Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
File:                     aomTYnatLRhxB9-3QAeTADrBSac.mft (raw, json)
Hash identifier:          Q71wmd/TFZp3oumfu5+1YM8Pd9yw+EUBgi/VOdOdkq4=
Subject key identifier:   43:11:F9:64:08:0A:26:C4:8D:62:C3:3F:97:E4:BB:44:5F:07:79:62
Authority key identifier: 6A:89:93:62:76:AD:2D:18:71:07:DF:B7:40:07:93:00:3A:C1:49:A7
Certificate issuer:       /CN=6a89936276ad2d187107dfb7400793003ac149a7
Certificate serial:       01964CD9B5A3F02D80233B2904F350BA03A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
Manifest number:          1488
Signing time:             Sat 19 Apr 2025 07:00:58 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:58 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:58 +0000
Files and hashes:         1: aomTYnatLRhxB9-3QAeTADrBSac.crl (hash: k3y/875IWHwKfJHgfML6dWbU1WOl4wptalKb7ckDECQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:b5:a3:f0:2d:80:23:3b:29:04:f3:50:ba:03:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a89936276ad2d187107dfb7400793003ac149a7
        Validity
            Not Before: Apr 19 07:00:58 2025 GMT
            Not After : Apr 20 07:00:58 2025 GMT
        Subject: CN=4311f964080a26c48d62c33f97e4bb445f077962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d3:74:fe:b0:2b:f2:19:42:19:7b:75:5b:c7:
                    c0:ce:28:51:d3:2b:6b:03:1b:7d:f5:aa:70:0f:10:
                    fd:7b:3e:0a:77:89:8c:3e:3e:45:ff:2e:00:d3:69:
                    1b:56:e7:a3:df:ac:7e:64:3a:9c:47:ba:75:ad:4b:
                    50:d6:5a:06:8c:32:09:60:dd:fe:aa:81:8f:88:6c:
                    75:22:23:7b:42:23:cd:30:c9:25:b2:1a:67:e3:64:
                    9f:cb:62:97:fc:e7:69:3c:35:77:01:cb:3c:ae:98:
                    1e:ab:3d:8f:2d:83:fa:1f:ee:33:18:cb:ff:59:a2:
                    4d:6e:7a:b5:b8:46:85:6c:9a:90:30:b2:bf:ae:e9:
                    fc:ab:f5:45:bd:af:79:fa:f6:24:0b:ec:5d:47:cb:
                    23:26:01:53:55:5a:71:a4:f4:15:cc:30:da:b6:71:
                    f9:fe:f2:12:5b:78:b9:05:8e:8d:e3:7f:72:39:1f:
                    06:df:10:c9:0a:f4:e8:f5:cf:16:5a:c2:3f:7c:73:
                    24:79:e9:04:b8:b5:12:fe:46:5e:72:97:62:75:3f:
                    6f:ba:a4:c5:f9:8d:60:df:cf:e9:84:01:5f:72:7f:
                    2d:a2:02:1b:40:1c:28:77:69:04:a6:5d:47:d9:ed:
                    05:83:b8:73:9c:02:17:ef:a0:c5:42:ff:74:30:75:
                    38:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:11:F9:64:08:0A:26:C4:8D:62:C3:3F:97:E4:BB:44:5F:07:79:62
            X509v3 Authority Key Identifier:
