Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          pV5+u54rDNizfp/R8gnB/tP6wb9JDteK8vb0/E4gFOU=
Subject key identifier:   02:19:57:93:38:39:E4:3E:6E:ED:31:59:0A:E0:63:EF:B0:28:D9:22
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       019655DCD1B8BE97B79772420ACD404D1D21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          045D
Signing time:             Mon 21 Apr 2025 01:00:57 +0000
Manifest this update:     Mon 21 Apr 2025 01:00:57 +0000
Manifest next update:     Tue 22 Apr 2025 01:00:57 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: nIZfaAGUhuFFh+kEZ/No1uDi9WiuC0PctLpOJyqUb/4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:dc:d1:b8:be:97:b7:97:72:42:0a:cd:40:4d:1d:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Apr 21 01:00:57 2025 GMT
            Not After : Apr 22 01:00:57 2025 GMT
        Subject: CN=021957933839e43e6eed31590ae063efb028d922
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a6:4e:4d:c3:1d:3a:de:7e:b8:4f:2a:15:6e:
                    3d:2c:bc:bf:78:25:e7:c5:d6:4f:83:79:40:5a:3b:
                    0b:63:05:5c:b3:e7:ac:7f:ee:39:de:a9:60:72:a0:
                    e6:cd:49:8b:e5:9b:38:57:55:05:1b:ae:1f:c0:0a:
                    95:2b:30:ce:e9:83:1b:1b:24:7f:fa:b7:96:d7:65:
                    99:38:07:5b:7d:25:44:25:e8:fc:f7:b9:9b:74:d0:
                    16:3f:80:3f:b4:56:a3:0b:50:c5:68:4a:22:75:94:
                    f4:8e:6b:27:21:e8:e0:95:32:7e:c3:f2:e1:7e:86:
                    b1:fc:e7:f3:39:4b:8c:77:c5:11:d9:7d:fa:de:52:
                    0e:50:06:62:3b:68:ec:c2:8c:a2:75:ae:8e:3a:fd:
                    b0:d3:b7:8d:e5:63:ce:a0:c4:0e:79:49:45:d0:4f:
                    4f:ff:90:bb:bd:b5:17:99:81:12:6b:48:9c:25:97:
                    71:1e:31:13:f1:15:e4:ac:d5:f3:9d:2d:d0:1e:15:
                    5c:91:27:90:be:68:a1:6d:da:ae:d1:de:3e:e9:85:
                    28:1a:28:c1:53:99:b3:17:a4:67:e9:0f:12:f4:98:
                    53:d8:0c:ca:ae:44:26:e7:35:f2:c0:f9:22:b7:d4:
                    a1:a8:45:f7:09:f9:18:c9:18:14:4d:93:13:04:b7:
                    23:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:19:57:93:38:39:E4:3E:6E:ED:31:59:0A:E0:63:EF:B0:28:D9:22
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:04:ce:2f:b6:5d:e5:22:a7:d7:92:50:b4:3b:67:06:7e:f0:
         59:dc:fb:2c:ef:0d:73:a5:a2:13:df:c8:9e:6b:88:85:93:f8:
         c1:4d:b6:51:eb:3a:6e:04:56:62:bb:84:ee:85:6b:46:27:4d:
         30:f2:06:ba:6b:0a:d1:07:fe:80:4e:d7:aa:05:01:92:7d:f3:
         ec:f2:64:8b:80:43:86:fd:52:ae:e2:ce:cf:28:df:14:06:89:
         ed:2b:48:d4:e3:6b:65:ae:a3:26:9e:92:a6:d8:eb:fa:bd:a1:
         2b:88:34:b4:a9:9c:57:8f:a5:65:0e:b8:fe:ee:b3:88:ff:4c:
         78:1e:fc:10:72:21:21:34:c9:97:96:c5:9c:54:3a:ab:f0:89:
         9e:ca:dc:9e:ef:87:54:62:2f:46:b0:35:5e:a8:9a:84:da:da:
         cc:28:03:b1:e3:0b:0a:7f:aa:f2:0b:cc:c6:e0:40:be:4d:86:
         9d:b3:47:89:9f:a6:ef:a9:73:a1:fa:90:76:b3:9d:3f:4c:a2:
         5c:1f:12:27:5d:17:84:a0:a9:d5:b4:9c:bd:77:61:b5:8b:b4:
         75:e0:2c:fd:59:cf:ba:bb:a6:55:05:a0:ac:69:4f:3b:ef:22:
         89:42:31:d1:5e:69:9a:4c:68:bc:a0:bd:6e:a1:b0:dc:86:6f:
         2d:e8:51:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZV3NG4vpe3l3JCCs1ATR0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjUwNDIxMDEwMDU3WhcNMjUwNDIyMDEwMDU3WjAzMTEwLwYDVQQD
EygwMjE5NTc5MzM4MzllNDNlNmVlZDMxNTkwYWUwNjNlZmIwMjhkOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraZOTcMdOt5+uE8qFW49LLy/eCXn
xdZPg3lAWjsLYwVcs+esf+453qlgcqDmzUmL5Zs4V1UFG64fwAqVKzDO6YMbGyR/
+reW12WZOAdbfSVEJej897mbdNAWP4A/tFajC1DFaEoidZT0jmsnIejglTJ+w/Lh
foax/OfzOUuMd8UR2X363lIOUAZiO2jswoyida6OOv2w07eN5WPOoMQOeUlF0E9P
/5C7vbUXmYESa0icJZdxHjET8RXkrNXznS3QHhVckSeQvmihbdqu0d4+6YUoGijB
U5mzF6Rn6Q8S9JhT2AzKrkQm5zXywPkit9ShqEX3CfkYyRgUTZMTBLcj3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAIZV5M4OeQ+bu0xWQrgY++wKNkiMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPATOL7Zd
5SKn15JQtDtnBn7wWdz7LO8Nc6WiE9/InmuIhZP4wU22Ues6bgRWYruE7oVrRidN
MPIGumsK0Qf+gE7XqgUBkn3z7PJki4BDhv1SruLOzyjfFAaJ7StI1ONrZa6jJp6S
ptjr+r2hK4g0tKmcV4+lZQ64/u6ziP9MeB78EHIhITTJl5bFnFQ6q/CJnsrcnu+H
VGIvRrA1XqiahNrazCgDseMLCn+q8gvMxuBAvk2GnbNHiZ+m76lzofqQdrOdP0yi
XB8SJ10XhKCp1bScvXdhtYu0deAs/VnPurumVQWgrGlPO+8iiUIx0V5pmkxovKC9
bqGw3IZvLehRew==
-----END CERTIFICATE-----