Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
File:                     afY2pbazoordg_l0Rtewg7lMPa4.mft (raw, json)
Hash identifier:          il9CUwVuq10ml8qPAyC5ElL/2SjWG2gf3p+xO+gT9Hw=
Subject key identifier:   8B:AA:78:0F:63:5A:9B:25:65:22:22:06:20:92:72:0A:46:BF:B8:27
Authority key identifier: 69:F6:36:A5:B6:B3:A2:8A:DD:83:F9:74:46:D7:B0:83:B9:4C:3D:AE
Certificate issuer:       /CN=69f636a5b6b3a28add83f97446d7b083b94c3dae
Certificate serial:       0196463240C05133EA20B5FD0815B0026939
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
Manifest number:          04C4
Signing time:             Fri 18 Apr 2025 00:00:20 +0000
Manifest this update:     Fri 18 Apr 2025 00:00:20 +0000
Manifest next update:     Sat 19 Apr 2025 00:00:20 +0000
Files and hashes:         1: afY2pbazoordg_l0Rtewg7lMPa4.crl (hash: QVAKJdvyRn/AoOEMYsjC5F6buWD/fjl6R7e5nnYqzF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 00:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:46:32:40:c0:51:33:ea:20:b5:fd:08:15:b0:02:69:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69f636a5b6b3a28add83f97446d7b083b94c3dae
        Validity
            Not Before: Apr 18 00:00:20 2025 GMT
            Not After : Apr 19 00:00:20 2025 GMT
        Subject: CN=8baa780f635a9b25652222062092720a46bfb827
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:78:af:cb:41:59:bd:e0:3a:4a:2f:d1:a4:84:
                    a0:2e:6a:c7:6f:42:aa:62:a5:08:d1:06:ac:72:25:
                    ef:5a:c1:3c:31:36:b6:cf:e1:4e:e5:0a:78:1c:a6:
                    bb:a7:de:05:93:b1:f8:43:cc:af:b3:8d:70:7c:9c:
                    37:39:96:8e:e7:c7:4a:40:f6:74:a0:69:1a:48:0c:
                    91:14:ab:e2:67:3c:26:11:2a:7e:31:a6:76:ce:52:
                    13:26:a5:0c:6a:ee:ae:2c:32:eb:42:61:74:37:a3:
                    a9:82:69:54:b9:f2:ca:eb:f2:30:03:af:d6:2d:0b:
                    71:99:9c:80:89:5f:55:7b:6b:1c:68:f8:33:87:b1:
                    09:aa:01:fd:91:93:fa:f2:2b:a7:fd:dd:d1:89:10:
                    dd:26:b7:43:5e:95:84:47:02:1c:e7:a3:4d:33:cf:
                    15:eb:48:fc:68:4a:e9:2b:41:9f:b9:0a:46:f0:0e:
                    c0:24:18:3d:64:58:57:81:67:36:31:4d:dd:b1:6d:
                    21:60:11:bb:24:75:97:10:05:45:c2:ff:2b:f9:53:
                    b3:91:bd:e7:cb:34:93:f5:cb:a1:65:d7:34:db:db:
                    c0:56:21:59:c3:64:39:38:ed:5d:ad:05:1b:86:98:
                    f0:3f:cd:25:24:4e:01:2a:d6:ad:78:bd:89:9f:93:
                    d2:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:AA:78:0F:63:5A:9B:25:65:22:22:06:20:92:72:0A:46:BF:B8:27
