Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File:                     AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier:          Agg0PGAA9wBA1yBh8TF2KeiE5apwCkrPA1j/W1Iyc8Y=
Subject key identifier:   48:A0:5C:80:5C:2F:9B:4B:23:21:9B:C5:8D:85:FA:35:DF:DB:DA:89
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer:       /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial:       0197B6A0F3F16B966436145BEEEF3195014C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number:          0D60
Signing time:             Sat 28 Jun 2025 13:01:30 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:30 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:30 +0000
Files and hashes:         1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: wiWDGHYsRQgfM/ttcx/XzgChA6oyJh6lJ5TvXol5koQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a0:f3:f1:6b:96:64:36:14:5b:ee:ef:31:95:01:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
        Validity
            Not Before: Jun 28 13:01:30 2025 GMT
            Not After : Jun 29 13:01:30 2025 GMT
        Subject: CN=48a05c805c2f9b4b23219bc58d85fa35dfdbda89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:22:ab:3a:f3:43:cf:15:68:0a:86:82:cb:4d:
                    9a:6a:ea:ee:65:70:51:a5:31:f0:7f:11:66:b3:73:
                    6e:ec:7e:62:8f:d1:ff:ee:f2:e7:21:97:d4:36:51:
                    2d:f7:56:00:d8:9c:53:fb:69:50:76:0a:23:30:c6:
                    6d:47:56:b8:4d:2c:5b:3e:2f:68:ad:f5:78:f9:61:
                    18:a5:61:41:e1:df:e9:3c:2b:18:ac:9f:a1:3a:23:
                    c0:03:15:ce:4d:c5:bc:ff:82:78:1f:ee:6d:bc:ee:
                    0e:6a:08:4f:52:06:39:a8:b6:7d:7b:d3:d2:91:0b:
                    ac:a3:08:27:6d:7c:98:9d:1f:41:29:53:bb:b7:22:
                    eb:ff:08:6b:27:2d:89:2c:86:a3:56:82:9b:58:6b:
                    87:21:79:4a:c1:5a:94:61:34:59:9b:94:f8:c3:97:
                    a2:7a:bb:92:a9:a1:16:34:2f:0d:66:af:d7:67:73:
                    53:a1:c9:8b:7b:91:4f:2f:06:8e:d9:88:75:f7:cc:
                    03:47:06:24:df:59:ec:e5:7f:f6:5d:ad:c5:0b:c1:
                    c8:27:1f:fe:e9:62:75:93:b0:11:93:1e:79:94:fc:
                    8e:89:72:c1:b6:c5:dc:05:31:7c:fc:12:af:08:b7:
                    d5:91:13:48:93:12:2c:35:5d:1b:a5:fd:4e:7e:2c:
                    a7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:A0:5C:80:5C:2F:9B:4B:23:21:9B:C5:8D:85:FA:35:DF:DB:DA:89
            X509v3 Authority Key Identifier:
                keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:7f:41:f5:77:35:e0:d7:4d:16:42:f1:4d:43:46:cd:7a:9b:
         02:15:d5:f5:2f:86:c9:ee:43:19:df:01:f6:9b:cb:ae:ff:ee:
         d4:ca:07:56:c2:cc:f6:7e:81:af:c7:d4:9f:16:66:b7:3a:34:
         77:2f:28:2e:5b:01:de:eb:e6:a0:1e:59:37:2a:11:2e:99:1a:
         5d:72:b6:87:d1:ce:a7:26:22:6b:bd:ca:08:92:06:29:fa:d3:
         59:a6:9c:f7:e7:26:0f:40:b8:d0:01:a5:51:9d:b2:cd:f4:3d:
         9d:b0:04:c6:b0:29:94:7e:f6:27:8c:db:d3:31:87:3a:18:32:
         9e:d8:9b:ad:76:54:3c:7f:84:93:5e:9f:f9:21:1e:7a:af:a9:
         50:4c:ce:10:66:a9:aa:07:a6:99:93:f9:2a:a8:8d:f1:f2:b2:
         55:32:f3:dc:dd:cc:22:61:7d:07:c5:7c:92:31:89:59:59:88:
         d3:27:c5:31:ac:da:57:65:f2:b7:ad:6e:03:d5:c1:31:c3:f5:
         cc:57:34:87:78:4f:b1:51:20:f8:ae:4d:75:69:ff:97:20:87:
         ab:83:1d:b1:69:82:6e:ce:9e:30:ce:9b:9e:b5:cb:8f:c1:3f:
         48:99:56:90:d7:72:5a:ac:5e:87:40:5c:33:53:bf:42:f5:d5:
         a0:90:7f:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oPPxa5ZkNhRb7u8xlQFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjUwNjI4MTMwMTMwWhcNMjUwNjI5MTMwMTMwWjAzMTEwLwYDVQQD
Eyg0OGEwNWM4MDVjMmY5YjRiMjMyMTliYzU4ZDg1ZmEzNWRmZGJkYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyKrOvNDzxVoCoaCy02aauruZXBR
pTHwfxFms3Nu7H5ij9H/7vLnIZfUNlEt91YA2JxT+2lQdgojMMZtR1a4TSxbPi9o
rfV4+WEYpWFB4d/pPCsYrJ+hOiPAAxXOTcW8/4J4H+5tvO4OaghPUgY5qLZ9e9PS
kQusowgnbXyYnR9BKVO7tyLr/whrJy2JLIajVoKbWGuHIXlKwVqUYTRZm5T4w5ei
eruSqaEWNC8NZq/XZ3NTocmLe5FPLwaO2Yh198wDRwYk31ns5X/2Xa3FC8HIJx/+
6WJ1k7ARkx55lPyOiXLBtsXcBTF8/BKvCLfVkRNIkxIsNV0bpf1OfiyneQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEigXIBcL5tLIyGbxY2F+jXf29qJMB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIX9B9Xc1
4NdNFkLxTUNGzXqbAhXV9S+Gye5DGd8B9pvLrv/u1MoHVsLM9n6Br8fUnxZmtzo0
dy8oLlsB3uvmoB5ZNyoRLpkaXXK2h9HOpyYia73KCJIGKfrTWaac9+cmD0C40AGl
UZ2yzfQ9nbAExrAplH72J4zb0zGHOhgyntibrXZUPH+Ek16f+SEeeq+pUEzOEGap
qgemmZP5KqiN8fKyVTLz3N3MImF9B8V8kjGJWVmI0yfFMazaV2Xyt61uA9XBMcP1
zFc0h3hPsVEg+K5NdWn/lyCHq4MdsWmCbs6eMM6bnrXLj8E/SJlWkNdyWqxeh0Bc
M1O/QvXVoJB/Jw==
-----END CERTIFICATE-----