Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          8xX51zG454clB69vmmgsZSeRkN8McwPTu6jD0tSP6y0=
Subject key identifier:   78:E2:07:5A:77:82:6E:B4:CB:D0:D5:A9:66:39:F0:7B:3F:DB:9E:FD
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       0197635F451ADC234B90D5D5C25D11DCB9AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          0AE6
Signing time:             Thu 12 Jun 2025 09:01:17 +0000
Manifest this update:     Thu 12 Jun 2025 09:01:17 +0000
Manifest next update:     Fri 13 Jun 2025 09:01:17 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: LzGj0XRFo9Xy/UwcuDqKlhED0QQn6PZB+LfpAISN08U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:63:5f:45:1a:dc:23:4b:90:d5:d5:c2:5d:11:dc:b9:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: Jun 12 09:01:17 2025 GMT
            Not After : Jun 13 09:01:17 2025 GMT
        Subject: CN=78e2075a77826eb4cbd0d5a96639f07b3fdb9efd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:b7:77:79:7f:a0:a5:e3:b7:84:d2:83:b4:1b:
                    dc:c0:8e:86:05:6f:02:61:df:b6:f4:3f:ff:b7:00:
                    14:67:e6:40:dd:ae:05:66:d8:0e:a9:e7:62:12:c0:
                    86:c2:6f:7a:35:98:85:b5:a1:5e:01:f6:c1:69:0e:
                    32:40:bd:ea:4e:cd:ae:2c:da:5e:5e:44:4d:8d:a1:
                    5a:2a:8b:93:4b:f8:ed:c7:8e:55:ab:7f:2a:79:c2:
                    8b:49:ba:50:2b:96:e9:2f:07:cc:dd:7c:a0:c9:90:
                    7f:15:49:76:7d:aa:9f:77:98:62:c3:28:a4:01:eb:
                    4b:70:b1:6f:26:62:03:3a:e3:3f:83:1e:57:2e:3b:
                    97:35:4c:2e:0b:68:2b:1c:c6:ad:1e:ae:b2:fa:43:
                    80:03:a0:57:00:0e:4c:00:e2:73:fd:ab:28:25:47:
                    e3:ac:da:50:f9:0c:2f:5f:61:d2:70:ba:9c:2a:35:
                    e4:b3:29:ab:f4:49:3e:b8:74:27:28:8d:77:30:ab:
                    d3:80:6e:b1:ad:5c:be:cf:a3:8d:89:6a:fa:6d:6e:
                    a2:f7:47:df:97:71:7b:1c:14:7b:51:24:c6:dd:d6:
                    96:e7:91:8e:5e:eb:22:06:f4:ea:b9:27:d3:18:97:
                    ac:e0:b7:50:b1:08:97:f7:0f:a8:91:1e:74:87:13:
                    69:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:E2:07:5A:77:82:6E:B4:CB:D0:D5:A9:66:39:F0:7B:3F:DB:9E:FD
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:06:7b:28:75:0e:44:aa:13:97:a7:66:83:93:19:87:5a:27:
         c2:c2:b0:39:4f:c8:b1:31:ab:b0:e6:50:6c:36:fc:cb:02:c4:
         74:60:59:77:f0:c5:d2:c7:a4:37:83:02:ad:72:8b:e2:ef:f4:
         7c:ee:56:31:a6:79:7d:e2:77:54:cd:d0:55:69:3e:a0:4c:a0:
         2e:00:1d:23:65:84:35:18:87:0f:c0:ea:3e:40:5f:98:2c:37:
         32:1c:50:3e:4e:da:cf:8d:a6:5d:18:89:b9:5e:ce:bc:bc:a9:
         65:4c:b9:6c:c6:5c:c9:42:39:d2:33:a6:42:f0:16:84:dc:1d:
         a8:fd:38:f6:47:d8:ad:29:ad:c5:88:5c:c6:b0:2c:21:ce:f7:
         f5:92:c8:95:38:e6:e2:02:71:95:ca:76:e3:73:95:50:90:e8:
         20:d7:a2:e3:86:e9:9c:b1:5f:fd:99:8a:44:8e:c6:19:8e:d8:
         43:c5:b2:b6:f7:8d:08:b7:06:b2:38:d7:13:06:89:1f:51:fb:
         84:b6:9e:74:0e:ea:6a:01:61:ec:f4:12:30:b8:24:39:b0:02:
         f1:4b:d8:a0:cd:a0:b5:f5:33:47:3e:2d:f4:9b:1c:99:64:59:
         df:56:6d:5b:7c:93:43:6f:d0:7d:25:65:0f:d5:f6:64:be:39:
         66:67:7d:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdjX0Ua3CNLkNXVwl0R3LmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjUwNjEyMDkwMTE3WhcNMjUwNjEzMDkwMTE3WjAzMTEwLwYDVQQD
Eyg3OGUyMDc1YTc3ODI2ZWI0Y2JkMGQ1YTk2NjM5ZjA3YjNmZGI5ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bd3eX+gpeO3hNKDtBvcwI6GBW8C
Yd+29D//twAUZ+ZA3a4FZtgOqediEsCGwm96NZiFtaFeAfbBaQ4yQL3qTs2uLNpe
XkRNjaFaKouTS/jtx45Vq38qecKLSbpQK5bpLwfM3XygyZB/FUl2faqfd5hiwyik
AetLcLFvJmIDOuM/gx5XLjuXNUwuC2grHMatHq6y+kOAA6BXAA5MAOJz/asoJUfj
rNpQ+QwvX2HScLqcKjXksymr9Ek+uHQnKI13MKvTgG6xrVy+z6ONiWr6bW6i90ff
l3F7HBR7USTG3daW55GOXusiBvTquSfTGJes4LdQsQiX9w+okR50hxNpwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjiB1p3gm60y9DVqWY58Hs/2579MB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYwZ7KHUO
RKoTl6dmg5MZh1onwsKwOU/IsTGrsOZQbDb8ywLEdGBZd/DF0sekN4MCrXKL4u/0
fO5WMaZ5feJ3VM3QVWk+oEygLgAdI2WENRiHD8DqPkBfmCw3MhxQPk7az42mXRiJ
uV7OvLypZUy5bMZcyUI50jOmQvAWhNwdqP049kfYrSmtxYhcxrAsIc739ZLIlTjm
4gJxlcp243OVUJDoINei44bpnLFf/ZmKRI7GGY7YQ8WytveNCLcGsjjXEwaJH1H7
hLaedA7qagFh7PQSMLgkObAC8UvYoM2gtfUzRz4t9JscmWRZ31ZtW3yTQ2/QfSVl
D9X2ZL45Zmd9KA==
-----END CERTIFICATE-----