Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
File:                     AVkheESIrdmgVmH_EXh-x1TmBeU.mft (raw, json)
Hash identifier:          1wfVeiyDLOIOixTlgqQV7X5Ge0xp79erpFOSTZWL418=
Subject key identifier:   58:6D:03:E5:11:B3:7D:2A:89:B4:0B:14:46:DB:A3:AA:0D:57:29:86
Authority key identifier: 01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5
Certificate issuer:       /CN=015921784488add9a05661ff11787ec754e605e5
Certificate serial:       01974C69C7C463DBC5CC4EB022A0EECA8798
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 22:01:30 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:30 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:30 +0000
Files and hashes:         1: AVkheESIrdmgVmH_EXh-x1TmBeU.crl (hash: qFnYRW1pke7697eg5Q/KpkP+MgYPjLU0thvW23jLLlo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:c7:c4:63:db:c5:cc:4e:b0:22:a0:ee:ca:87:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015921784488add9a05661ff11787ec754e605e5
        Validity
            Not Before: Jun  7 22:01:30 2025 GMT
            Not After : Jun  8 22:01:30 2025 GMT
        Subject: CN=586d03e511b37d2a89b40b1446dba3aa0d572986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:50:da:32:e8:f4:f3:2a:c5:13:05:35:77:08:
                    bc:4f:93:de:58:b0:b9:45:35:42:f1:a2:ab:4a:34:
                    ce:b0:3f:65:cd:77:a1:8c:db:53:9c:54:0a:32:d3:
                    55:9b:f1:b6:20:c9:9d:3e:16:0e:d5:17:11:32:c5:
                    0a:f2:8f:9f:34:65:ba:fe:7d:b8:cc:8f:9f:c0:4b:
                    ef:47:1b:47:e8:e1:23:29:fe:f7:47:bc:2a:bb:50:
                    d5:f1:85:91:76:d2:be:ba:06:8d:cb:80:fb:b3:d9:
                    8d:c3:d9:54:43:f3:c9:e8:88:e5:f4:23:13:dd:25:
                    dc:f2:45:b5:b1:03:ad:64:2e:10:ab:b8:b4:af:41:
                    d6:03:a4:3c:49:af:66:92:36:55:a1:57:4b:c2:32:
                    86:be:5a:e9:3d:78:04:9e:49:8f:35:cc:7c:1c:cf:
                    33:df:30:82:89:ea:40:4a:49:11:72:cf:79:06:90:
                    73:73:df:36:cd:7d:93:af:90:58:44:5a:4d:dd:ef:
                    f9:e1:62:35:77:d4:9d:e9:fb:c9:61:eb:0b:37:d9:
                    b8:93:60:ab:a9:82:5f:f4:ba:a1:97:1d:f4:f0:e3:
                    99:56:46:65:75:9b:55:fa:15:27:e8:95:20:49:25:
                    ff:f3:c6:54:57:34:34:03:cb:8c:51:43:75:58:b7:
                    80:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:6D:03:E5:11:B3:7D:2A:89:B4:0B:14:46:DB:A3:AA:0D:57:29:86
            X509v3 Authority Key Identifier:
                keyid:01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:61:c1:80:32:f2:64:79:e6:14:ef:84:56:82:61:d3:d9:07:
         db:c3:81:50:26:8a:6c:1b:4f:66:ca:e0:cd:30:7a:87:86:19:
         68:84:bf:b8:3d:fd:8e:03:ac:42:b1:dc:e2:a6:65:ff:d3:c4:
         4c:35:74:ba:56:9a:99:07:2b:4b:9e:00:02:52:bd:9c:08:ae:
         a1:28:b8:ed:95:28:d8:fa:94:39:f7:a5:01:3a:1a:9c:46:7b:
         b1:87:12:11:09:4b:dc:7c:b5:d5:6c:4d:7e:24:66:80:0b:e0:
         a5:29:d3:59:64:d8:7e:71:77:6f:c0:a1:56:7f:41:85:fd:8f:
         91:3a:60:4d:50:4e:8f:fc:b8:79:73:82:78:aa:f0:5e:9e:bc:
         46:67:e0:5d:10:67:71:6e:d2:51:5c:4c:e5:98:4c:a7:09:88:
         0a:22:62:00:27:65:75:a7:8e:12:44:54:88:f2:11:3e:7e:3d:
         92:04:d8:9c:7a:29:54:13:2b:dc:7c:91:fc:3d:3b:b0:bb:21:
         c2:56:73:bc:4b:6c:01:16:5e:40:3e:b3:6f:da:ce:98:5c:7f:
         5d:c9:49:e6:cf:c1:cc:0d:cf:10:8d:62:30:57:29:8c:cb:8d:
         ce:78:91:9b:5c:56:26:13:40:3b:d6:1b:df:22:9a:01:23:83:
         c4:93:b9:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMacfEY9vFzE6wIqDuyoeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTkyMTc4NDQ4OGFkZDlhMDU2NjFmZjExNzg3ZWM3NTRl
NjA1ZTUwHhcNMjUwNjA3MjIwMTMwWhcNMjUwNjA4MjIwMTMwWjAzMTEwLwYDVQQD
Eyg1ODZkMDNlNTExYjM3ZDJhODliNDBiMTQ0NmRiYTNhYTBkNTcyOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylDaMuj08yrFEwU1dwi8T5PeWLC5
RTVC8aKrSjTOsD9lzXehjNtTnFQKMtNVm/G2IMmdPhYO1RcRMsUK8o+fNGW6/n24
zI+fwEvvRxtH6OEjKf73R7wqu1DV8YWRdtK+ugaNy4D7s9mNw9lUQ/PJ6Ijl9CMT
3SXc8kW1sQOtZC4Qq7i0r0HWA6Q8Sa9mkjZVoVdLwjKGvlrpPXgEnkmPNcx8HM8z
3zCCiepASkkRcs95BpBzc982zX2Tr5BYRFpN3e/54WI1d9Sd6fvJYesLN9m4k2Cr
qYJf9Lqhlx308OOZVkZldZtV+hUn6JUgSSX/88ZUVzQ0A8uMUUN1WLeAHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhtA+URs30qibQLFEbbo6oNVymGMB8GA1UdIwQY
MBaAFAFZIXhEiK3ZoFZh/xF4fsdU5gXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDkt
OGE5MTg0MDBmMjYwLzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDktOGE5MTg0MDBmMjYw
LzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHWHBgDLy
ZHnmFO+EVoJh09kH28OBUCaKbBtPZsrgzTB6h4YZaIS/uD39jgOsQrHc4qZl/9PE
TDV0ulaamQcrS54AAlK9nAiuoSi47ZUo2PqUOfelAToanEZ7sYcSEQlL3Hy11WxN
fiRmgAvgpSnTWWTYfnF3b8ChVn9Bhf2PkTpgTVBOj/y4eXOCeKrwXp68RmfgXRBn
cW7SUVxM5ZhMpwmICiJiACdldaeOEkRUiPIRPn49kgTYnHopVBMr3HyR/D07sLsh
wlZzvEtsARZeQD6zb9rOmFx/XclJ5s/BzA3PEI1iMFcpjMuNzniRm1xWJhNAO9Yb
3yKaASODxJO5gQ==
-----END CERTIFICATE-----