Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          iovnKXDivzTHs4mMXEl7jas+gvdLQp0zuZKSsnlU0AI=
Subject key identifier:   73:6B:ED:59:98:F7:36:47:DD:16:04:E4:6F:12:16:0A:6E:23:74:D9
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       01975310093C562E17A40DF54478AE2A6678
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0B1D
Signing time:             Mon 09 Jun 2025 05:00:48 +0000
Manifest this update:     Mon 09 Jun 2025 05:00:48 +0000
Manifest next update:     Tue 10 Jun 2025 05:00:48 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: LhrfSFDLvX2TRXxWqAhpLn0Zg1lAeEhuid/nixE3C6A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:10:09:3c:56:2e:17:a4:0d:f5:44:78:ae:2a:66:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: Jun  9 05:00:48 2025 GMT
            Not After : Jun 10 05:00:48 2025 GMT
        Subject: CN=736bed5998f73647dd1604e46f12160a6e2374d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:10:a4:36:81:53:0e:a3:3b:cd:c7:05:01:b3:
                    32:ef:e4:46:9f:9d:60:d4:b6:ee:96:e1:84:fd:b9:
                    cf:4e:d8:a4:5b:87:11:45:f8:a5:f6:f0:64:c6:ca:
                    bd:e3:69:3b:9e:20:bc:a4:a6:58:70:6a:ce:bc:f8:
                    c7:46:f2:0c:28:62:3b:4f:1e:64:00:2d:5f:e3:93:
                    55:56:4b:72:40:25:78:88:dd:89:a6:2c:06:30:17:
                    3e:6c:15:d0:e6:37:57:63:48:29:2c:ae:fe:cc:f9:
                    01:f9:83:60:cd:d7:9b:d7:15:17:6b:0b:06:40:7c:
                    65:01:70:06:53:d7:91:60:0f:a5:9b:c8:42:d8:b2:
                    61:ab:b0:74:c8:d9:08:9b:d0:43:34:74:7c:c3:2c:
                    f4:94:fd:35:fa:53:16:36:ed:3c:9c:bd:51:06:52:
                    7d:05:18:58:2a:fd:33:de:91:97:bd:ca:31:94:67:
                    2e:3f:fc:40:fc:61:64:f6:10:61:b4:b0:2f:71:69:
                    d8:a7:e0:3c:8c:db:b8:f0:af:9c:90:fb:4a:46:fb:
                    db:b0:45:46:e3:82:b0:a2:b0:8f:81:75:f3:f8:e2:
                    ce:5c:e5:a4:b9:43:bf:d2:bc:9c:e3:42:3a:75:26:
                    5a:8c:4d:0c:ed:aa:32:f0:1b:0d:da:1c:99:02:9f:
                    71:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:6B:ED:59:98:F7:36:47:DD:16:04:E4:6F:12:16:0A:6E:23:74:D9
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:a6:4e:e3:2e:e7:de:12:d1:38:53:15:2b:b9:66:4b:5a:e3:
         4c:ca:a0:dd:d1:03:74:38:93:4e:b8:6f:7d:73:35:3b:57:1d:
         00:17:db:32:fc:04:cf:b9:94:fe:b7:f3:91:d5:25:1f:2d:d3:
         1a:69:33:6f:5e:c8:1a:9a:e2:ed:2f:47:25:1d:4f:a1:4d:6c:
         67:42:ed:6e:39:12:e6:a6:2e:00:c9:78:57:d0:0c:72:93:d7:
         c9:22:ae:a1:5d:9a:98:b2:2e:1c:13:9a:94:2b:e5:a4:56:d3:
         de:a7:88:fb:9a:bd:56:f7:59:78:7e:67:16:08:f2:9d:c2:fe:
         d1:26:27:a9:d0:a9:db:e1:5e:7d:f1:ea:b9:f8:4d:d3:99:5b:
         ed:64:99:5d:36:b0:55:3f:28:29:ac:b9:55:ab:a9:4f:d9:52:
         31:a2:5b:8b:f4:68:3e:be:b8:55:9a:3e:95:a3:4d:b9:d6:50:
         7d:7d:60:33:3f:af:03:67:db:de:8d:8b:c1:8b:1e:bf:3d:df:
         fa:5e:3b:d8:8a:4e:6e:9f:cf:8e:ad:eb:96:92:fd:0a:d0:4d:
         54:c1:cf:40:f9:b1:8b:00:5a:4f:7e:9f:fe:ca:9f:e2:80:c0:
         3f:0e:d7:50:7d:b6:a4:01:47:fb:f0:70:f3:6f:3d:7b:25:45:
         f2:88:5b:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTEAk8Vi4XpA31RHiuKmZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjUwNjA5MDUwMDQ4WhcNMjUwNjEwMDUwMDQ4WjAzMTEwLwYDVQQD
Eyg3MzZiZWQ1OTk4ZjczNjQ3ZGQxNjA0ZTQ2ZjEyMTYwYTZlMjM3NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BCkNoFTDqM7zccFAbMy7+RGn51g
1LbuluGE/bnPTtikW4cRRfil9vBkxsq942k7niC8pKZYcGrOvPjHRvIMKGI7Tx5k
AC1f45NVVktyQCV4iN2JpiwGMBc+bBXQ5jdXY0gpLK7+zPkB+YNgzdeb1xUXawsG
QHxlAXAGU9eRYA+lm8hC2LJhq7B0yNkIm9BDNHR8wyz0lP01+lMWNu08nL1RBlJ9
BRhYKv0z3pGXvcoxlGcuP/xA/GFk9hBhtLAvcWnYp+A8jNu48K+ckPtKRvvbsEVG
44KworCPgXXz+OLOXOWkuUO/0ryc40I6dSZajE0M7aoy8BsN2hyZAp9xcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNr7VmY9zZH3RYE5G8SFgpuI3TZMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6ZO4y7n
3hLROFMVK7lmS1rjTMqg3dEDdDiTTrhvfXM1O1cdABfbMvwEz7mU/rfzkdUlHy3T
Gmkzb17IGpri7S9HJR1PoU1sZ0LtbjkS5qYuAMl4V9AMcpPXySKuoV2amLIuHBOa
lCvlpFbT3qeI+5q9VvdZeH5nFgjyncL+0SYnqdCp2+FeffHqufhN05lb7WSZXTaw
VT8oKay5VaupT9lSMaJbi/RoPr64VZo+laNNudZQfX1gMz+vA2fb3o2LwYsevz3f
+l472IpObp/Pjq3rlpL9CtBNVMHPQPmxiwBaT36f/sqf4oDAPw7XUH22pAFH+/Bw
8289eyVF8ohbLg==
-----END CERTIFICATE-----