Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
File:                     AKTVv_pzY0hD6QPjexj97g2sWFs.mft (raw, json)
Hash identifier:          SEsCS/r2sWflkIltgA7HIKnudc5r63eN8qT4CI1z9YM=
Subject key identifier:   79:99:09:C0:20:D2:68:1E:11:F1:CA:D9:CA:35:7D:8D:6C:38:C6:CA
Authority key identifier: 00:A4:D5:BF:FA:73:63:48:43:E9:03:E3:7B:18:FD:EE:0D:AC:58:5B
Certificate issuer:       /CN=00a4d5bffa73634843e903e37b18fdee0dac585b
Certificate serial:       0196AFFB75209DD8A07D956B1AB1BBBBA848
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
Manifest number:          51
Signing time:             Thu 08 May 2025 13:00:14 +0000
Manifest this update:     Thu 08 May 2025 13:00:14 +0000
Manifest next update:     Fri 09 May 2025 13:00:14 +0000
Files and hashes:         1: AKTVv_pzY0hD6QPjexj97g2sWFs.crl (hash: CP+8f5jCYlc2aJNX7/QTlcgDGf7MxB3y/K7iZxFqmkc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 09 May 2025 13:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:af:fb:75:20:9d:d8:a0:7d:95:6b:1a:b1:bb:bb:a8:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00a4d5bffa73634843e903e37b18fdee0dac585b
        Validity
            Not Before: May  8 13:00:14 2025 GMT
            Not After : May  9 13:00:14 2025 GMT
        Subject: CN=799909c020d2681e11f1cad9ca357d8d6c38c6ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:29:4f:9a:d8:99:ef:16:ac:ee:d9:c1:99:51:
                    85:c2:ec:87:45:ec:bc:07:39:36:c3:35:e2:a3:a0:
                    3e:4a:57:0b:c3:f1:68:0c:a4:40:e6:72:cf:2a:e9:
                    31:e7:bf:74:cf:6b:da:ce:02:cd:5a:73:d1:60:69:
                    87:d2:12:31:01:c0:1b:35:73:09:58:02:e0:bd:66:
                    71:fe:ab:ec:7a:7b:0b:1f:47:73:0e:7d:5c:3a:a7:
                    4f:bb:44:f5:58:57:79:26:c3:73:2b:71:24:bb:92:
                    dd:fc:dd:f0:3d:8b:35:70:f6:44:19:07:e0:a2:68:
                    b7:82:3e:29:98:8d:1a:a4:f0:9c:bf:26:78:27:3c:
                    5f:41:8d:36:2e:f5:a3:a1:8d:21:96:4a:8e:93:ad:
                    75:ad:f7:d3:ff:9a:97:1c:80:77:64:76:74:d5:32:
                    20:a6:e9:b0:a1:0c:1a:1f:c2:ac:1f:cd:81:fd:88:
                    63:18:95:d5:d2:de:bf:43:4f:73:c7:84:ce:25:39:
                    5d:6d:9b:08:01:39:35:3b:d1:1c:1c:3a:b5:44:c3:
                    ab:20:b8:c8:d2:d2:99:ef:1b:89:f9:53:e4:1b:47:
                    e3:40:1d:73:9d:42:31:f1:84:03:4b:6b:29:f9:68:
                    41:c7:87:84:63:11:5d:8e:9f:9f:15:fd:8f:fa:b7:
                    a7:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:99:09:C0:20:D2:68:1E:11:F1:CA:D9:CA:35:7D:8D:6C:38:C6:CA
            X509v3 Authority Key Identifier:
