Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/0319db-d1fb-4a0b-8f2d-34e181f13bc9/1/agYc8aPo-IYXhUvTtqza2KukWhw.mft
File:                     agYc8aPo-IYXhUvTtqza2KukWhw.mft (raw, json)
Hash identifier:          5zf67erk7DSV+BRjQaB6UmOMcMHN4pwxUKxR7Zyo1g8=
Subject key identifier:   31:66:DD:46:36:AF:E9:15:53:61:24:59:D4:AF:A1:D0:54:ED:C0:33
Authority key identifier: 6A:06:1C:F1:A3:E8:F8:86:17:85:4B:D3:B6:AC:DA:D8:AB:A4:5A:1C
Certificate issuer:       /CN=6a061cf1a3e8f88617854bd3b6acdad8aba45a1c
Certificate serial:       0196B8FF089E34C8AA21B16E41FC59904977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/agYc8aPo-IYXhUvTtqza2KukWhw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b9/0319db-d1fb-4a0b-8f2d-34e181f13bc9/1/agYc8aPo-IYXhUvTtqza2KukWhw.mft
Manifest number:          1530
Signing time:             Sat 10 May 2025 07:00:43 +0000
Manifest this update:     Sat 10 May 2025 07:00:43 +0000
Manifest next update:     Sun 11 May 2025 07:00:43 +0000
Files and hashes:         1: agYc8aPo-IYXhUvTtqza2KukWhw.crl (hash: tNT1CtwkMW856ReIvgGlLGNGVDq+gbqqHk599up1yqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b9/0319db-d1fb-4a0b-8f2d-34e181f13bc9/1/agYc8aPo-IYXhUvTtqza2KukWhw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b9/0319db-d1fb-4a0b-8f2d-34e181f13bc9/1/agYc8aPo-IYXhUvTtqza2KukWhw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/agYc8aPo-IYXhUvTtqza2KukWhw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 07:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b8:ff:08:9e:34:c8:aa:21:b1:6e:41:fc:59:90:49:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6a061cf1a3e8f88617854bd3b6acdad8aba45a1c
        Validity
            Not Before: May 10 07:00:43 2025 GMT
            Not After : May 11 07:00:43 2025 GMT
        Subject: CN=3166dd4636afe91553612459d4afa1d054edc033
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:87:68:34:6f:92:75:23:61:0c:b3:b9:9a:74:
                    5e:83:e9:e2:5d:71:29:a6:13:6e:97:e5:b0:0f:cb:
                    81:ff:08:54:82:ca:b5:58:70:d2:72:d3:45:57:2a:
                    96:28:c4:7d:76:86:f2:69:78:50:24:69:8f:2e:16:
                    1e:00:67:85:93:48:5e:c8:bd:65:9d:c3:e2:a0:66:
                    ea:a7:2d:ff:14:9e:01:f8:ab:c2:a0:de:f9:da:eb:
                    1d:c6:e1:7d:93:bd:51:9a:5f:63:84:01:97:32:44:
                    58:e4:51:07:33:58:52:31:ce:77:73:f6:09:ae:fb:
                    92:e9:ec:8e:c4:4c:69:53:f0:18:64:7c:43:b3:90:
                    d6:39:ac:bb:6c:ed:cc:23:26:1f:18:24:bc:2b:e3:
                    03:5e:5d:5b:71:2b:a6:47:1b:af:e4:f8:61:ce:58:
                    44:14:dc:59:55:40:72:a5:6e:73:bf:31:e7:dd:cb:
                    9d:e6:ca:4d:54:ba:69:91:73:65:0c:50:0f:dd:ce:
                    f5:8a:00:66:e9:4d:11:a2:ca:e9:89:37:ed:23:03:
                    a3:00:9c:01:dd:39:56:70:99:95:6a:83:c1:e4:76:
                    61:2c:62:20:90:3c:9c:b2:eb:c8:86:c4:59:c4:d1:
                    9c:c5:ec:ec:d5:c7:98:99:61:fe:f0:56:c5:53:aa:
                    0c:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:66:DD:46:36:AF:E9:15:53:61:24:59:D4:AF:A1:D0:54:ED:C0:33
