Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          lp1UrKNgnpmk/F2snkL5o6XdQBkLBYHllCQQNufpZ3Q=
Subject key identifier:   CC:F2:0B:90:84:C8:56:C5:3E:FA:FE:D6:A0:01:78:AC:B5:F4:10:C3
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       01976EF50907B890622EEDA82E6ED88713CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          0AEC
Signing time:             Sat 14 Jun 2025 15:00:41 +0000
Manifest this update:     Sat 14 Jun 2025 15:00:41 +0000
Manifest next update:     Sun 15 Jun 2025 15:00:41 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: eRheiQRAzyfbhw07ZXZ8x2f5Uw3dpEu1Ne2TgOi3doc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:f5:09:07:b8:90:62:2e:ed:a8:2e:6e:d8:87:13:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: Jun 14 15:00:41 2025 GMT
            Not After : Jun 15 15:00:41 2025 GMT
        Subject: CN=ccf20b9084c856c53efafed6a00178acb5f410c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:9b:9a:38:e9:78:07:fc:ba:b7:fc:48:eb:9a:
                    1e:63:75:c2:37:fb:e3:9a:6e:2c:cf:50:a1:fe:4a:
                    16:32:96:a4:2d:b4:42:08:ab:0e:e3:ff:44:37:d8:
                    33:89:1b:b5:3a:29:c6:56:64:c4:0d:04:8e:e2:fb:
                    46:6d:63:0c:4f:e5:ae:0d:d3:03:28:0f:07:ca:1c:
                    c6:1f:f4:56:88:29:fa:15:39:72:ed:99:a5:72:bd:
                    76:65:8d:6a:15:ce:02:1d:12:94:2e:bd:63:02:37:
                    da:8c:6e:c7:2f:2a:f5:79:ef:bb:4a:26:43:73:35:
                    bb:ac:0a:02:d8:7b:ca:69:c1:d6:ab:65:38:b2:97:
                    e9:9a:4b:48:27:66:cd:39:43:a0:8c:7d:06:3b:0e:
                    0b:dc:8f:67:74:57:ca:6b:f4:f3:dd:5e:d8:66:71:
                    18:93:ee:42:15:75:b3:ee:db:ea:ed:3b:89:ae:fe:
                    20:84:50:e9:89:b3:d1:2c:21:74:60:31:e7:2e:da:
                    05:33:4e:4f:87:f1:b4:48:d0:32:c0:2d:c3:b6:c9:
                    b7:ed:b2:5a:4c:c9:16:6f:ab:a6:2e:0c:ec:1b:a1:
                    1a:48:fb:b4:ed:a8:1e:00:d3:65:ec:86:37:e6:92:
                    09:c2:15:41:9e:7d:37:52:a1:f4:0c:01:6b:5f:cb:
                    00:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:F2:0B:90:84:C8:56:C5:3E:FA:FE:D6:A0:01:78:AC:B5:F4:10:C3
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:74:04:21:d7:3a:43:ea:8d:4e:b7:29:f3:aa:2c:e5:5f:7c:
         fb:4f:f7:aa:91:81:d6:79:54:34:79:2f:a5:e2:f6:90:8a:e6:
         25:f2:5c:44:99:d8:b4:c6:bb:ed:46:17:67:a2:fd:c3:56:1f:
         0e:fa:ad:e5:a1:62:65:17:5e:18:cb:42:5c:c7:c0:0b:03:a7:
         94:48:f1:c0:c2:ed:76:82:4c:fe:cb:ed:18:85:7f:54:fb:d2:
         f6:6a:5c:40:06:c8:9b:f5:7c:a0:20:94:ae:52:b6:e8:ee:09:
         a8:96:27:7a:9d:1a:dc:75:c8:76:91:62:aa:f3:8a:1a:67:07:
         79:18:c6:5c:7f:0b:b0:3a:6b:19:83:85:d6:64:1c:ea:b9:4d:
         bd:3f:15:5f:79:3d:f1:7d:d8:a6:e6:1e:28:de:41:31:0d:73:
         40:5d:a4:9c:1c:fd:d4:05:d2:69:26:c0:10:0a:dc:8a:2c:79:
         17:6e:ff:21:f2:ff:8f:16:f2:49:b6:85:60:70:34:4d:40:92:
         b8:b5:c1:36:5d:d3:92:17:54:57:4a:a4:e3:3a:b9:ec:4c:58:
         61:fd:ff:29:af:68:09:fb:cb:1b:bf:b6:52:78:5d:75:6d:3a:
         f6:56:44:ea:46:77:4d:70:b5:ab:e2:90:af:72:ce:8a:e1:12:
         80:a8:0d:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdu9QkHuJBiLu2oLm7YhxPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjUwNjE0MTUwMDQxWhcNMjUwNjE1MTUwMDQxWjAzMTEwLwYDVQQD
EyhjY2YyMGI5MDg0Yzg1NmM1M2VmYWZlZDZhMDAxNzhhY2I1ZjQxMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7puaOOl4B/y6t/xI65oeY3XCN/vj
mm4sz1Ch/koWMpakLbRCCKsO4/9EN9gziRu1OinGVmTEDQSO4vtGbWMMT+WuDdMD
KA8HyhzGH/RWiCn6FTly7Zmlcr12ZY1qFc4CHRKULr1jAjfajG7HLyr1ee+7SiZD
czW7rAoC2HvKacHWq2U4spfpmktIJ2bNOUOgjH0GOw4L3I9ndFfKa/Tz3V7YZnEY
k+5CFXWz7tvq7TuJrv4ghFDpibPRLCF0YDHnLtoFM05Ph/G0SNAywC3Dtsm37bJa
TMkWb6umLgzsG6EaSPu07ageANNl7IY35pIJwhVBnn03UqH0DAFrX8sAJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzyC5CEyFbFPvr+1qABeKy19BDDMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdHQEIdc6
Q+qNTrcp86os5V98+0/3qpGB1nlUNHkvpeL2kIrmJfJcRJnYtMa77UYXZ6L9w1Yf
Dvqt5aFiZRdeGMtCXMfACwOnlEjxwMLtdoJM/svtGIV/VPvS9mpcQAbIm/V8oCCU
rlK26O4JqJYnep0a3HXIdpFiqvOKGmcHeRjGXH8LsDprGYOF1mQc6rlNvT8VX3k9
8X3YpuYeKN5BMQ1zQF2knBz91AXSaSbAEArciix5F27/IfL/jxbySbaFYHA0TUCS
uLXBNl3TkhdUV0qk4zq57ExYYf3/Ka9oCfvLG7+2UnhddW069lZE6kZ3TXC1q+KQ
r3LOiuESgKgNUA==
-----END CERTIFICATE-----