Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
File:                     IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft (raw, json)
Hash identifier:          9rAI4AzmErDNqdA5FFCKz0+CvcE1r9tuEEvh7MHHALA=
Subject key identifier:   D9:E5:CC:80:5F:10:A8:E5:EC:BE:92:B6:50:F9:AC:B4:AD:ED:BA:C5
Authority key identifier: 22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D
Certificate issuer:       /CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
Certificate serial:       0196A352801D7FCEBC95EF1994B17FA4D9DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
Manifest number:          0AF7
Signing time:             Tue 06 May 2025 02:00:15 +0000
Manifest this update:     Tue 06 May 2025 02:00:15 +0000
Manifest next update:     Wed 07 May 2025 02:00:15 +0000
Files and hashes:         1: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl (hash: jA9bgnyxcs+zOOPCZlJYtxR5ROoTxlbAMfSFVhBgdsE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a3:52:80:1d:7f:ce:bc:95:ef:19:94:b1:7f:a4:d9:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
        Validity
            Not Before: May  6 02:00:15 2025 GMT
            Not After : May  7 02:00:15 2025 GMT
        Subject: CN=d9e5cc805f10a8e5ecbe92b650f9acb4adedbac5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:da:c7:e3:37:8b:28:1a:05:0b:ae:5b:8e:fa:
                    b4:a4:16:62:e2:40:2c:16:ed:d3:86:d7:e2:ab:a1:
                    db:3f:e4:ac:b0:45:32:10:9a:68:cb:f8:62:69:dd:
                    78:d4:60:d4:5c:77:71:e0:94:e4:55:bf:e3:19:54:
                    11:4a:7a:b6:3b:80:ec:80:e1:2b:d5:c4:b1:a8:36:
                    89:6f:f3:d2:fc:ca:3c:bd:e0:36:56:08:d0:ae:dc:
                    06:d3:d2:8f:a3:e7:d9:6f:5a:90:4b:e8:f3:fd:04:
                    1c:dc:8f:1a:6f:45:d3:8d:b8:20:fe:37:69:d9:a5:
                    74:ad:e8:2b:49:7f:06:8a:d7:4c:83:63:b5:7d:bc:
                    d0:16:57:b6:a9:69:47:f1:78:90:db:78:54:b1:4d:
                    5a:10:9b:7b:6c:47:b8:34:b9:d6:da:e8:a4:eb:7d:
                    55:c8:10:46:c0:68:52:61:f8:2b:eb:e4:db:a6:d8:
                    54:97:40:2f:98:33:07:8f:14:fe:40:00:40:4b:65:
                    46:d5:53:c1:a7:be:e2:55:c9:ec:c9:16:8c:e1:89:
                    5b:cb:04:73:30:30:47:52:af:8c:02:b9:45:8e:99:
                    9c:d4:10:e1:2e:0a:ce:36:ce:a4:9f:7b:dd:da:5a:
                    fb:a6:4d:aa:31:90:8e:09:b9:68:76:69:28:3c:9f:
                    fa:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:E5:CC:80:5F:10:A8:E5:EC:BE:92:B6:50:F9:AC:B4:AD:ED:BA:C5
            X509v3 Authority Key Identifier:
                keyid:22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:82:5f:f0:c3:2c:22:0c:ec:32:8a:42:56:ab:39:4b:af:85:
         0d:c1:c9:25:49:e5:3d:c2:cd:23:80:dd:cb:2a:5e:c1:1a:70:
         a2:43:fb:e5:5c:9b:0b:9b:d0:80:fa:5a:03:3b:35:fd:2e:ec:
         5e:3f:85:5a:ff:bc:89:b0:c9:7f:30:3f:29:e2:94:e2:70:bb:
         e7:b7:7b:61:61:3d:5f:b0:70:ee:f4:6d:1b:e6:75:8a:9c:f9:
         41:30:41:b3:c1:9a:4f:dc:e0:26:e3:81:21:89:c3:16:d3:a9:
         3f:89:0e:8c:37:b1:91:43:b0:ee:33:a6:ad:0e:eb:e8:f5:5e:
         1e:0c:f2:2d:fe:db:a9:67:3d:31:49:b0:f9:f6:d6:ff:82:70:
         7f:1c:9a:e7:40:e6:d2:4a:4f:f8:75:de:24:ce:34:f9:4b:ee:
         98:30:ca:14:5b:9e:1f:c5:71:1c:e1:19:6e:0c:6e:eb:7a:07:
         6e:73:6e:e6:cc:29:b7:9d:9c:8e:03:25:58:ce:40:88:fc:3d:
         7f:b4:44:07:cf:f0:d2:19:20:93:12:fe:a2:ea:1a:6e:e9:14:
         a3:ef:fa:bb:34:6c:e2:11:e0:e5:4d:15:2a:5c:b2:ef:43:00:
         3e:d3:49:0a:7d:1c:35:b3:fa:a9:70:87:3e:f8:f7:61:b5:9d:
         d3:d9:bd:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZajUoAdf868le8ZlLF/pNncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmJlZjY5NWZhOTVkMGM5NTkwOWU1MWFhMWZhYjk0ZmM0
MDI2N2QwHhcNMjUwNTA2MDIwMDE1WhcNMjUwNTA3MDIwMDE1WjAzMTEwLwYDVQQD
EyhkOWU1Y2M4MDVmMTBhOGU1ZWNiZTkyYjY1MGY5YWNiNGFkZWRiYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNrH4zeLKBoFC65bjvq0pBZi4kAs
Fu3Thtfiq6HbP+SssEUyEJpoy/hiad141GDUXHdx4JTkVb/jGVQRSnq2O4DsgOEr
1cSxqDaJb/PS/Mo8veA2VgjQrtwG09KPo+fZb1qQS+jz/QQc3I8ab0XTjbgg/jdp
2aV0regrSX8GitdMg2O1fbzQFle2qWlH8XiQ23hUsU1aEJt7bEe4NLnW2uik631V
yBBGwGhSYfgr6+TbpthUl0AvmDMHjxT+QABAS2VG1VPBp77iVcnsyRaM4YlbywRz
MDBHUq+MArlFjpmc1BDhLgrONs6kn3vd2lr7pk2qMZCOCblodmkoPJ/6zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnlzIBfEKjl7L6StlD5rLSt7brFMB8GA1UdIwQY
MBaAFCL772lfqV0MlZCeUaofq5T8QCZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEt
ZjYyOTUwOGMwNzJkLzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEtZjYyOTUwOGMwNzJk
LzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnYJf8MMs
IgzsMopCVqs5S6+FDcHJJUnlPcLNI4DdyypewRpwokP75VybC5vQgPpaAzs1/S7s
Xj+FWv+8ibDJfzA/KeKU4nC757d7YWE9X7Bw7vRtG+Z1ipz5QTBBs8GaT9zgJuOB
IYnDFtOpP4kOjDexkUOw7jOmrQ7r6PVeHgzyLf7bqWc9MUmw+fbW/4Jwfxya50Dm
0kpP+HXeJM40+UvumDDKFFueH8VxHOEZbgxu63oHbnNu5swpt52cjgMlWM5AiPw9
f7REB8/w0hkgkxL+ouoabukUo+/6uzRs4hHg5U0VKlyy70MAPtNJCn0cNbP6qXCH
Pvj3YbWd09m9Eg==
-----END CERTIFICATE-----