Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          MwmSHQWk4rGUJLUkuS2W+tQBN9LSXGC7qdAvfU/5HiM=
Subject key identifier:   49:7D:7E:25:66:46:C4:41:21:C1:A7:7C:71:5E:80:99:FD:63:59:6F
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       01976B17F788703E32F4A1237C6A99397982
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          0AEA
Signing time:             Fri 13 Jun 2025 21:00:21 +0000
Manifest this update:     Fri 13 Jun 2025 21:00:21 +0000
Manifest next update:     Sat 14 Jun 2025 21:00:21 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: 6W/+kJRocEPSl0NdmyTckxmuWi9qu+j3B4HvtHcYvK0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 16:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:17:f7:88:70:3e:32:f4:a1:23:7c:6a:99:39:79:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: Jun 13 21:00:21 2025 GMT
            Not After : Jun 14 21:00:21 2025 GMT
        Subject: CN=497d7e256646c44121c1a77c715e8099fd63596f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:e4:f1:1e:94:75:cc:a2:5b:c6:83:81:1c:88:
                    45:69:9e:c4:25:f3:de:ed:30:f4:43:11:57:d1:e9:
                    2e:8e:61:a2:6e:39:be:c1:d5:3f:c4:34:7f:94:44:
                    32:d0:88:96:2c:90:1b:19:5d:4a:5b:8a:07:94:db:
                    6e:46:c8:61:1b:8c:94:dc:55:41:00:e2:aa:71:d1:
                    09:c5:0d:c6:aa:67:72:32:b7:67:9e:ae:c2:27:0d:
                    42:2e:45:68:a2:33:1e:d4:21:05:2d:ea:11:5d:b3:
                    23:41:a9:d5:24:47:8a:a9:70:86:cc:cb:7e:80:f0:
                    e5:06:c8:47:78:97:05:5f:ca:01:f6:1a:2d:e2:89:
                    2d:12:68:97:42:3d:f1:5d:d6:66:e0:9f:5e:d3:d6:
                    e6:96:e0:d5:bc:1b:1d:f6:e5:c8:ac:b9:9b:d6:0d:
                    e4:f2:a1:41:34:92:15:aa:d8:22:5a:71:d6:b6:e9:
                    83:fc:57:23:fd:12:23:81:36:61:68:c9:1d:19:2c:
                    c1:fe:26:6b:36:ab:bf:05:d1:50:0c:07:c2:1a:2a:
                    d2:d4:b2:60:f7:03:aa:bc:44:e9:8d:94:a4:30:e0:
                    0f:c4:4f:0f:c8:de:7f:05:08:02:4f:f4:9d:f9:64:
                    75:c6:ec:cd:cc:88:b9:0f:47:60:63:be:43:a0:87:
                    d5:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:7D:7E:25:66:46:C4:41:21:C1:A7:7C:71:5E:80:99:FD:63:59:6F
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:91:b7:8c:5e:02:bf:44:f8:2b:1d:fc:35:07:94:d2:52:3d:
         20:53:41:b0:7d:8a:48:ae:99:03:73:94:4d:00:88:5d:58:04:
         9b:54:14:df:ea:0c:43:72:0a:c3:c7:19:0d:40:97:aa:2f:24:
         90:61:08:34:f2:02:89:a3:1c:df:f8:8b:18:68:02:aa:fd:de:
         cf:19:c1:78:96:d4:f5:b3:b3:c5:59:cb:a1:93:e7:f1:03:fc:
         6f:f6:46:b3:46:c3:a2:c7:93:92:df:a7:0a:81:50:e6:0e:05:
         5a:ba:ff:be:f5:61:d6:09:45:79:29:ba:69:2d:be:18:5a:c0:
         21:bf:39:60:48:08:61:34:a3:14:5d:92:9f:4a:2e:5e:81:87:
         7f:2e:ce:ca:cc:3b:e9:f8:29:47:de:2d:7f:40:ea:d3:c9:60:
         46:54:1f:25:2f:9e:54:89:11:2d:e3:f9:8b:a1:3a:dc:9b:74:
         1b:ea:aa:1b:73:62:46:db:dd:5c:87:24:f4:7c:b0:76:25:ca:
         bf:da:ed:b9:cb:9d:9e:87:67:c2:dc:46:17:ed:60:98:73:8b:
         ad:ee:88:08:72:b3:10:c3:8f:7a:2b:51:5b:9b:f7:08:54:9e:
         4e:97:f5:91:61:d4:c4:33:46:44:ba:ef:69:25:db:96:54:63:
         41:09:0a:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrF/eIcD4y9KEjfGqZOXmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjUwNjEzMjEwMDIxWhcNMjUwNjE0MjEwMDIxWjAzMTEwLwYDVQQD
Eyg0OTdkN2UyNTY2NDZjNDQxMjFjMWE3N2M3MTVlODA5OWZkNjM1OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eTxHpR1zKJbxoOBHIhFaZ7EJfPe
7TD0QxFX0ekujmGibjm+wdU/xDR/lEQy0IiWLJAbGV1KW4oHlNtuRshhG4yU3FVB
AOKqcdEJxQ3GqmdyMrdnnq7CJw1CLkVoojMe1CEFLeoRXbMjQanVJEeKqXCGzMt+
gPDlBshHeJcFX8oB9hot4oktEmiXQj3xXdZm4J9e09bmluDVvBsd9uXIrLmb1g3k
8qFBNJIVqtgiWnHWtumD/Fcj/RIjgTZhaMkdGSzB/iZrNqu/BdFQDAfCGirS1LJg
9wOqvETpjZSkMOAPxE8PyN5/BQgCT/Sd+WR1xuzNzIi5D0dgY75DoIfVmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEl9fiVmRsRBIcGnfHFegJn9Y1lvMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY5G3jF4C
v0T4Kx38NQeU0lI9IFNBsH2KSK6ZA3OUTQCIXVgEm1QU3+oMQ3IKw8cZDUCXqi8k
kGEINPICiaMc3/iLGGgCqv3ezxnBeJbU9bOzxVnLoZPn8QP8b/ZGs0bDoseTkt+n
CoFQ5g4FWrr/vvVh1glFeSm6aS2+GFrAIb85YEgIYTSjFF2Sn0ouXoGHfy7Oysw7
6fgpR94tf0Dq08lgRlQfJS+eVIkRLeP5i6E63Jt0G+qqG3NiRtvdXIck9HywdiXK
v9rtucudnodnwtxGF+1gmHOLre6ICHKzEMOPeitRW5v3CFSeTpf1kWHUxDNGRLrv
aSXbllRjQQkKSg==
-----END CERTIFICATE-----