Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          IZI/c1ekEE3esS80x1pafRanDNDNkMKIhm9mGfuZKag=
Subject key identifier:   D6:22:93:04:5F:21:DA:7A:78:75:A8:F3:BC:3E:98:53:A4:44:8D:06
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       01974C68FDD8B276711CD554BF0C3B012215
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 22:00:38 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:38 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:38 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: kH65L8aA9fKdDZLTd4sO0EhcrpJht/NJNa/mPg5Oc78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:68:fd:d8:b2:76:71:1c:d5:54:bf:0c:3b:01:22:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Jun  7 22:00:38 2025 GMT
            Not After : Jun  8 22:00:38 2025 GMT
        Subject: CN=d62293045f21da7a7875a8f3bc3e9853a4448d06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:cd:8c:93:4d:6d:27:b5:6a:3b:5a:b0:57:cc:
                    ee:25:e9:99:07:53:d0:a8:c9:ea:8f:ae:e2:88:91:
                    6a:8e:77:22:3b:03:82:c9:7d:d6:33:ed:0e:8d:ab:
                    8e:bc:35:68:8a:fe:3a:a2:ba:bf:33:d5:cb:69:d3:
                    ae:30:74:c2:f0:78:81:1e:dd:ac:63:f0:73:16:c4:
                    0c:56:77:23:ec:3b:fc:5d:f7:0c:85:35:93:dd:c3:
                    be:97:d2:b0:11:bf:14:c3:39:12:78:76:3a:d5:95:
                    45:56:d5:86:02:4a:65:e6:c6:7d:24:08:0b:9f:ba:
                    a9:b8:21:c9:3c:b9:83:31:c5:cf:91:8a:1b:cc:70:
                    ea:e0:fe:8e:69:02:2c:8e:f7:ab:e7:18:ae:4c:e1:
                    c3:a5:3f:3a:40:57:9a:cb:7d:76:d2:6c:f9:ba:00:
                    59:04:9e:c7:23:e9:7f:29:00:6c:9a:1c:28:af:8b:
                    a3:64:9b:36:bf:4c:75:31:b7:12:05:4d:0a:34:68:
                    fb:c2:b3:a9:05:52:d8:20:3a:83:3c:46:ad:44:ac:
                    93:62:1d:31:6c:e1:c6:0e:dd:4b:cf:b5:32:d5:b4:
                    eb:1b:67:b1:fd:91:be:fe:ae:2f:36:38:30:af:7a:
                    63:cc:87:55:13:78:80:bd:d0:0e:2a:b0:b6:e4:ca:
                    37:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:22:93:04:5F:21:DA:7A:78:75:A8:F3:BC:3E:98:53:A4:44:8D:06
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:56:24:b5:ce:14:d9:2b:4d:6e:c6:4d:7a:3e:36:44:1c:19:
         ca:3a:1d:07:37:9a:a2:df:16:6b:a7:be:bd:7a:4b:6e:41:97:
         99:91:0d:c6:ee:56:5a:ff:5c:e6:67:f2:cb:3f:0e:44:66:e7:
         5c:c0:5d:28:41:8f:93:81:2e:f5:86:29:be:03:a2:0d:8a:ac:
         37:bf:bb:f0:a7:60:ba:1c:52:fa:1c:fe:2f:45:f2:08:3e:4e:
         3a:42:7c:b7:dd:35:42:8a:6d:3b:2b:2d:2d:e9:8f:f9:22:47:
         f5:5c:02:ed:39:86:43:41:c9:bf:61:de:52:30:45:b6:76:ec:
         7b:80:a1:49:99:41:0b:9e:44:ff:4c:2f:65:80:81:ae:72:86:
         bc:8c:7d:53:fb:a1:7e:35:7a:5e:38:98:ae:bc:89:f2:a7:f4:
         0f:9f:2a:4b:c5:49:f2:5d:94:43:34:fa:b0:2c:39:51:ee:ce:
         e9:25:57:62:af:b0:5f:a5:24:5d:bb:13:e8:fb:b4:47:49:ad:
         ee:a6:cd:a4:9b:fb:ba:23:ae:33:7d:4f:c2:50:43:5b:fc:1f:
         6b:79:a7:ab:9f:44:3a:87:3d:37:bd:90:20:22:3b:53:14:eb:
         af:35:71:4d:f8:6e:db:35:ee:e6:45:97:50:92:23:90:d9:41:
         28:3e:81:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaP3YsnZxHNVUvww7ASIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUwNjA3MjIwMDM4WhcNMjUwNjA4MjIwMDM4WjAzMTEwLwYDVQQD
EyhkNjIyOTMwNDVmMjFkYTdhNzg3NWE4ZjNiYzNlOTg1M2E0NDQ4ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4c2Mk01tJ7VqO1qwV8zuJemZB1PQ
qMnqj67iiJFqjnciOwOCyX3WM+0OjauOvDVoiv46orq/M9XLadOuMHTC8HiBHt2s
Y/BzFsQMVncj7Dv8XfcMhTWT3cO+l9KwEb8UwzkSeHY61ZVFVtWGAkpl5sZ9JAgL
n7qpuCHJPLmDMcXPkYobzHDq4P6OaQIsjver5xiuTOHDpT86QFeay3120mz5ugBZ
BJ7HI+l/KQBsmhwor4ujZJs2v0x1MbcSBU0KNGj7wrOpBVLYIDqDPEatRKyTYh0x
bOHGDt1Lz7Uy1bTrG2ex/ZG+/q4vNjgwr3pjzIdVE3iAvdAOKrC25Mo3vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYikwRfIdp6eHWo87w+mFOkRI0GMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlYktc4U
2StNbsZNej42RBwZyjodBzeaot8Wa6e+vXpLbkGXmZENxu5WWv9c5mfyyz8ORGbn
XMBdKEGPk4Eu9YYpvgOiDYqsN7+78KdguhxS+hz+L0XyCD5OOkJ8t901QoptOyst
LemP+SJH9VwC7TmGQ0HJv2HeUjBFtnbse4ChSZlBC55E/0wvZYCBrnKGvIx9U/uh
fjV6XjiYrryJ8qf0D58qS8VJ8l2UQzT6sCw5Ue7O6SVXYq+wX6UkXbsT6Pu0R0mt
7qbNpJv7uiOuM31PwlBDW/wfa3mnq59EOoc9N72QICI7UxTrrzVxTfhu2zXu5kWX
UJIjkNlBKD6Bgw==
-----END CERTIFICATE-----