Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          QI/8H5iPvb55yEc8E+Upg27kuWNmuJO9IKroDanBqN8=
Subject key identifier:   73:35:29:47:5B:00:E8:78:68:F7:93:BA:D7:26:EA:BC:11:42:B5:87
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       0193572DD10C4D8542FC74C2F1B951B0FE42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          02D0
Signing time:             Sat 23 Nov 2024 04:00:40 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:40 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:40 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: znTilkSH7Ums7QOMjkcJprZ8akyrkIQAgKSy4k6DpfY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:d1:0c:4d:85:42:fc:74:c2:f1:b9:51:b0:fe:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Nov 23 04:00:40 2024 GMT
            Not After : Nov 24 04:00:40 2024 GMT
        Subject: CN=733529475b00e87868f793bad726eabc1142b587
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:9e:e7:ed:6a:27:f2:e7:7e:b2:fa:15:ec:de:
                    4b:00:0a:0f:72:ba:6c:2a:d7:d1:79:ee:81:91:d2:
                    f6:44:8e:9e:59:36:ce:8a:ad:88:ab:39:72:58:c7:
                    aa:4d:2c:38:d0:ec:5b:df:6f:fb:5c:db:03:52:5d:
                    c4:92:ee:db:06:d9:7a:e1:ce:c9:56:2c:77:81:83:
                    47:a1:33:38:0e:39:a5:1e:91:13:f4:06:de:15:4c:
                    72:bd:6e:17:7d:99:a0:29:32:01:09:95:1d:d8:f5:
                    cf:26:c5:15:5c:f2:30:3c:2a:67:76:42:a3:55:b3:
                    ae:a9:3f:16:cf:22:cb:50:4c:8a:10:df:85:0b:95:
                    ad:98:58:d2:be:c3:d5:4e:c5:0d:2b:7a:2a:16:9c:
                    02:c8:93:87:5d:fd:c7:c2:93:04:c5:ca:bb:c3:08:
                    7d:18:a0:a6:0f:ed:70:cc:16:e9:3a:05:26:3a:e7:
                    4a:6a:a9:d0:2b:e3:5f:7b:30:07:5d:39:1a:2a:b6:
                    93:80:98:cc:a7:bc:5b:cf:d5:21:66:a7:53:2b:19:
                    46:0d:a8:51:3d:a2:84:69:a8:41:d7:2f:8f:1a:e9:
                    77:ab:85:d3:d3:19:d0:20:0e:de:93:08:72:c5:3b:
                    ff:48:a6:0d:46:2c:51:89:d7:09:c1:a6:5d:af:cb:
                    5f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:35:29:47:5B:00:E8:78:68:F7:93:BA:D7:26:EA:BC:11:42:B5:87
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c2:44:7e:3e:78:ed:bb:1c:79:dc:a1:09:67:14:f7:2c:bd:68:
         c8:5a:d8:a9:04:4f:4e:bf:ac:cc:c4:cc:c1:45:b6:17:c0:85:
         06:43:b3:3b:c9:52:d5:b8:d2:68:91:33:28:1f:e4:7f:63:b3:
         82:fa:8a:2d:e7:46:0c:95:3a:c4:00:14:d1:d0:8b:02:27:11:
         af:b8:d7:25:8b:83:ea:5a:c6:5b:f2:78:d3:df:4d:91:b4:a7:
         69:82:1d:42:d9:7d:07:94:23:0a:c3:8d:77:06:b0:0e:34:e5:
         8b:5f:d9:25:2f:46:cd:36:98:26:e9:27:78:5a:c7:99:3d:e8:
         36:e1:96:ce:f9:68:90:38:37:9b:2f:33:61:7c:9d:89:c0:2b:
         6a:26:5a:6a:d2:45:a4:f5:bc:e8:d6:e7:a5:e1:b9:6f:59:67:
         a5:b8:45:ef:64:83:69:10:a3:7a:97:fa:8b:d6:9a:ae:07:cf:
         86:67:0d:82:56:10:82:d7:86:13:5c:7f:2b:f6:c8:68:3f:fd:
         c9:7d:de:35:5e:e2:d8:73:1d:54:9d:3e:bb:db:71:80:7c:ec:
         d7:2d:7b:17:d0:70:bf:b2:99:20:a9:4f:64:68:b0:d0:f7:f2:
         de:23:ca:1a:62:f0:9e:41:a5:b4:59:0e:e6:4b:f2:70:5f:8a:
         6e:7d:4b:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLdEMTYVC/HTC8blRsP5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjQxMTIzMDQwMDQwWhcNMjQxMTI0MDQwMDQwWjAzMTEwLwYDVQQD
Eyg3MzM1Mjk0NzViMDBlODc4NjhmNzkzYmFkNzI2ZWFiYzExNDJiNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk57n7Won8ud+svoV7N5LAAoPcrps
KtfRee6BkdL2RI6eWTbOiq2IqzlyWMeqTSw40Oxb32/7XNsDUl3Eku7bBtl64c7J
Vix3gYNHoTM4DjmlHpET9AbeFUxyvW4XfZmgKTIBCZUd2PXPJsUVXPIwPCpndkKj
VbOuqT8WzyLLUEyKEN+FC5WtmFjSvsPVTsUNK3oqFpwCyJOHXf3HwpMExcq7wwh9
GKCmD+1wzBbpOgUmOudKaqnQK+NfezAHXTkaKraTgJjMp7xbz9UhZqdTKxlGDahR
PaKEaahB1y+PGul3q4XT0xnQIA7ekwhyxTv/SKYNRixRidcJwaZdr8tftwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHM1KUdbAOh4aPeTutcm6rwRQrWHMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwkR+Pnjt
uxx53KEJZxT3LL1oyFrYqQRPTr+szMTMwUW2F8CFBkOzO8lS1bjSaJEzKB/kf2Oz
gvqKLedGDJU6xAAU0dCLAicRr7jXJYuD6lrGW/J4099NkbSnaYIdQtl9B5QjCsON
dwawDjTli1/ZJS9GzTaYJukneFrHmT3oNuGWzvlokDg3my8zYXydicAraiZaatJF
pPW86NbnpeG5b1lnpbhF72SDaRCjepf6i9aargfPhmcNglYQgteGE1x/K/bIaD/9
yX3eNV7i2HMdVJ0+u9txgHzs1y17F9Bwv7KZIKlPZGiw0Pfy3iPKGmLwnkGltFkO
5kvycF+Kbn1LhQ==
-----END CERTIFICATE-----