Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          dQhPkXXsEBv3LslvJpk49vvv5nRcOWxbwLbLR02rOcQ=
Subject key identifier:   D8:E3:87:CC:75:38:EA:40:A1:CB:D8:63:16:1D:CF:A3:44:E2:BE:5D
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       01963FF9BA4064A80E39D47FCDAD96C729CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          14F0
Signing time:             Wed 16 Apr 2025 19:00:52 +0000
Manifest this update:     Wed 16 Apr 2025 19:00:52 +0000
Manifest next update:     Thu 17 Apr 2025 19:00:52 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: iJsZ8xjSjI15gJVJBWZI3MihN2eyt3qTEuy21DONq7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 19:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3f:f9:ba:40:64:a8:0e:39:d4:7f:cd:ad:96:c7:29:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Apr 16 19:00:52 2025 GMT
            Not After : Apr 17 19:00:52 2025 GMT
        Subject: CN=d8e387cc7538ea40a1cbd863161dcfa344e2be5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:94:3d:d3:19:c1:f4:49:3f:67:b0:45:92:30:
                    c5:8e:e8:cf:40:cd:86:51:cb:b4:4f:1a:f4:7b:b5:
                    ad:7d:c5:ce:58:8f:75:66:cd:90:f0:db:20:2d:b2:
                    d1:d8:2f:00:c6:fe:db:10:0d:38:8c:59:b9:a8:9c:
                    7c:1c:7f:0a:29:76:c4:0b:d4:f9:bc:81:6c:cd:69:
                    ef:32:8b:d3:77:c8:17:a1:8f:53:03:03:83:e8:49:
                    14:98:2f:c8:85:34:8b:ce:7b:a9:c3:ff:62:a3:43:
                    bf:46:1b:0f:8e:5a:e2:5f:a8:14:f3:b4:69:e4:1a:
                    2d:80:70:69:e5:c9:ba:51:03:dd:09:7f:df:aa:d0:
                    2b:89:3e:9f:d4:e0:64:5d:36:20:53:55:29:84:5b:
                    ab:05:43:32:b5:5c:c7:dc:c1:fa:a5:13:b9:1a:73:
                    9c:48:45:df:af:4a:86:c9:cd:01:00:48:b0:d6:03:
                    a2:ac:4d:84:f0:f1:22:d1:b7:70:80:5b:9e:4a:4a:
                    86:f5:2b:48:d1:93:56:6d:b3:32:98:51:e9:09:c6:
                    da:fc:ab:13:e5:cb:b2:95:26:0e:7f:03:cd:ed:09:
                    36:8f:71:a6:b7:1e:70:8d:da:f6:7f:60:4c:aa:7c:
                    3a:ef:ce:c4:b9:07:9c:94:aa:4f:29:4c:29:ea:3e:
                    7f:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E3:87:CC:75:38:EA:40:A1:CB:D8:63:16:1D:CF:A3:44:E2:BE:5D
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:bf:36:3d:fd:7a:e8:1e:7f:ac:42:69:e3:a4:cd:6a:19:7f:
         44:93:97:ca:80:45:b8:57:39:b1:8a:2f:ed:22:cb:f1:2b:21:
         bf:b3:fb:99:18:ad:f5:53:0e:61:68:08:ee:50:5c:65:9e:0a:
         80:80:e7:46:60:a8:30:03:27:3a:65:d2:a2:ec:cc:a5:5e:b2:
         c3:dd:0b:3f:46:a5:30:f7:7a:9c:1a:ba:42:10:c8:69:67:fb:
         47:e2:6e:18:fe:bf:b3:b0:e1:d1:83:ec:05:96:e0:65:65:93:
         34:96:07:fa:81:30:35:32:43:60:4b:6c:47:69:7a:0f:6b:ff:
         66:56:1a:42:7e:a5:9f:c7:1f:e1:27:f5:9c:20:39:2e:35:65:
         2c:76:51:47:c1:c5:0f:4f:a4:1c:f8:b5:a8:2b:4b:90:e8:2f:
         96:a9:50:8b:ba:d3:fe:d8:62:01:c3:b5:62:ca:f1:f3:a5:4e:
         31:d1:01:8f:9f:59:a6:e7:ca:b2:d0:02:57:63:c5:46:37:18:
         38:a0:dc:eb:6d:69:df:e4:69:9c:68:2a:4b:28:42:62:75:f7:
         d7:97:ea:d7:1a:00:e5:26:82:5f:0e:91:87:f8:d4:39:b7:89:
         51:e7:31:73:8c:8f:4e:3a:88:d4:40:66:52:d0:a5:a3:3b:ae:
         0a:ad:ad:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY/+bpAZKgOOdR/za2WxynOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUwNDE2MTkwMDUyWhcNMjUwNDE3MTkwMDUyWjAzMTEwLwYDVQQD
EyhkOGUzODdjYzc1MzhlYTQwYTFjYmQ4NjMxNjFkY2ZhMzQ0ZTJiZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JQ90xnB9Ek/Z7BFkjDFjujPQM2G
Ucu0Txr0e7WtfcXOWI91Zs2Q8NsgLbLR2C8Axv7bEA04jFm5qJx8HH8KKXbEC9T5
vIFszWnvMovTd8gXoY9TAwOD6EkUmC/IhTSLznupw/9io0O/RhsPjlriX6gU87Rp
5BotgHBp5cm6UQPdCX/fqtAriT6f1OBkXTYgU1UphFurBUMytVzH3MH6pRO5GnOc
SEXfr0qGyc0BAEiw1gOirE2E8PEi0bdwgFueSkqG9StI0ZNWbbMymFHpCcba/KsT
5cuylSYOfwPN7Qk2j3Gmtx5wjdr2f2BMqnw6787EuQeclKpPKUwp6j5/WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjjh8x1OOpAocvYYxYdz6NE4r5dMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY782Pf16
6B5/rEJp46TNahl/RJOXyoBFuFc5sYov7SLL8Sshv7P7mRit9VMOYWgI7lBcZZ4K
gIDnRmCoMAMnOmXSouzMpV6yw90LP0alMPd6nBq6QhDIaWf7R+JuGP6/s7Dh0YPs
BZbgZWWTNJYH+oEwNTJDYEtsR2l6D2v/ZlYaQn6ln8cf4Sf1nCA5LjVlLHZRR8HF
D0+kHPi1qCtLkOgvlqlQi7rT/thiAcO1Ysrx86VOMdEBj59ZpufKstACV2PFRjcY
OKDc621p3+RpnGgqSyhCYnX315fq1xoA5SaCXw6Rh/jUObeJUecxc4yPTjqI1EBm
UtClozuuCq2tiA==
-----END CERTIFICATE-----