Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          SdI3m5FQuk3Xtj/7xfdM92E+BxG5d84/PMv9UKBTiVo=
Subject key identifier:   29:B8:1D:03:DD:87:4F:26:69:83:F0:B2:0E:1D:AE:3E:5A:EB:FC:C0
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       0198D51583D02061329CF15325114CAA73F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          05A8
Signing time:             Sat 23 Aug 2025 04:00:13 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:13 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:13 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: pgaGewRvZc51EsJU073aFQfHN7zrK2EqLBAyKq/lTw0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:83:d0:20:61:32:9c:f1:53:25:11:4c:aa:73:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Aug 23 04:00:13 2025 GMT
            Not After : Aug 24 04:00:13 2025 GMT
        Subject: CN=29b81d03dd874f266983f0b20e1dae3e5aebfcc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:95:46:ea:a4:31:25:d8:09:50:56:3a:2c:ad:
                    03:4a:ee:e7:a8:37:7e:4c:26:73:74:34:23:b7:30:
                    c7:2d:fe:ff:80:59:cf:9c:91:65:c3:27:ae:92:c9:
                    5f:0b:34:38:2c:80:90:36:73:dc:79:1f:91:40:ac:
                    2a:a7:03:9e:22:c0:18:6e:70:76:69:48:e2:ba:16:
                    8b:a8:64:72:c4:4a:25:ad:8b:6b:9a:aa:1f:c2:28:
                    8d:2e:49:9e:94:b6:8c:39:0a:fa:81:15:60:b3:7a:
                    fd:5a:84:2f:40:26:13:8f:a2:ba:48:67:93:ea:a4:
                    9b:12:c7:f1:a8:e5:de:31:d6:71:47:86:60:a0:32:
                    8e:87:6b:07:f5:30:bf:75:35:7b:dc:be:84:1a:a2:
                    79:fc:52:5a:70:f8:86:a8:be:7b:f6:b4:82:74:24:
                    3d:50:2b:fc:d3:04:5a:ac:c4:62:f8:4e:8f:1f:c3:
                    3f:f8:c6:06:85:50:7c:61:2b:03:b8:9a:55:35:1e:
                    2b:28:35:9f:83:cd:c7:ca:d8:be:c0:4e:04:46:bf:
                    43:4d:eb:31:4a:fd:61:7a:43:a0:62:ef:cd:d6:be:
                    0d:d3:c3:32:69:ae:0b:c9:1b:e2:73:fb:92:e8:96:
                    ea:c9:d7:71:66:6f:73:8e:00:83:77:1c:68:9f:36:
                    f9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:B8:1D:03:DD:87:4F:26:69:83:F0:B2:0E:1D:AE:3E:5A:EB:FC:C0
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:c0:82:44:50:fa:df:9f:af:1d:dc:6f:e6:a5:a8:c6:a1:f5:
         aa:3c:f7:51:7d:4a:ad:54:10:c2:36:44:ee:9d:15:85:e3:10:
         8f:c5:b1:43:21:f3:f5:e8:de:c5:85:cc:f2:65:7b:b6:29:f4:
         eb:77:db:d6:10:3c:2c:84:88:ab:f1:75:49:ce:b8:29:d5:af:
         f4:71:63:49:9a:6e:e4:30:7e:9a:49:0b:35:5c:c0:eb:b5:20:
         c8:ab:d0:67:44:2b:41:2c:21:77:e6:60:ff:1b:8f:15:52:7f:
         f5:1e:75:47:43:69:24:96:c5:a7:e0:38:37:ae:14:e9:9d:1f:
         07:62:74:88:02:91:66:33:6f:0c:83:23:cb:f3:c7:1d:c4:c9:
         74:17:97:25:eb:5e:e0:77:b5:db:d5:3e:c4:3d:e7:56:af:b2:
         07:fd:70:7e:b7:3a:a2:d1:94:62:e4:55:77:b9:14:b1:20:5e:
         1d:a4:14:60:c6:7c:6c:83:c4:4e:9e:95:f1:06:50:b2:18:01:
         6b:1f:76:32:63:8c:54:5e:b4:22:c4:1f:a9:5f:49:6a:bb:fe:
         c7:d0:35:5a:5a:2c:6f:6f:69:bb:43:c1:ca:f4:71:45:b5:8d:
         87:55:9f:bf:c5:84:30:30:d7:72:6a:60:18:a7:a1:85:0f:f1:
         96:6d:6c:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFYPQIGEynPFTJRFMqnP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjUwODIzMDQwMDEzWhcNMjUwODI0MDQwMDEzWjAzMTEwLwYDVQQD
EygyOWI4MWQwM2RkODc0ZjI2Njk4M2YwYjIwZTFkYWUzZTVhZWJmY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JVG6qQxJdgJUFY6LK0DSu7nqDd+
TCZzdDQjtzDHLf7/gFnPnJFlwyeukslfCzQ4LICQNnPceR+RQKwqpwOeIsAYbnB2
aUjiuhaLqGRyxEolrYtrmqofwiiNLkmelLaMOQr6gRVgs3r9WoQvQCYTj6K6SGeT
6qSbEsfxqOXeMdZxR4ZgoDKOh2sH9TC/dTV73L6EGqJ5/FJacPiGqL579rSCdCQ9
UCv80wRarMRi+E6PH8M/+MYGhVB8YSsDuJpVNR4rKDWfg83Hyti+wE4ERr9DTesx
Sv1hekOgYu/N1r4N08Myaa4LyRvic/uS6JbqyddxZm9zjgCDdxxonzb5lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCm4HQPdh08maYPwsg4drj5a6/zAMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASsCCRFD6
35+vHdxv5qWoxqH1qjz3UX1KrVQQwjZE7p0VheMQj8WxQyHz9ejexYXM8mV7tin0
63fb1hA8LISIq/F1Sc64KdWv9HFjSZpu5DB+mkkLNVzA67UgyKvQZ0QrQSwhd+Zg
/xuPFVJ/9R51R0NpJJbFp+A4N64U6Z0fB2J0iAKRZjNvDIMjy/PHHcTJdBeXJete
4He129U+xD3nVq+yB/1wfrc6otGUYuRVd7kUsSBeHaQUYMZ8bIPETp6V8QZQshgB
ax92MmOMVF60IsQfqV9Jarv+x9A1Wlosb29pu0PByvRxRbWNh1Wfv8WEMDDXcmpg
GKehhQ/xlm1sUA==
-----END CERTIFICATE-----