Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
File:                     AVkheESIrdmgVmH_EXh-x1TmBeU.mft (raw, json)
Hash identifier:          +RF23qh0vVxkqjCzBKaY1DjGtCD1njb0ToF2IKlAGVo=
Subject key identifier:   1C:4A:8B:42:1B:B9:5D:FC:0C:10:34:CE:09:91:9F:95:46:90:64:97
Authority key identifier: 01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5
Certificate issuer:       /CN=015921784488add9a05661ff11787ec754e605e5
Certificate serial:       019655382125A276B814AC815CD571A9420A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
Manifest number:          14FB
Signing time:             Sun 20 Apr 2025 22:01:03 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:03 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:03 +0000
Files and hashes:         1: AVkheESIrdmgVmH_EXh-x1TmBeU.crl (hash: uPgvI2MJz4KIzHXEc3H54JOPc8R7JXJHIVA60K0M/bs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:21:25:a2:76:b8:14:ac:81:5c:d5:71:a9:42:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015921784488add9a05661ff11787ec754e605e5
        Validity
            Not Before: Apr 20 22:01:03 2025 GMT
            Not After : Apr 21 22:01:03 2025 GMT
        Subject: CN=1c4a8b421bb95dfc0c1034ce09919f9546906497
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0f:54:ac:c4:cf:49:76:68:ee:bc:a1:74:22:
                    8f:90:b0:2b:13:85:13:66:1f:b6:92:b8:f3:47:6c:
                    27:93:f1:71:d2:6c:8c:54:57:12:32:14:96:cb:94:
                    d1:02:60:b5:7d:f7:2e:e7:b5:3b:3a:6a:7e:33:c7:
                    18:13:ab:d1:6d:82:07:9b:8a:bb:13:2c:55:5a:32:
                    b2:3c:a7:26:98:a5:72:fd:1f:84:d5:d9:51:3a:be:
                    14:8e:bb:ec:d8:06:77:19:73:2a:45:7a:74:9a:8b:
                    53:16:1b:e7:d9:ce:ce:cc:86:a1:12:31:1a:db:2a:
                    d8:aa:ea:c0:e2:9e:31:c3:00:28:4e:2f:96:98:0a:
                    fb:5f:5f:4c:b4:08:da:4a:1c:b4:bf:44:a4:ec:d8:
                    6e:f5:d4:3a:2e:d5:50:aa:ac:04:f1:3d:2c:66:e8:
                    eb:1e:d1:50:89:ce:9e:72:df:84:25:2f:0e:bb:de:
                    87:95:f8:15:dd:f4:4c:8f:6b:5a:8f:db:53:d5:db:
                    c4:27:d0:a2:fe:0f:e7:02:b8:59:c3:63:33:02:68:
                    67:47:51:ca:b8:8d:fd:be:60:0b:05:2b:69:99:4f:
                    83:dc:c4:2d:de:bd:8a:49:74:ae:db:72:29:f1:d2:
                    00:40:a9:33:e3:80:5e:90:28:32:db:46:3a:4d:87:
                    31:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:4A:8B:42:1B:B9:5D:FC:0C:10:34:CE:09:91:9F:95:46:90:64:97
            X509v3 Authority Key Identifier:
                keyid:01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:d3:cd:db:cc:94:3a:02:2d:dc:52:a2:4a:e4:37:f6:f1:8e:
         3b:10:d4:69:b2:11:88:cd:65:9e:02:5b:36:b7:b8:ab:fb:e8:
         a0:b7:bf:5c:3e:64:76:4f:3e:7e:45:91:a9:ff:65:1a:b7:c7:
         82:ec:cf:f5:44:ed:58:f8:3f:c8:92:e0:32:d0:07:27:a7:9d:
         87:cf:f6:b7:9c:0e:3d:5d:71:46:92:d8:89:ca:ea:c6:0d:b7:
         86:df:49:00:c5:7d:e6:2c:d9:1b:d8:6d:4f:fe:3f:5b:cb:e0:
         0d:7c:b0:6f:1d:62:c1:53:de:82:fd:70:4b:b8:2f:05:e9:b5:
         5f:94:43:e9:7a:97:a4:01:3b:4e:ee:fc:97:53:cd:9d:95:d0:
         28:77:20:25:9c:6d:08:78:ab:8e:22:fc:94:de:72:d1:3c:1f:
         fd:79:87:9c:74:03:a6:81:3f:90:0d:27:bb:8a:0d:bf:69:37:
         2f:8e:da:e3:2c:35:ca:06:e8:bd:0e:7e:af:57:e9:33:45:b5:
         4b:10:b7:61:78:d2:24:36:2f:9a:35:57:b1:44:1d:17:b6:5f:
         2f:9d:ee:78:cc:2b:65:42:df:90:a0:2f:5e:52:4f:84:06:e9:
         4c:22:d1:62:31:e7:c3:34:f9:a8:31:a4:6f:86:24:70:c9:da:
         f7:fb:26:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOCElona4FKyBXNVxqUIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTkyMTc4NDQ4OGFkZDlhMDU2NjFmZjExNzg3ZWM3NTRl
NjA1ZTUwHhcNMjUwNDIwMjIwMTAzWhcNMjUwNDIxMjIwMTAzWjAzMTEwLwYDVQQD
EygxYzRhOGI0MjFiYjk1ZGZjMGMxMDM0Y2UwOTkxOWY5NTQ2OTA2NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Q9UrMTPSXZo7ryhdCKPkLArE4UT
Zh+2krjzR2wnk/Fx0myMVFcSMhSWy5TRAmC1ffcu57U7Omp+M8cYE6vRbYIHm4q7
EyxVWjKyPKcmmKVy/R+E1dlROr4Ujrvs2AZ3GXMqRXp0motTFhvn2c7OzIahEjEa
2yrYqurA4p4xwwAoTi+WmAr7X19MtAjaShy0v0Sk7Nhu9dQ6LtVQqqwE8T0sZujr
HtFQic6ect+EJS8Ou96HlfgV3fRMj2taj9tT1dvEJ9Ci/g/nArhZw2MzAmhnR1HK
uI39vmALBStpmU+D3MQt3r2KSXSu23Ip8dIAQKkz44BekCgy20Y6TYcxCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxKi0IbuV38DBA0zgmRn5VGkGSXMB8GA1UdIwQY
MBaAFAFZIXhEiK3ZoFZh/xF4fsdU5gXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDkt
OGE5MTg0MDBmMjYwLzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDktOGE5MTg0MDBmMjYw
LzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkdPN28yU
OgIt3FKiSuQ39vGOOxDUabIRiM1lngJbNre4q/vooLe/XD5kdk8+fkWRqf9lGrfH
guzP9UTtWPg/yJLgMtAHJ6edh8/2t5wOPV1xRpLYicrqxg23ht9JAMV95izZG9ht
T/4/W8vgDXywbx1iwVPegv1wS7gvBem1X5RD6XqXpAE7Tu78l1PNnZXQKHcgJZxt
CHirjiL8lN5y0Twf/XmHnHQDpoE/kA0nu4oNv2k3L47a4yw1ygbovQ5+r1fpM0W1
SxC3YXjSJDYvmjVXsUQdF7ZfL53ueMwrZULfkKAvXlJPhAbpTCLRYjHnwzT5qDGk
b4YkcMna9/smLg==
-----END CERTIFICATE-----