                keyid:00:A4:D5:BF:FA:73:63:48:43:E9:03:E3:7B:18:FD:EE:0D:AC:58:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AKTVv_pzY0hD6QPjexj97g2sWFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/96e640-85a5-475b-94cb-84ee69ed93a4/1/AKTVv_pzY0hD6QPjexj97g2sWFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:9c:f6:6b:a0:bf:16:e2:a8:8f:0e:f3:f1:5a:57:99:e9:af:
         71:d7:5e:60:94:73:65:2d:e0:2a:d0:62:d3:42:c9:e3:69:d5:
         ff:12:d1:ea:25:71:f4:24:60:19:59:79:e6:3c:88:2d:eb:0c:
         c4:c9:8b:22:25:df:d6:87:60:5c:c7:2e:d2:61:cc:5b:90:8c:
         81:39:be:d8:55:86:51:6b:e6:27:37:4e:3b:c5:85:78:56:ca:
         d8:f2:a0:5e:40:1f:1a:c5:eb:95:ec:3a:f1:d9:e3:ba:c4:85:
         27:0e:80:2a:6b:aa:4d:c1:85:65:9e:2a:e2:15:1b:fc:61:74:
         3c:96:ff:c7:94:86:ec:45:c6:5d:cc:64:48:74:28:48:2f:87:
         61:a4:ca:e2:9f:1a:0f:ef:d1:86:a3:16:47:6e:0e:1d:d2:9a:
         26:e7:51:b6:4f:d4:5e:41:07:3c:ff:d4:1b:3c:08:0c:b3:26:
         76:b4:7a:57:d7:01:6a:65:86:3b:e7:dd:56:73:10:50:65:8d:
         11:a3:04:4a:bd:88:35:bc:04:5e:3b:71:7a:d7:11:6f:7f:e9:
         95:14:c3:ba:89:09:bf:c4:4c:26:50:e4:b3:4e:62:88:e4:e9:
         78:2f:43:4a:7e:bb:d0:75:9a:92:82:60:cd:ca:8b:c0:97:2e:
         e9:1b:9c:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZav+3UgndigfZVrGrG7u6hIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYTRkNWJmZmE3MzYzNDg0M2U5MDNlMzdiMThmZGVlMGRh
YzU4NWIwHhcNMjUwNTA4MTMwMDE0WhcNMjUwNTA5MTMwMDE0WjAzMTEwLwYDVQQD
Eyg3OTk5MDljMDIwZDI2ODFlMTFmMWNhZDljYTM1N2Q4ZDZjMzhjNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwClPmtiZ7xas7tnBmVGFwuyHRey8
Bzk2wzXio6A+SlcLw/FoDKRA5nLPKukx5790z2vazgLNWnPRYGmH0hIxAcAbNXMJ
WALgvWZx/qvsensLH0dzDn1cOqdPu0T1WFd5JsNzK3Eku5Ld/N3wPYs1cPZEGQfg
omi3gj4pmI0apPCcvyZ4JzxfQY02LvWjoY0hlkqOk611rffT/5qXHIB3ZHZ01TIg
pumwoQwaH8KsH82B/YhjGJXV0t6/Q09zx4TOJTldbZsIATk1O9EcHDq1RMOrILjI
0tKZ7xuJ+VPkG0fjQB1znUIx8YQDS2sp+WhBx4eEYxFdjp+fFf2P+renrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmZCcAg0mgeEfHK2co1fY1sOMbKMB8GA1UdIwQY
MBaAFACk1b/6c2NIQ+kD43sY/e4NrFhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC85NmU2NDAtODVhNS00NzViLTk0Y2It
ODRlZTY5ZWQ5M2E0LzEvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC85NmU2NDAtODVhNS00NzViLTk0Y2ItODRlZTY5ZWQ5M2E0
LzEvQUtUVnZfcHpZMGhENlFQamV4ajk3ZzJzV0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACZz2a6C/
FuKojw7z8VpXmemvcddeYJRzZS3gKtBi00LJ42nV/xLR6iVx9CRgGVl55jyILesM
xMmLIiXf1odgXMcu0mHMW5CMgTm+2FWGUWvmJzdOO8WFeFbK2PKgXkAfGsXrlew6
8dnjusSFJw6AKmuqTcGFZZ4q4hUb/GF0PJb/x5SG7EXGXcxkSHQoSC+HYaTK4p8a
D+/RhqMWR24OHdKaJudRtk/UXkEHPP/UGzwIDLMmdrR6V9cBamWGO+fdVnMQUGWN
EaMESr2INbwEXjtxetcRb3/plRTDuokJv8RMJlDks05iiOTpeC9DSn670HWakoJg
zcqLwJcu6RucQQ==
-----END CERTIFICATE-----