            X509v3 Authority Key Identifier:
                keyid:6A:06:1C:F1:A3:E8:F8:86:17:85:4B:D3:B6:AC:DA:D8:AB:A4:5A:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agYc8aPo-IYXhUvTtqza2KukWhw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0319db-d1fb-4a0b-8f2d-34e181f13bc9/1/agYc8aPo-IYXhUvTtqza2KukWhw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/0319db-d1fb-4a0b-8f2d-34e181f13bc9/1/agYc8aPo-IYXhUvTtqza2KukWhw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:ce:4c:08:d2:91:94:27:f8:5e:64:9a:03:7e:23:36:55:00:
         62:25:ab:9d:7f:63:d1:32:2d:a6:ac:06:e1:89:32:79:fd:7c:
         e8:21:e1:3e:6a:e8:64:4d:ad:4f:54:87:e1:31:fb:14:92:07:
         ba:40:1f:cc:0b:bd:bd:8d:1d:0b:05:e0:35:52:d2:99:f1:60:
         1a:b1:91:9f:0f:23:d8:96:af:76:72:11:d0:92:44:51:f2:51:
         9a:1a:89:3a:8a:ff:02:9a:7d:01:82:1f:fa:f2:a0:de:e9:f1:
         4b:fb:af:bc:aa:ef:be:2d:c7:c0:6b:11:96:7d:88:ef:00:b2:
         79:54:32:a2:bb:2f:54:18:ca:71:78:b8:38:23:3b:4b:a7:88:
         85:79:fa:2a:f2:09:10:44:bd:63:68:06:17:c1:ea:0f:80:58:
         d8:1b:9e:62:47:5a:5a:13:c6:ec:32:0a:2d:25:b0:79:e4:eb:
         e3:36:da:aa:7c:7e:28:11:2c:cb:6b:81:ce:c9:5c:6b:95:00:
         bf:0b:3a:1d:ba:e4:7b:4e:c0:2b:18:33:18:7b:f0:6f:03:29:
         1d:cf:8d:30:13:7e:d3:12:a8:41:25:e4:73:48:f1:a1:54:02:
         90:af:77:bb:f1:b7:b0:79:94:0f:10:72:17:70:74:75:58:5d:
         90:85:6c:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa4/wieNMiqIbFuQfxZkEl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMDYxY2YxYTNlOGY4ODYxNzg1NGJkM2I2YWNkYWQ4YWJh
NDVhMWMwHhcNMjUwNTEwMDcwMDQzWhcNMjUwNTExMDcwMDQzWjAzMTEwLwYDVQQD
EygzMTY2ZGQ0NjM2YWZlOTE1NTM2MTI0NTlkNGFmYTFkMDU0ZWRjMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4doNG+SdSNhDLO5mnReg+niXXEp
phNul+WwD8uB/whUgsq1WHDSctNFVyqWKMR9dobyaXhQJGmPLhYeAGeFk0heyL1l
ncPioGbqpy3/FJ4B+KvCoN752usdxuF9k71Rml9jhAGXMkRY5FEHM1hSMc53c/YJ
rvuS6eyOxExpU/AYZHxDs5DWOay7bO3MIyYfGCS8K+MDXl1bcSumRxuv5PhhzlhE
FNxZVUBypW5zvzHn3cud5spNVLppkXNlDFAP3c71igBm6U0RosrpiTftIwOjAJwB
3TlWcJmVaoPB5HZhLGIgkDycsuvIhsRZxNGcxezs1ceYmWH+8FbFU6oMkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFm3UY2r+kVU2EkWdSvodBU7cAzMB8GA1UdIwQY
MBaAFGoGHPGj6PiGF4VL07as2tirpFocMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWdZYzhhUG8tSVlYaFV2VHRxemEyS3VrV2h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8wMzE5ZGItZDFmYi00YTBiLThmMmQt
MzRlMTgxZjEzYmM5LzEvYWdZYzhhUG8tSVlYaFV2VHRxemEyS3VrV2h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8wMzE5ZGItZDFmYi00YTBiLThmMmQtMzRlMTgxZjEzYmM5
LzEvYWdZYzhhUG8tSVlYaFV2VHRxemEyS3VrV2h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG85MCNKR
lCf4XmSaA34jNlUAYiWrnX9j0TItpqwG4Ykyef186CHhPmroZE2tT1SH4TH7FJIH
ukAfzAu9vY0dCwXgNVLSmfFgGrGRnw8j2JavdnIR0JJEUfJRmhqJOor/App9AYIf
+vKg3unxS/uvvKrvvi3HwGsRln2I7wCyeVQyorsvVBjKcXi4OCM7S6eIhXn6KvIJ
EES9Y2gGF8HqD4BY2BueYkdaWhPG7DIKLSWweeTr4zbaqnx+KBEsy2uBzslca5UA
vws6Hbrke07AKxgzGHvwbwMpHc+NMBN+0xKoQSXkc0jxoVQCkK93u/G3sHmUDxBy
F3B0dVhdkIVszA==
-----END CERTIFICATE-----