CN=42172d323a0c1441fec6751b6d2b91f93ce2ce20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3c:27:a2:4c:77:7e:10:c9:2e:d5:ec:9d:cf:
                    cd:59:cc:46:97:19:11:e5:de:92:22:fc:90:63:9d:
                    86:c5:14:fa:48:30:72:a5:6c:0d:aa:14:ce:11:ae:
                    30:59:41:01:34:6c:9c:e0:66:39:18:84:45:eb:9b:
                    26:7d:c9:8e:ff:1b:92:d6:1b:3d:50:8f:01:21:8b:
                    c2:f4:4d:35:01:be:81:eb:ed:8f:01:dc:4f:72:18:
                    e3:ce:3e:ea:15:68:de:ed:6e:65:0c:d2:23:b4:a5:
                    e3:a8:01:49:cc:a9:2b:78:4d:89:94:1f:8d:53:3e:
                    60:47:13:7a:a4:ec:26:4b:f2:05:ee:80:43:47:8d:
                    94:c0:93:de:40:48:18:57:16:37:8e:ba:49:ba:c0:
                    07:f3:c3:55:ad:76:1d:18:0f:92:dc:a6:aa:2a:f9:
                    26:42:d5:c3:8e:cf:f0:55:e7:ce:6f:53:45:a6:ad:
                    6d:b4:8d:41:71:9d:b7:b5:39:74:c2:32:17:7e:cf:
                    27:de:a1:4e:3e:97:a4:c1:26:98:17:1e:66:71:f7:
                    e2:19:0e:bd:6f:47:3e:9f:23:07:32:9e:76:55:d2:
                    c6:14:9f:6d:e1:66:6a:ad:d8:88:45:a4:57:91:b3:
                    e1:26:78:e1:82:3f:b4:53:a4:cc:56:92:a5:6a:39:
                    f0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:17:2D:32:3A:0C:14:41:FE:C6:75:1B:6D:2B:91:F9:3C:E2:CE:20
            X509v3 Authority Key Identifier:
                keyid:69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:c6:1e:62:6f:16:fa:1e:21:91:52:aa:f3:4d:da:0a:70:1d:
         55:f3:fc:d1:11:3d:3f:86:29:4b:48:5d:b7:a3:91:59:fa:f0:
         9a:6c:73:b3:90:73:7e:ce:03:3d:19:99:ee:41:76:05:7c:73:
         1a:76:72:b9:0b:1d:c5:cc:33:0a:e8:3e:9e:b1:c0:dc:af:1e:
         f6:d4:82:84:77:63:00:78:62:51:db:24:e6:ad:2f:90:11:7c:
         9a:b6:4b:bd:a0:c8:e9:01:e0:b6:92:fc:ad:47:b0:e1:aa:90:
         56:75:af:a2:df:f0:9a:92:93:bc:34:30:6e:9a:ad:0e:91:d4:
         2f:52:39:b2:61:02:99:7c:a5:15:9f:c1:9b:2d:99:99:d3:97:
         6a:ad:29:55:10:66:ce:00:55:f5:6d:45:28:e9:67:a3:a9:2c:
         a6:85:37:8d:7f:ea:ba:98:69:6f:49:b8:a0:3d:2c:26:10:03:
         93:28:ae:44:ea:b5:b3:a2:61:57:35:09:e3:86:68:6a:1e:1d:
         d6:08:0b:12:e6:01:78:d9:af:89:ac:9c:3e:b7:39:4e:14:11:
         39:b6:c6:83:21:32:7b:53:52:af:59:5c:47:b5:91:71:e1:8f:
         fb:aa:1b:b3:40:2b:18:cd:03:88:26:dc:ae:1b:73:ab:1c:dd:
         cf:1e:eb:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVpVv75nXdUKGLh9DA6wDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY1MWNjYmQ5NGY2YmU5ZWI3NDMzMjEyMjMzNWNhYmJl
ZmMzOWEwHhcNMjUwNDIxMDAwMDIyWhcNMjUwNDIyMDAwMDIyWjAzMTEwLwYDVQQD
Eyg0MjE3MmQzMjNhMGMxNDQxZmVjNjc1MWI2ZDJiOTFmOTNjZTJjZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjwnokx3fhDJLtXsnc/NWcxGlxkR
5d6SIvyQY52GxRT6SDBypWwNqhTOEa4wWUEBNGyc4GY5GIRF65smfcmO/xuS1hs9
UI8BIYvC9E01Ab6B6+2PAdxPchjjzj7qFWje7W5lDNIjtKXjqAFJzKkreE2JlB+N
Uz5gRxN6pOwmS/IF7oBDR42UwJPeQEgYVxY3jrpJusAH88NVrXYdGA+S3KaqKvkm
QtXDjs/wVefOb1NFpq1ttI1BcZ23tTl0wjIXfs8n3qFOPpekwSaYFx5mcffiGQ69
b0c+nyMHMp52VdLGFJ9t4WZqrdiIRaRXkbPhJnjhgj+0U6TMVpKlajnwXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIXLTI6DBRB/sZ1G20rkfk84s4gMB8GA1UdIwQY
MBaAFGlmUcy9lPa+nrdDMhIjNcq778OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAt
ZDg3MDE3ZDdhNmFjLzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAtZDg3MDE3ZDdhNmFj
LzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoMYeYm8W
+h4hkVKq803aCnAdVfP80RE9P4YpS0hdt6ORWfrwmmxzs5Bzfs4DPRmZ7kF2BXxz
GnZyuQsdxcwzCug+nrHA3K8e9tSChHdjAHhiUdsk5q0vkBF8mrZLvaDI6QHgtpL8
rUew4aqQVnWvot/wmpKTvDQwbpqtDpHUL1I5smECmXylFZ/Bmy2ZmdOXaq0pVRBm
zgBV9W1FKOlno6kspoU3jX/quphpb0m4oD0sJhADkyiuROq1s6JhVzUJ44Zoah4d
1ggLEuYBeNmviaycPrc5ThQRObbGgyEye1NSr1lcR7WRceGP+6obs0ArGM0DiCbc
rhtzqxzdzx7rXA==
-----END CERTIFICATE-----