Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          a0moXu447jTCOb3Y+tyPu2BpIgcFO4Bzfo6jzPQRbdo=
Subject key identifier:   F8:FC:9C:AE:2B:7C:47:7E:9F:F2:DC:B8:27:4C:D4:22:03:23:39:34
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       0196C5DE9BF4A7CA73AEF91ED2D7C254721F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          0497
Signing time:             Mon 12 May 2025 19:00:22 +0000
Manifest this update:     Mon 12 May 2025 19:00:22 +0000
Manifest next update:     Tue 13 May 2025 19:00:22 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: lFISUqEdypGBkhIwqW/WlXnH6FW2idxmTxTTmo9DyHg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 14:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:de:9b:f4:a7:ca:73:ae:f9:1e:d2:d7:c2:54:72:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: May 12 19:00:22 2025 GMT
            Not After : May 13 19:00:22 2025 GMT
        Subject: CN=f8fc9cae2b7c477e9ff2dcb8274cd42203233934
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:a5:22:91:c2:7f:fd:fd:eb:69:ee:76:00:b6:
                    46:3a:a8:11:c4:d8:f9:97:c0:29:a0:96:7e:12:50:
                    a0:45:59:6c:11:68:be:b6:53:91:00:7b:39:55:d6:
                    db:b1:8c:a5:c8:95:a4:96:fa:f4:82:e0:56:cb:b6:
                    d1:1f:8c:82:bf:07:fe:89:e6:a1:21:7e:6f:9f:fe:
                    4f:33:d2:8a:64:0a:fe:bd:23:0d:cb:31:45:a5:c1:
                    1a:a9:fd:fb:dc:83:e8:d4:9c:a1:ba:77:23:c2:6a:
                    f0:af:34:b4:ef:3a:e8:89:39:72:df:8c:50:d7:7a:
                    c0:88:7d:6f:e3:48:fe:d7:1e:ad:74:e5:d2:ff:9f:
                    96:e8:fb:2f:25:fc:37:cc:24:5e:96:b8:71:2b:62:
                    79:f9:2a:0d:10:5d:6d:c8:48:4e:ba:ef:3c:b8:bf:
                    17:a3:fa:66:10:28:f3:2e:cf:29:00:b6:20:0f:29:
                    38:c7:4e:cc:f8:6c:95:b6:33:c0:f0:74:cf:f7:c1:
                    46:da:27:7c:3b:a0:af:a6:d3:64:9e:db:90:2f:d5:
                    0c:4e:0d:54:85:39:90:87:16:0d:69:da:0b:57:4d:
                    9c:95:b0:dd:b3:7f:00:05:70:bf:a0:3b:12:bb:7b:
                    0f:6f:87:84:bf:6b:45:7a:2b:c1:49:67:bc:0d:7c:
                    31:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:FC:9C:AE:2B:7C:47:7E:9F:F2:DC:B8:27:4C:D4:22:03:23:39:34
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:44:8b:3a:22:f0:2f:23:5a:3e:78:ed:42:21:b3:33:da:b9:
         55:8b:63:5b:2b:83:40:19:39:a5:93:df:f4:ae:bb:7c:b7:96:
         ed:97:95:a0:11:a2:72:70:38:b9:0f:03:b3:4a:12:81:5b:10:
         cd:1c:1f:ef:41:43:8d:6c:40:9c:9b:4a:7d:b3:29:91:63:fd:
         af:81:d7:a0:b3:98:62:a5:1a:3d:77:f0:94:3e:d0:1b:9b:96:
         31:f9:3d:e4:c9:57:22:85:5e:21:aa:37:54:3d:17:b0:69:dc:
         c7:cd:51:6f:a8:58:5e:f2:bb:4b:87:53:ec:75:cf:2d:d2:46:
         28:f2:67:95:68:79:32:4f:61:15:12:74:53:ca:e4:a2:2e:f8:
         39:a9:18:8b:6b:05:e1:37:56:3a:08:a5:e1:fa:8a:36:7a:7c:
         02:25:51:4d:2b:71:b4:3f:cf:7f:a7:72:3e:1e:56:3d:d9:5c:
         db:55:de:0d:89:3b:04:cd:e6:74:56:98:79:05:40:2d:04:22:
         cf:b6:dd:9c:6f:e0:fb:bc:40:ea:b8:3a:04:48:a9:aa:ae:82:
         28:f6:e6:22:0b:13:f3:9d:19:ea:f0:df:67:e4:d1:05:4b:09:
         e5:cd:48:33:26:94:d8:99:d8:67:90:5b:63:69:8d:cf:a8:bd:
         d4:4e:e6:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbF3pv0p8pzrvke0tfCVHIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjUwNTEyMTkwMDIyWhcNMjUwNTEzMTkwMDIyWjAzMTEwLwYDVQQD
EyhmOGZjOWNhZTJiN2M0NzdlOWZmMmRjYjgyNzRjZDQyMjAzMjMzOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKUikcJ//f3rae52ALZGOqgRxNj5
l8ApoJZ+ElCgRVlsEWi+tlORAHs5VdbbsYylyJWklvr0guBWy7bRH4yCvwf+ieah
IX5vn/5PM9KKZAr+vSMNyzFFpcEaqf373IPo1JyhuncjwmrwrzS07zroiTly34xQ
13rAiH1v40j+1x6tdOXS/5+W6PsvJfw3zCRelrhxK2J5+SoNEF1tyEhOuu88uL8X
o/pmECjzLs8pALYgDyk4x07M+GyVtjPA8HTP98FG2id8O6CvptNkntuQL9UMTg1U
hTmQhxYNadoLV02clbDds38ABXC/oDsSu3sPb4eEv2tFeivBSWe8DXwxoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPj8nK4rfEd+n/LcuCdM1CIDIzk0MB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfESLOiLw
LyNaPnjtQiGzM9q5VYtjWyuDQBk5pZPf9K67fLeW7ZeVoBGicnA4uQ8Ds0oSgVsQ
zRwf70FDjWxAnJtKfbMpkWP9r4HXoLOYYqUaPXfwlD7QG5uWMfk95MlXIoVeIao3
VD0XsGncx81Rb6hYXvK7S4dT7HXPLdJGKPJnlWh5Mk9hFRJ0U8rkoi74OakYi2sF
4TdWOgil4fqKNnp8AiVRTStxtD/Pf6dyPh5WPdlc21XeDYk7BM3mdFaYeQVALQQi
z7bdnG/g+7xA6rg6BEipqq6CKPbmIgsT850Z6vDfZ+TRBUsJ5c1IMyaU2JnYZ5Bb
Y2mNz6i91E7mdA==
-----END CERTIFICATE-----