Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          Z4N9v2k0h9CBMIa8U239rzZUDsYEJ+ae+qE+aRXskaA=
Subject key identifier:   27:43:7B:B3:FB:CD:EA:A6:6A:27:99:96:4C:86:34:D8:76:44:67:2A
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       01976929F50B77ED3AC1AA1EC88EAAB6CFB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          0AE9
Signing time:             Fri 13 Jun 2025 12:00:46 +0000
Manifest this update:     Fri 13 Jun 2025 12:00:46 +0000
Manifest next update:     Sat 14 Jun 2025 12:00:46 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: SCttnTZ/4I/W3xOS4H3hUm6ITf2JJzzltwYgi6rpBvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 12:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:29:f5:0b:77:ed:3a:c1:aa:1e:c8:8e:aa:b6:cf:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: Jun 13 12:00:46 2025 GMT
            Not After : Jun 14 12:00:46 2025 GMT
        Subject: CN=27437bb3fbcdeaa66a2799964c8634d87644672a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:00:55:b0:f7:61:fb:77:f3:db:73:93:82:4d:
                    0f:5f:e1:95:cd:88:ce:f5:7f:f0:42:14:9c:f9:39:
                    c4:16:4f:b1:c4:6d:68:c4:a2:89:bf:ed:e4:09:a2:
                    e7:80:d2:f9:6c:2a:24:46:e6:3e:cb:00:03:5a:09:
                    49:6c:e9:b3:dd:3c:76:5f:30:bc:74:7a:25:cc:05:
                    ca:7b:9b:19:04:2d:70:ec:57:7b:3e:42:e3:56:42:
                    c0:49:33:8b:f6:3a:0e:99:a8:04:ba:51:3c:9b:aa:
                    9b:65:c4:9a:8d:87:f8:e2:e6:ac:6a:33:9e:8b:6e:
                    62:4d:72:17:4d:9d:60:0d:fa:18:e1:ef:e0:4d:5a:
                    b9:69:7e:e9:bf:b2:f6:0a:68:e1:d1:73:2d:dc:f5:
                    f1:34:ef:12:40:49:d3:01:3c:cc:fe:3f:86:3f:9c:
                    5f:5b:22:e2:cd:b8:cd:27:dc:7d:cc:0c:17:d4:e9:
                    e2:3b:4a:37:97:a4:35:8b:c8:b4:3c:4e:3e:56:f5:
                    4e:f9:a4:d4:8c:f4:35:cf:aa:d0:86:2c:e0:ff:ea:
                    d4:a4:9d:5b:79:25:c1:26:d8:54:83:46:61:27:0b:
                    17:fc:1e:a4:62:bf:0d:67:8a:0c:c0:4e:97:cd:35:
                    03:9b:24:bb:85:1c:a7:6f:a5:36:68:35:42:54:1e:
                    91:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:43:7B:B3:FB:CD:EA:A6:6A:27:99:96:4C:86:34:D8:76:44:67:2A
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:2a:6c:53:c5:27:34:67:06:c5:b5:68:b7:de:1c:92:a5:f0:
         e6:02:15:c5:78:b5:c3:3f:00:da:97:ee:e7:1a:5c:c3:97:37:
         67:65:04:d1:d9:df:71:6c:47:ad:a4:e2:0a:a2:d3:33:16:44:
         7d:73:fa:ce:9a:3a:5a:1f:84:27:2f:f7:9b:9c:20:a2:41:f8:
         fc:12:86:03:bc:31:e3:ef:30:09:08:8c:3b:b2:75:16:4c:d6:
         95:7a:4c:73:80:53:4c:24:8d:a0:81:3c:3a:c4:09:bf:d6:8d:
         83:ee:22:01:5e:de:12:4c:b4:c3:95:4d:86:3a:ae:59:04:7e:
         15:48:4c:fb:ed:92:76:f7:0e:50:10:06:ec:60:01:10:ce:dd:
         e0:e1:e2:fd:bc:c9:5f:6b:f9:4c:31:28:10:e9:33:b7:c5:6a:
         24:c5:d0:1b:cd:34:97:fb:db:51:1b:7f:fb:b9:39:e0:46:ba:
         1c:26:84:e5:12:87:74:96:53:1f:86:49:dd:6b:65:cf:f6:a7:
         0c:9a:6e:99:05:04:39:86:23:b2:e6:08:dd:79:b6:b7:e6:e3:
         45:2d:10:2c:70:ec:1a:f3:e1:7f:0f:53:04:fc:72:de:3f:33:
         dc:06:52:28:96:eb:39:4a:9f:3e:bc:21:ce:2f:c6:15:60:19:
         f2:23:60:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpKfULd+06waoeyI6qts+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjUwNjEzMTIwMDQ2WhcNMjUwNjE0MTIwMDQ2WjAzMTEwLwYDVQQD
EygyNzQzN2JiM2ZiY2RlYWE2NmEyNzk5OTY0Yzg2MzRkODc2NDQ2NzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gBVsPdh+3fz23OTgk0PX+GVzYjO
9X/wQhSc+TnEFk+xxG1oxKKJv+3kCaLngNL5bCokRuY+ywADWglJbOmz3Tx2XzC8
dHolzAXKe5sZBC1w7Fd7PkLjVkLASTOL9joOmagEulE8m6qbZcSajYf44uasajOe
i25iTXIXTZ1gDfoY4e/gTVq5aX7pv7L2Cmjh0XMt3PXxNO8SQEnTATzM/j+GP5xf
WyLizbjNJ9x9zAwX1OniO0o3l6Q1i8i0PE4+VvVO+aTUjPQ1z6rQhizg/+rUpJ1b
eSXBJthUg0ZhJwsX/B6kYr8NZ4oMwE6XzTUDmyS7hRynb6U2aDVCVB6R/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdDe7P7zeqmaieZlkyGNNh2RGcqMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfSpsU8Un
NGcGxbVot94ckqXw5gIVxXi1wz8A2pfu5xpcw5c3Z2UE0dnfcWxHraTiCqLTMxZE
fXP6zpo6Wh+EJy/3m5wgokH4/BKGA7wx4+8wCQiMO7J1FkzWlXpMc4BTTCSNoIE8
OsQJv9aNg+4iAV7eEky0w5VNhjquWQR+FUhM++2SdvcOUBAG7GABEM7d4OHi/bzJ
X2v5TDEoEOkzt8VqJMXQG800l/vbURt/+7k54Ea6HCaE5RKHdJZTH4ZJ3Wtlz/an
DJpumQUEOYYjsuYI3Xm2t+bjRS0QLHDsGvPhfw9TBPxy3j8z3AZSKJbrOUqfPrwh
zi/GFWAZ8iNggA==
-----END CERTIFICATE-----