Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
File:                     AVkheESIrdmgVmH_EXh-x1TmBeU.mft (raw, json)
Hash identifier:          yt1vycU8JwzTpLabV9pRcHDGNOh3N+th44Qxx30EdzU=
Subject key identifier:   DF:1C:62:6D:C4:FA:3E:18:CB:0C:F4:02:2D:60:66:44:0B:69:72:76
Authority key identifier: 01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5
Certificate issuer:       /CN=015921784488add9a05661ff11787ec754e605e5
Certificate serial:       01991808F8391AE4DBC61B0A388489EF856E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
Manifest number:          1669
Signing time:             Fri 05 Sep 2025 04:01:04 +0000
Manifest this update:     Fri 05 Sep 2025 04:01:04 +0000
Manifest next update:     Sat 06 Sep 2025 04:01:04 +0000
Files and hashes:         1: AVkheESIrdmgVmH_EXh-x1TmBeU.crl (hash: HFLLaGeALr6qUKyBXU3JaycR1olNhk/oXAHDuJPL/0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:08:f8:39:1a:e4:db:c6:1b:0a:38:84:89:ef:85:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015921784488add9a05661ff11787ec754e605e5
        Validity
            Not Before: Sep  5 04:01:04 2025 GMT
            Not After : Sep  6 04:01:04 2025 GMT
        Subject: CN=df1c626dc4fa3e18cb0cf4022d6066440b697276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:2e:c4:d8:62:97:d0:d9:47:81:a3:90:c0:75:
                    f7:d1:5a:f9:8d:12:7e:e8:1b:c6:4c:e1:a4:c0:6e:
                    79:b7:48:f5:dc:b5:8a:21:cc:c8:0c:d2:71:e3:84:
                    46:39:29:83:76:64:07:93:e5:3f:51:7e:cc:f6:12:
                    8e:58:a9:0f:6a:45:1d:a3:e7:35:0c:13:9e:5c:6c:
                    b3:a0:28:d3:1d:f3:95:e8:99:a6:63:a6:0d:3b:f6:
                    88:af:23:9d:e2:0b:c0:6e:41:70:86:b8:74:42:03:
                    59:00:94:a7:91:c1:01:90:0d:dd:16:43:3e:c5:30:
                    1c:be:63:4f:7f:c5:c3:b0:68:44:50:18:e4:bf:8b:
                    71:cd:56:57:47:17:b6:45:05:4d:e4:f8:ad:a4:35:
                    96:b4:9e:81:78:3f:fa:15:e0:e9:5d:5e:59:bd:fa:
                    32:b9:66:ce:9f:12:f2:72:32:63:22:0c:9d:a0:7f:
                    32:f8:0f:c7:d9:c1:11:2b:df:e7:f7:56:28:1e:55:
                    18:10:fa:cf:50:4b:bd:3f:89:4f:ab:15:15:7e:5d:
                    b5:b6:9d:79:08:4f:86:a6:be:76:91:ce:ce:3e:d8:
                    67:86:bc:7e:37:22:90:a6:2f:bf:ca:6a:a4:4c:46:
                    6f:ce:79:a0:3d:4a:a5:bc:c3:6b:c9:16:15:03:55:
                    f5:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:1C:62:6D:C4:FA:3E:18:CB:0C:F4:02:2D:60:66:44:0B:69:72:76
            X509v3 Authority Key Identifier:
                keyid:01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:a4:f1:1c:f9:bd:61:04:34:ce:69:cf:be:a9:d0:6a:e7:ee:
         07:8e:8c:ef:70:c2:65:d4:5b:34:ef:4d:00:86:a4:84:f5:e2:
         3d:41:4e:fc:76:c7:bc:00:4c:f4:a5:b0:01:2c:2f:47:d9:0d:
         ee:1b:b4:ef:ca:9f:bc:a8:da:e6:d2:6e:5c:70:58:b4:ef:18:
         e3:aa:53:a6:69:6b:e7:a8:34:96:62:9d:28:67:46:c1:d1:20:
         f5:0b:ba:64:71:b6:7a:bd:7d:f9:3d:c8:58:71:8c:38:1a:ef:
         8c:50:d8:e6:aa:39:c0:84:13:e3:fd:d7:b5:45:f6:1b:bc:8f:
         c2:26:a0:95:e3:12:a1:ae:25:fb:62:81:9b:d8:7f:cc:60:79:
         5a:ed:e3:a0:fa:d1:b0:59:df:40:cd:0c:18:c6:8a:cb:de:0e:
         4d:9e:45:d3:45:0a:05:f9:2b:75:61:36:91:d6:32:ea:f5:68:
         0d:7b:fe:ec:4e:e4:91:96:c6:71:24:16:1a:b5:28:c4:37:78:
         f8:83:26:04:42:e0:f3:a1:f5:c7:d4:6c:35:b1:d3:e0:29:85:
         9c:59:43:40:ef:63:e6:2e:06:fe:b1:61:5c:61:96:2f:3b:31:
         f5:23:6f:81:be:4f:50:fa:ea:45:0f:be:35:b3:a0:0e:3c:d6:
         2b:2b:67:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCPg5GuTbxhsKOISJ74VuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTkyMTc4NDQ4OGFkZDlhMDU2NjFmZjExNzg3ZWM3NTRl
NjA1ZTUwHhcNMjUwOTA1MDQwMTA0WhcNMjUwOTA2MDQwMTA0WjAzMTEwLwYDVQQD
EyhkZjFjNjI2ZGM0ZmEzZTE4Y2IwY2Y0MDIyZDYwNjY0NDBiNjk3Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5i7E2GKX0NlHgaOQwHX30Vr5jRJ+
6BvGTOGkwG55t0j13LWKIczIDNJx44RGOSmDdmQHk+U/UX7M9hKOWKkPakUdo+c1
DBOeXGyzoCjTHfOV6JmmY6YNO/aIryOd4gvAbkFwhrh0QgNZAJSnkcEBkA3dFkM+
xTAcvmNPf8XDsGhEUBjkv4txzVZXRxe2RQVN5PitpDWWtJ6BeD/6FeDpXV5Zvfoy
uWbOnxLycjJjIgydoH8y+A/H2cERK9/n91YoHlUYEPrPUEu9P4lPqxUVfl21tp15
CE+Gpr52kc7OPthnhrx+NyKQpi+/ymqkTEZvznmgPUqlvMNryRYVA1X1EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN8cYm3E+j4Yywz0Ai1gZkQLaXJ2MB8GA1UdIwQY
MBaAFAFZIXhEiK3ZoFZh/xF4fsdU5gXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDkt
OGE5MTg0MDBmMjYwLzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDktOGE5MTg0MDBmMjYw
LzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApaTxHPm9
YQQ0zmnPvqnQaufuB46M73DCZdRbNO9NAIakhPXiPUFO/HbHvABM9KWwASwvR9kN
7hu078qfvKja5tJuXHBYtO8Y46pTpmlr56g0lmKdKGdGwdEg9Qu6ZHG2er19+T3I
WHGMOBrvjFDY5qo5wIQT4/3XtUX2G7yPwiagleMSoa4l+2KBm9h/zGB5Wu3joPrR
sFnfQM0MGMaKy94OTZ5F00UKBfkrdWE2kdYy6vVoDXv+7E7kkZbGcSQWGrUoxDd4
+IMmBELg86H1x9RsNbHT4CmFnFlDQO9j5i4G/rFhXGGWLzsx9SNvgb5PUPrqRQ++
NbOgDjzWKytn3w==
-----END CERTIFICATE-----