            X509v3 Authority Key Identifier:
                keyid:69:F6:36:A5:B6:B3:A2:8A:DD:83:F9:74:46:D7:B0:83:B9:4C:3D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:73:4e:b4:e3:b5:34:68:87:52:84:71:f9:11:85:a6:b3:5c:
         e6:43:2a:7b:4d:88:41:de:f5:ba:5b:f1:af:0f:02:6e:47:02:
         cd:ae:4e:b3:c5:88:65:48:6e:84:16:92:06:90:58:64:17:cf:
         f5:6c:43:b0:8d:4b:bc:a6:f6:af:a0:43:66:71:59:a4:e5:82:
         cc:bf:77:1b:f5:a0:b9:61:f3:ac:1b:4a:c2:d5:b8:8b:de:c4:
         f3:8a:81:74:a6:32:3b:a2:7a:d6:8c:77:fe:10:a7:68:5a:5c:
         d2:e7:41:5c:10:aa:5f:16:51:f6:64:c7:cc:c6:fc:19:c7:5c:
         19:fb:f4:81:89:6b:4f:5f:ff:9e:1e:bf:0d:cb:4f:28:aa:fa:
         8f:d4:3e:fc:5d:a8:96:cf:be:e9:8a:22:71:cb:37:3d:2d:31:
         88:be:f7:19:c9:6c:fd:a8:a2:15:1b:ed:9f:d1:78:d9:60:cc:
         b0:d2:5c:6c:00:fc:c7:1d:00:2e:85:e8:c2:e3:99:7e:d3:ac:
         fd:c4:0c:b8:c3:ae:6d:c9:5c:ec:68:26:1d:0b:37:7a:0a:52:
         f4:4e:db:58:04:e5:46:05:1c:55:a6:87:25:e4:55:aa:fa:d5:
         91:3e:a5:51:ff:5c:f1:c7:16:ff:99:53:90:e0:d3:ad:26:ff:
         e2:0b:05:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZGMkDAUTPqILX9CBWwAmk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjYzNmE1YjZiM2EyOGFkZDgzZjk3NDQ2ZDdiMDgzYjk0
YzNkYWUwHhcNMjUwNDE4MDAwMDIwWhcNMjUwNDE5MDAwMDIwWjAzMTEwLwYDVQQD
Eyg4YmFhNzgwZjYzNWE5YjI1NjUyMjIyMDYyMDkyNzIwYTQ2YmZiODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Xivy0FZveA6Si/RpISgLmrHb0Kq
YqUI0QasciXvWsE8MTa2z+FO5Qp4HKa7p94Fk7H4Q8yvs41wfJw3OZaO58dKQPZ0
oGkaSAyRFKviZzwmESp+MaZ2zlITJqUMau6uLDLrQmF0N6OpgmlUufLK6/IwA6/W
LQtxmZyAiV9Ve2scaPgzh7EJqgH9kZP68iun/d3RiRDdJrdDXpWERwIc56NNM88V
60j8aErpK0GfuQpG8A7AJBg9ZFhXgWc2MU3dsW0hYBG7JHWXEAVFwv8r+VOzkb3n
yzST9cuhZdc029vAViFZw2Q5OO1drQUbhpjwP80lJE4BKtateL2Jn5PSYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIuqeA9jWpslZSIiBiCScgpGv7gnMB8GA1UdIwQY
MBaAFGn2NqW2s6KK3YP5dEbXsIO5TD2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lOTk5NTQtYzAwZi00MDE0LThlNzEt
OGFlZTJiZjg5YjkxLzEvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lOTk5NTQtYzAwZi00MDE0LThlNzEtOGFlZTJiZjg5Yjkx
LzEvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3NOtOO1
NGiHUoRx+RGFprNc5kMqe02IQd71ulvxrw8CbkcCza5Os8WIZUhuhBaSBpBYZBfP
9WxDsI1LvKb2r6BDZnFZpOWCzL93G/WguWHzrBtKwtW4i97E84qBdKYyO6J61ox3
/hCnaFpc0udBXBCqXxZR9mTHzMb8GcdcGfv0gYlrT1//nh6/DctPKKr6j9Q+/F2o
ls++6Yoiccs3PS0xiL73Gcls/aiiFRvtn9F42WDMsNJcbAD8xx0ALoXowuOZftOs
/cQMuMOubclc7GgmHQs3egpS9E7bWATlRgUcVaaHJeRVqvrVkT6lUf9c8ccW/5lT
kODTrSb/4gsFzw==
-----END CERTIFICATE-----