Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          7KGNCbWUOPN0eAibr/CAdrU3EIaNTD/Vm5NO0w4I6U4=
Subject key identifier:   D5:64:72:50:CC:63:26:9E:F3:AB:65:BA:50:53:BE:33:5C:A5:9C:01
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       018F87ED693F888AF17A248C934156BCDDCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          D7
Signing time:             Fri 17 May 2024 19:00:34 +0000
Manifest this update:     Fri 17 May 2024 19:00:34 +0000
Manifest next update:     Sat 18 May 2024 19:00:34 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: 3NuPMPdBqwwwJDfxiUu9w2bVT8nnTNdnymejAqpsT90=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:69:3f:88:8a:f1:7a:24:8c:93:41:56:bc:dd:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: May 17 19:00:34 2024 GMT
            Not After : May 18 19:00:34 2024 GMT
        Subject: CN=d5647250cc63269ef3ab65ba5053be335ca59c01
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:93:2c:09:ac:ef:e8:39:2c:be:01:9f:08:c1:
                    61:ad:ae:63:21:f1:ac:2c:b4:72:df:73:22:6e:81:
                    87:13:a4:a3:78:fc:e6:c3:43:c0:5e:8f:8b:49:48:
                    8f:a1:3e:27:f4:b9:de:5d:b7:94:56:23:2b:37:a9:
                    18:b4:e3:cf:e0:1a:b3:b7:0e:01:2f:ba:2d:ed:de:
                    e8:3b:ca:9f:2c:c8:44:a9:41:06:12:eb:bf:26:7b:
                    a7:7e:7b:b4:a6:37:75:35:b1:ca:18:cd:64:43:ad:
                    70:35:e1:46:21:e6:58:d5:4c:1c:00:26:14:1f:05:
                    66:e1:2d:9b:00:89:e5:95:a2:3a:57:6e:cf:2b:85:
                    30:c7:e4:12:ee:cd:c5:cd:c9:57:04:86:35:aa:0f:
                    2c:35:c8:58:99:31:78:b5:05:87:ad:0f:62:57:34:
                    b0:98:3f:ad:82:2e:78:57:11:3f:c3:d2:20:ad:f7:
                    26:26:02:f7:fd:d9:ce:ca:9a:6b:66:0a:ea:1c:88:
                    48:cc:30:98:12:5d:f4:13:8c:c2:76:24:5c:37:2e:
                    d1:3a:8c:41:07:dd:84:58:2a:6a:a0:b3:56:fc:14:
                    cb:82:43:99:97:5f:75:f2:91:45:f7:b5:e6:4c:90:
                    ab:6e:a8:f0:f7:78:3c:bb:94:0c:5c:d8:70:ff:6f:
                    a8:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:64:72:50:CC:63:26:9E:F3:AB:65:BA:50:53:BE:33:5C:A5:9C:01
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:7d:5b:1b:5d:b1:f5:cc:ec:20:12:83:98:15:b3:06:e2:11:
         4c:ea:c4:a2:8c:c0:2d:1d:22:ed:c8:ab:a8:72:f6:9c:34:de:
         18:9c:d9:89:8e:b2:cc:5f:29:d2:3a:ac:03:cc:f7:e8:8b:42:
         99:3c:1f:84:0d:52:92:43:ec:de:91:5e:8c:21:e8:7a:ac:46:
         fd:0d:ec:af:83:91:71:50:27:2f:77:ae:52:19:26:b1:7c:ec:
         99:24:16:8e:d9:13:b1:62:ab:07:bf:88:1b:08:6e:c2:8f:a9:
         5c:ff:84:a1:1b:da:20:32:c7:2a:00:72:99:36:30:4a:c7:75:
         1b:08:be:35:d3:aa:1c:49:58:bb:3b:ae:7e:51:8f:c0:96:ad:
         1a:67:a4:c9:0b:a9:8c:f8:ca:1f:5d:cf:0e:8e:b3:4c:dc:3e:
         ba:1e:5d:6c:69:a5:02:bb:91:04:0d:c5:9a:57:a1:36:cb:12:
         4e:a1:63:2f:b7:1d:db:69:db:86:46:5c:2c:44:af:99:ae:46:
         63:51:dc:b9:65:86:cb:55:31:8f:34:4f:f2:df:e0:00:e3:df:
         2e:4f:d9:eb:b5:ad:17:a2:67:5d:64:f1:92:86:e0:15:07:af:
         34:2a:7c:30:9f:de:b4:c5:98:78:f7:1d:53:31:b4:98:6f:9b:
         e3:a0:cf:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7Wk/iIrxeiSMk0FWvN3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjQwNTE3MTkwMDM0WhcNMjQwNTE4MTkwMDM0WjAzMTEwLwYDVQQD
EyhkNTY0NzI1MGNjNjMyNjllZjNhYjY1YmE1MDUzYmUzMzVjYTU5YzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JMsCazv6DksvgGfCMFhra5jIfGs
LLRy33MiboGHE6SjePzmw0PAXo+LSUiPoT4n9LneXbeUViMrN6kYtOPP4Bqztw4B
L7ot7d7oO8qfLMhEqUEGEuu/Jnunfnu0pjd1NbHKGM1kQ61wNeFGIeZY1UwcACYU
HwVm4S2bAInllaI6V27PK4Uwx+QS7s3FzclXBIY1qg8sNchYmTF4tQWHrQ9iVzSw
mD+tgi54VxE/w9IgrfcmJgL3/dnOypprZgrqHIhIzDCYEl30E4zCdiRcNy7ROoxB
B92EWCpqoLNW/BTLgkOZl1918pFF97XmTJCrbqjw93g8u5QMXNhw/2+oiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNVkclDMYyae86tlulBTvjNcpZwBMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbX1bG12x
9czsIBKDmBWzBuIRTOrEoozALR0i7cirqHL2nDTeGJzZiY6yzF8p0jqsA8z36ItC
mTwfhA1SkkPs3pFejCHoeqxG/Q3sr4ORcVAnL3euUhkmsXzsmSQWjtkTsWKrB7+I
Gwhuwo+pXP+EoRvaIDLHKgBymTYwSsd1Gwi+NdOqHElYuzuuflGPwJatGmekyQup
jPjKH13PDo6zTNw+uh5dbGmlAruRBA3FmlehNssSTqFjL7cd22nbhkZcLESvma5G
Y1HcuWWGy1UxjzRP8t/gAOPfLk/Z67WtF6JnXWTxkobgFQevNCp8MJ/etMWYePcd
UzG0mG+b46DPUA==
-----END CERTIFICATE-----