                keyid:6A:89:93:62:76:AD:2D:18:71:07:DF:B7:40:07:93:00:3A:C1:49:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aomTYnatLRhxB9-3QAeTADrBSac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/2ab62d-070c-4b06-b38a-73a7a4736038/1/aomTYnatLRhxB9-3QAeTADrBSac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:8b:1b:30:dd:96:2c:e0:8e:f2:a9:d1:50:2d:b1:61:35:d1:
         f1:fc:13:1e:d6:b1:6f:d0:a8:a2:52:af:f6:39:27:9e:68:62:
         88:5f:96:83:9f:ca:be:a9:77:5e:1e:8c:d5:3d:5a:e5:fb:ba:
         f9:d7:5c:88:d6:84:85:ac:46:b8:19:6f:5b:f5:82:81:08:0c:
         65:ff:4b:dd:cf:b5:af:5b:48:1e:69:f9:c5:55:e0:83:c3:22:
         dd:f6:46:0c:5e:d3:92:0a:0f:a8:48:e9:31:c6:53:bf:7e:91:
         b1:02:f2:f3:8d:d8:cb:d3:9e:3e:f0:c4:2e:92:64:88:13:78:
         a5:15:bd:5f:23:28:4c:21:ef:78:66:0a:87:53:d0:3f:36:f4:
         30:76:dc:a4:6e:e3:06:64:bc:5f:ea:cd:80:44:40:64:af:e9:
         1e:3c:13:77:55:69:59:8e:ac:62:41:7b:07:a5:0a:87:03:1b:
         5f:82:f1:b6:04:41:bf:cb:18:f2:fc:c7:8c:17:8e:e8:45:4c:
         35:8b:17:ef:b9:39:e3:b9:76:48:b0:dd:f2:86:ba:4a:f9:95:
         2e:68:de:ee:9d:0b:ac:46:f9:f2:7d:4b:0e:c4:83:af:d4:00:
         61:86:c9:a9:1c:dd:4f:42:61:22:af:73:3b:fb:a6:e8:3c:ba:
         23:46:a2:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2bWj8C2AIzspBPNQugOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhODk5MzYyNzZhZDJkMTg3MTA3ZGZiNzQwMDc5MzAwM2Fj
MTQ5YTcwHhcNMjUwNDE5MDcwMDU4WhcNMjUwNDIwMDcwMDU4WjAzMTEwLwYDVQQD
Eyg0MzExZjk2NDA4MGEyNmM0OGQ2MmMzM2Y5N2U0YmI0NDVmMDc3OTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9N0/rAr8hlCGXt1W8fAzihR0ytr
Axt99apwDxD9ez4Kd4mMPj5F/y4A02kbVuej36x+ZDqcR7p1rUtQ1loGjDIJYN3+
qoGPiGx1IiN7QiPNMMklshpn42Sfy2KX/OdpPDV3Acs8rpgeqz2PLYP6H+4zGMv/
WaJNbnq1uEaFbJqQMLK/run8q/VFva95+vYkC+xdR8sjJgFTVVpxpPQVzDDatnH5
/vISW3i5BY6N439yOR8G3xDJCvTo9c8WWsI/fHMkeekEuLUS/kZecpdidT9vuqTF
+Y1g38/phAFfcn8togIbQBwod2kEpl1H2e0Fg7hznAIX76DFQv90MHU4QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMR+WQICibEjWLDP5fku0RfB3liMB8GA1UdIwQY
MBaAFGqJk2J2rS0YcQfft0AHkwA6wUmnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8yYWI2MmQtMDcwYy00YjA2LWIzOGEt
NzNhN2E0NzM2MDM4LzEvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8yYWI2MmQtMDcwYy00YjA2LWIzOGEtNzNhN2E0NzM2MDM4
LzEvYW9tVFluYXRMUmh4QjktM1FBZVRBRHJCU2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbIsbMN2W
LOCO8qnRUC2xYTXR8fwTHtaxb9CoolKv9jknnmhiiF+Wg5/Kvql3Xh6M1T1a5fu6
+ddciNaEhaxGuBlvW/WCgQgMZf9L3c+1r1tIHmn5xVXgg8Mi3fZGDF7TkgoPqEjp
McZTv36RsQLy843Yy9OePvDELpJkiBN4pRW9XyMoTCHveGYKh1PQPzb0MHbcpG7j
BmS8X+rNgERAZK/pHjwTd1VpWY6sYkF7B6UKhwMbX4LxtgRBv8sY8vzHjBeO6EVM
NYsX77k547l2SLDd8oa6SvmVLmje7p0LrEb58n1LDsSDr9QAYYbJqRzdT0JhIq9z
O/um6Dy6I0aihw==
-----END CERTIFICATE-----