Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          KLUd3DUVW15irQjfVPfgi5eP7czswBwSX8ljTJnQzjE=
Subject key identifier:   88:91:A8:41:16:46:11:72:F6:94:2E:63:07:68:11:B1:7A:3B:3A:90
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       0196DC2FD923CA3C30DD3E79C27F511E1354
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          0AA0
Signing time:             Sat 17 May 2025 03:00:45 +0000
Manifest this update:     Sat 17 May 2025 03:00:45 +0000
Manifest next update:     Sun 18 May 2025 03:00:45 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: 3/1KhUi6DlIgd1VKvnrLC6cTA0g8MwaVyClWIB7YW5s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 18 May 2025 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:dc:2f:d9:23:ca:3c:30:dd:3e:79:c2:7f:51:1e:13:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: May 17 03:00:45 2025 GMT
            Not After : May 18 03:00:45 2025 GMT
        Subject: CN=8891a84116461172f6942e63076811b17a3b3a90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:5c:e2:4b:3c:eb:ff:10:27:5a:60:cc:44:6f:
                    eb:e9:00:f1:c9:7a:f2:73:6e:8a:9f:8a:bb:8b:21:
                    56:9e:ac:d3:60:f6:ba:09:69:86:28:45:98:fe:86:
                    af:1b:60:77:29:1d:1c:50:be:8b:ea:5b:7e:5d:a7:
                    2a:9d:b1:9e:7e:c4:56:37:31:a5:4a:95:c7:01:1a:
                    9a:7a:7d:3d:c5:21:b0:88:68:35:7f:25:f3:37:54:
                    2b:66:64:cc:a6:47:5c:c1:be:6a:30:e2:10:81:f3:
                    42:a8:0f:99:a8:06:b0:8e:79:5f:27:a5:16:77:41:
                    7c:bb:3a:7d:4e:6d:40:9c:10:92:03:26:af:39:43:
                    ae:9c:f2:c3:49:09:e9:c3:7b:d0:30:fa:cc:ce:63:
                    ea:8e:fa:5c:f7:ae:16:4e:cc:87:f9:f1:23:33:03:
                    07:96:4c:80:e6:54:31:84:e3:44:9c:79:4c:df:5d:
                    04:a1:7f:6c:2e:05:d5:0f:2f:e9:80:00:91:6b:70:
                    1d:89:27:98:79:2f:a4:0d:89:03:cb:12:d8:0e:a4:
                    02:e7:4e:60:76:27:b8:b2:d3:79:dc:1b:ee:2a:18:
                    ae:15:1f:87:db:50:7f:d0:5f:1d:e6:66:1f:6b:d4:
                    ae:7e:09:66:9f:29:c7:7d:0b:64:5e:fe:c4:6e:a6:
                    93:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:91:A8:41:16:46:11:72:F6:94:2E:63:07:68:11:B1:7A:3B:3A:90
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:23:1b:d6:6d:fc:5a:f9:4d:63:a7:53:95:ee:54:4c:63:cf:
         16:36:a8:aa:46:b4:58:cc:11:9a:85:e1:00:d0:74:bd:c9:40:
         07:ff:de:f5:8d:97:88:17:41:a1:04:f7:90:80:ab:47:10:71:
         8c:52:c3:e0:0e:86:72:4a:9a:ee:d3:8e:8c:2d:7a:5d:18:6c:
         39:ff:cb:b5:22:54:fd:21:fe:ff:a7:f3:54:bc:91:be:e7:b3:
         33:e0:b9:69:2b:fa:26:8f:f4:79:44:bb:69:a4:85:35:82:71:
         f4:c5:32:2b:ea:cb:8a:c2:76:bd:f6:00:18:7b:b6:98:69:0e:
         27:e6:64:e9:40:da:fc:39:32:80:ab:93:27:2e:42:45:9a:2b:
         89:ec:e1:c5:43:f1:c3:59:56:85:00:70:b8:5c:68:76:99:8c:
         c2:b1:ac:71:b1:46:9b:1e:a5:d7:16:5e:c2:7a:eb:2b:2d:b1:
         3d:53:10:bf:1e:29:99:1f:27:35:0a:5c:61:83:bb:d2:33:d0:
         b8:2f:20:11:99:b9:f2:b3:ea:fe:35:6f:67:0e:ac:e3:32:4e:
         01:25:dc:79:35:fb:ec:5f:52:46:18:ea:55:02:d9:a2:44:21:
         f9:d3:dc:b9:9f:4c:f3:df:84:ce:d5:cd:a0:23:61:cb:d1:7c:
         98:f8:49:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbcL9kjyjww3T55wn9RHhNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjUwNTE3MDMwMDQ1WhcNMjUwNTE4MDMwMDQ1WjAzMTEwLwYDVQQD
Eyg4ODkxYTg0MTE2NDYxMTcyZjY5NDJlNjMwNzY4MTFiMTdhM2IzYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91ziSzzr/xAnWmDMRG/r6QDxyXry
c26Kn4q7iyFWnqzTYPa6CWmGKEWY/oavG2B3KR0cUL6L6lt+XacqnbGefsRWNzGl
SpXHARqaen09xSGwiGg1fyXzN1QrZmTMpkdcwb5qMOIQgfNCqA+ZqAawjnlfJ6UW
d0F8uzp9Tm1AnBCSAyavOUOunPLDSQnpw3vQMPrMzmPqjvpc964WTsyH+fEjMwMH
lkyA5lQxhONEnHlM310EoX9sLgXVDy/pgACRa3AdiSeYeS+kDYkDyxLYDqQC505g
die4stN53BvuKhiuFR+H21B/0F8d5mYfa9SufglmnynHfQtkXv7EbqaTuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIiRqEEWRhFy9pQuYwdoEbF6OzqQMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdCMb1m38
WvlNY6dTle5UTGPPFjaoqka0WMwRmoXhANB0vclAB//e9Y2XiBdBoQT3kICrRxBx
jFLD4A6Gckqa7tOOjC16XRhsOf/LtSJU/SH+/6fzVLyRvuezM+C5aSv6Jo/0eUS7
aaSFNYJx9MUyK+rLisJ2vfYAGHu2mGkOJ+Zk6UDa/DkygKuTJy5CRZoriezhxUPx
w1lWhQBwuFxodpmMwrGscbFGmx6l1xZewnrrKy2xPVMQvx4pmR8nNQpcYYO70jPQ
uC8gEZm58rPq/jVvZw6s4zJOASXceTX77F9SRhjqVQLZokQh+dPcuZ9M89+EztXN
oCNhy9F8mPhJGA==
-----END CERTIFICATE-----