Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          Wm3l6XoUMVjYAb8jnDqAs4QiAicnlInlIUhHCv3nW2M=
Subject key identifier:   6A:11:74:9B:8E:D5:47:2E:F9:70:E3:95:AA:4B:F5:2F:46:CA:C0:76
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       0197C0ED2FC01E14C78BACA8667AE4FB6F46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          0519
Signing time:             Mon 30 Jun 2025 13:00:58 +0000
Manifest this update:     Mon 30 Jun 2025 13:00:58 +0000
Manifest next update:     Tue 01 Jul 2025 13:00:58 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: IfqOcXXl1/3jTg3/ttm+zo+3PTyhjiiJAaytCqQkv5g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 01 Jul 2025 13:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c0:ed:2f:c0:1e:14:c7:8b:ac:a8:66:7a:e4:fb:6f:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Jun 30 13:00:58 2025 GMT
            Not After : Jul  1 13:00:58 2025 GMT
        Subject: CN=6a11749b8ed5472ef970e395aa4bf52f46cac076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:27:94:35:7a:6b:4c:64:78:4d:be:41:8e:cf:
                    85:d6:7e:61:a5:c9:00:7c:96:1f:82:66:12:8f:58:
                    52:c7:f3:52:f8:68:4f:61:ce:b3:44:51:03:a4:59:
                    0a:c1:f6:06:73:49:a7:a8:81:57:23:7e:81:4f:f2:
                    78:c7:d2:d7:49:7e:50:87:58:aa:06:68:4d:d5:2d:
                    55:14:ad:67:e7:16:a4:9d:78:dd:f2:ce:29:5a:0c:
                    70:c7:91:fd:4c:8b:63:2b:5d:93:d9:e1:b9:64:f8:
                    ed:d4:49:57:21:5b:a0:7d:92:2c:24:3b:72:11:e2:
                    9c:4a:1d:6a:5a:71:cf:34:ba:55:60:cb:36:d6:c0:
                    eb:9a:87:fe:85:20:cb:49:81:93:e0:62:84:68:bf:
                    e7:ed:db:da:6d:ce:a1:45:12:c3:46:d8:7a:a4:a5:
                    b3:80:9e:37:0c:cf:fa:54:55:07:4d:53:fb:dd:6f:
                    83:ca:6e:37:66:ea:9a:b6:fe:71:35:72:59:98:5c:
                    91:ba:49:8e:af:0f:b6:2c:65:79:bb:4d:ae:5e:5b:
                    73:11:8f:fa:de:58:c8:ef:4d:e7:6e:51:01:0a:0d:
                    98:80:a5:98:68:ec:61:df:20:99:70:bf:a3:34:25:
                    a8:59:bc:47:f1:eb:03:ea:b9:f8:30:f4:ba:32:09:
                    d1:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:11:74:9B:8E:D5:47:2E:F9:70:E3:95:AA:4B:F5:2F:46:CA:C0:76
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:15:37:63:48:1b:a0:a8:c3:1c:c6:a2:28:94:40:2c:d2:2b:
         e3:bc:97:e8:4e:c1:e5:45:31:6f:63:97:ba:72:61:dd:7d:dd:
         79:4f:fd:20:c5:93:07:98:bf:d6:be:b2:51:27:86:ad:e7:24:
         0a:8f:bd:4d:a6:29:36:f0:a5:c1:56:11:ca:63:77:18:47:98:
         04:94:bb:27:01:f7:f0:4b:97:8a:60:f8:40:8d:d3:ba:ea:a3:
         04:b8:cc:d8:b4:2e:4a:4e:a2:29:a7:97:7b:0e:98:f7:91:5a:
         f7:fc:98:05:ed:c2:9a:bf:3c:e7:01:12:2b:9d:cf:c1:ae:1a:
         3f:a8:a6:e6:0f:ea:a0:4d:55:1a:a8:11:43:ac:4b:47:a5:04:
         d5:24:81:d6:32:ad:f6:48:56:e1:38:dd:c8:0a:72:58:42:b9:
         d9:76:cb:f0:dc:c1:e8:2d:11:9a:53:21:b1:5d:bb:1f:bf:a5:
         6e:b0:ed:ff:30:ed:a2:fa:d3:bd:a1:41:ac:91:dc:8a:4d:f3:
         e7:28:42:f0:8a:72:2c:94:d2:b5:58:13:fd:cb:83:00:77:19:
         97:b7:a3:bb:c6:9b:79:ea:5b:88:ce:f1:f3:60:73:74:c5:d8:
         d7:94:c1:ab:8a:20:8c:9b:f7:15:0d:b4:a1:0e:7e:52:b3:90:
         e3:8b:ce:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfA7S/AHhTHi6yoZnrk+29GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjUwNjMwMTMwMDU4WhcNMjUwNzAxMTMwMDU4WjAzMTEwLwYDVQQD
Eyg2YTExNzQ5YjhlZDU0NzJlZjk3MGUzOTVhYTRiZjUyZjQ2Y2FjMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyeUNXprTGR4Tb5Bjs+F1n5hpckA
fJYfgmYSj1hSx/NS+GhPYc6zRFEDpFkKwfYGc0mnqIFXI36BT/J4x9LXSX5Qh1iq
BmhN1S1VFK1n5xaknXjd8s4pWgxwx5H9TItjK12T2eG5ZPjt1ElXIVugfZIsJDty
EeKcSh1qWnHPNLpVYMs21sDrmof+hSDLSYGT4GKEaL/n7dvabc6hRRLDRth6pKWz
gJ43DM/6VFUHTVP73W+Dym43Zuqatv5xNXJZmFyRukmOrw+2LGV5u02uXltzEY/6
3ljI703nblEBCg2YgKWYaOxh3yCZcL+jNCWoWbxH8esD6rn4MPS6MgnRJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGoRdJuO1Ucu+XDjlapL9S9GysB2MB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARxU3Y0gb
oKjDHMaiKJRALNIr47yX6E7B5UUxb2OXunJh3X3deU/9IMWTB5i/1r6yUSeGreck
Co+9TaYpNvClwVYRymN3GEeYBJS7JwH38EuXimD4QI3TuuqjBLjM2LQuSk6iKaeX
ew6Y95Fa9/yYBe3Cmr885wESK53Pwa4aP6im5g/qoE1VGqgRQ6xLR6UE1SSB1jKt
9khW4TjdyApyWEK52XbL8NzB6C0RmlMhsV27H7+lbrDt/zDtovrTvaFBrJHcik3z
5yhC8IpyLJTStVgT/cuDAHcZl7eju8abeepbiM7x82BzdMXY15TBq4ogjJv3FQ20
oQ5+UrOQ44vO7g==
-----END CERTIFICATE-----