Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          Maz6gcar2OEH8Ee1auOei9NBotSxcC5vvD3pLevwRy4=
Subject key identifier:   3D:D6:03:2B:40:CA:5C:00:AB:56:2A:4C:70:70:23:C4:9E:52:C4:0C
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       0197B6A1AD63BF6AF305ABA224E290AFE508
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:02:18 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:18 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:18 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: gvFEvSx9JUtNhIMzUcNWc/NCl822y+SHGCD/6o+pUag=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 13:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:ad:63:bf:6a:f3:05:ab:a2:24:e2:90:af:e5:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Jun 28 13:02:18 2025 GMT
            Not After : Jun 29 13:02:18 2025 GMT
        Subject: CN=3dd6032b40ca5c00ab562a4c707023c49e52c40c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e6:81:9c:ef:7b:91:94:0d:65:1c:61:3e:4c:
                    38:07:14:00:6b:31:fb:2a:ff:44:7a:e1:02:87:28:
                    90:06:79:01:1e:7b:1b:42:9a:cd:34:96:ff:86:c2:
                    72:13:5e:fb:13:6f:b6:1f:d1:f5:cc:3a:6b:35:a7:
                    96:23:34:e0:f2:17:05:72:1d:50:13:28:e6:51:8e:
                    a7:4d:dd:dd:18:0c:67:49:23:94:73:a5:8d:5c:87:
                    dc:e1:99:52:fc:8e:6d:10:68:e4:2e:d6:e0:6b:29:
                    da:f1:89:d2:55:ba:be:1e:63:f9:d5:03:5c:e9:f2:
                    78:12:37:cf:b7:ab:6c:67:b9:60:52:e3:04:58:27:
                    50:4a:84:9f:25:a9:65:f9:03:5c:bc:94:35:30:a4:
                    ae:e9:8d:6f:d2:9f:22:ea:c8:43:7f:3e:1a:46:1f:
                    94:73:64:2e:d7:60:ce:72:70:57:73:e5:93:c9:40:
                    5a:85:07:8e:5b:6e:cb:5f:e1:db:e8:fe:36:e0:b5:
                    85:f7:e5:7f:8c:18:e2:78:22:b7:d8:55:06:c7:b6:
                    f9:27:85:e6:02:73:15:4e:7f:b2:7c:6f:17:a5:84:
                    33:c0:f9:37:26:e2:f0:b9:71:9c:6e:c2:88:89:4d:
                    03:98:d6:69:cf:fa:90:2d:09:e4:51:d8:35:58:28:
                    f8:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:D6:03:2B:40:CA:5C:00:AB:56:2A:4C:70:70:23:C4:9E:52:C4:0C
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:15:cf:91:8a:5b:23:0b:0b:35:c0:26:b2:f9:2b:cd:c1:e3:
         c9:e6:13:87:cc:1b:d6:a8:c1:d9:d7:42:37:0a:dc:47:44:8d:
         cf:b8:c5:8b:f5:73:10:cf:c3:eb:d1:50:d8:d6:79:a6:e6:c4:
         5f:d7:bf:7a:b2:a2:0d:de:2e:d7:69:29:2c:2b:ac:5f:4d:21:
         e4:b3:22:4a:d7:87:88:05:1c:36:91:fd:8e:c4:68:5b:35:8e:
         af:b3:b5:c2:64:f9:e9:40:df:09:cd:92:a1:df:78:bb:64:4e:
         3e:a0:98:6b:52:f4:01:f9:24:4b:af:80:d9:57:ad:e7:3b:c7:
         c5:65:d3:5c:9a:d4:99:dc:a7:a4:65:3e:77:06:01:19:ff:51:
         88:85:14:8f:ee:22:75:66:a0:f2:8f:c4:38:1c:75:5c:12:07:
         f1:40:46:30:11:a4:26:05:67:7a:0f:8f:b3:b7:59:e5:60:62:
         0e:0e:c1:b9:74:04:11:c9:61:78:1d:b0:a0:ba:ea:ee:f2:9e:
         5b:eb:39:8e:63:c7:9f:68:87:a7:f2:75:d4:95:30:b2:96:07:
         86:c0:26:03:61:a9:60:2e:14:7e:be:8c:42:08:f5:08:d2:6a:
         a1:5e:6a:a6:65:03:16:d1:61:31:ea:9e:68:7d:e2:56:cf:14:
         6c:e8:75:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oa1jv2rzBauiJOKQr+UIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUwNjI4MTMwMjE4WhcNMjUwNjI5MTMwMjE4WjAzMTEwLwYDVQQD
EygzZGQ2MDMyYjQwY2E1YzAwYWI1NjJhNGM3MDcwMjNjNDllNTJjNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uaBnO97kZQNZRxhPkw4BxQAazH7
Kv9EeuEChyiQBnkBHnsbQprNNJb/hsJyE177E2+2H9H1zDprNaeWIzTg8hcFch1Q
EyjmUY6nTd3dGAxnSSOUc6WNXIfc4ZlS/I5tEGjkLtbgayna8YnSVbq+HmP51QNc
6fJ4EjfPt6tsZ7lgUuMEWCdQSoSfJall+QNcvJQ1MKSu6Y1v0p8i6shDfz4aRh+U
c2Qu12DOcnBXc+WTyUBahQeOW27LX+Hb6P424LWF9+V/jBjieCK32FUGx7b5J4Xm
AnMVTn+yfG8XpYQzwPk3JuLwuXGcbsKIiU0DmNZpz/qQLQnkUdg1WCj4AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3WAytAylwAq1YqTHBwI8SeUsQMMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEhXPkYpb
IwsLNcAmsvkrzcHjyeYTh8wb1qjB2ddCNwrcR0SNz7jFi/VzEM/D69FQ2NZ5pubE
X9e/erKiDd4u12kpLCusX00h5LMiSteHiAUcNpH9jsRoWzWOr7O1wmT56UDfCc2S
od94u2ROPqCYa1L0AfkkS6+A2Vet5zvHxWXTXJrUmdynpGU+dwYBGf9RiIUUj+4i
dWag8o/EOBx1XBIH8UBGMBGkJgVneg+Ps7dZ5WBiDg7BuXQEEclheB2woLrq7vKe
W+s5jmPHn2iHp/J11JUwspYHhsAmA2GpYC4Ufr6MQgj1CNJqoV5qpmUDFtFhMeqe
aH3iVs8UbOh1Dg==
-----END CERTIFICATE-----