Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          9Sh16Rt4JkjWR88xIdeK40a8WyaXqWWLQ7KdpI6aMag=
Subject key identifier:   FF:7B:A7:2F:13:E0:18:71:7B:A6:DD:F9:EE:20:8A:2E:E5:1C:94:F8
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       0196B9A49855A6A9920AA79A39E1583AFDC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 10:01:33 +0000
Manifest this update:     Sat 10 May 2025 10:01:33 +0000
Manifest next update:     Sun 11 May 2025 10:01:33 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: YyzULuvPrQbcL1dl8eddaAFOSHFeb/9e5rzyBLjGZgo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 10:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b9:a4:98:55:a6:a9:92:0a:a7:9a:39:e1:58:3a:fd:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: May 10 10:01:33 2025 GMT
            Not After : May 11 10:01:33 2025 GMT
        Subject: CN=ff7ba72f13e018717ba6ddf9ee208a2ee51c94f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:38:d2:93:56:15:25:7b:49:62:eb:34:7a:5c:
                    e3:df:91:78:22:ba:23:75:a1:69:9a:71:83:e3:4f:
                    27:ad:ab:5a:9d:54:f6:96:a4:a1:b5:cd:f0:5f:19:
                    b9:e5:7a:63:c2:f2:0f:13:70:ba:62:97:ab:71:db:
                    b0:60:46:a1:37:57:a3:96:ec:90:13:19:55:b8:c3:
                    d0:90:f5:df:24:e1:d1:91:08:f0:39:78:23:b4:85:
                    e8:78:6a:39:42:6f:96:d5:b2:f5:d7:1d:dd:88:3c:
                    72:e9:24:81:6a:87:9e:d6:09:97:27:83:20:9f:64:
                    bd:b1:10:84:fb:ea:5e:4a:10:aa:f1:05:c4:db:12:
                    7f:00:2b:5c:95:d9:cc:78:71:78:6d:4b:47:f8:dd:
                    da:ba:12:e1:f7:e4:b1:cc:b5:38:fe:f7:74:00:48:
                    9e:80:7a:26:b9:01:66:cf:c9:9b:5b:60:54:88:ae:
                    58:00:98:ec:57:b0:98:30:87:03:82:d2:f9:c3:c1:
                    fb:ec:16:87:b7:a5:db:03:10:6c:8d:c7:17:37:7d:
                    1e:b7:41:d4:a8:9a:ab:4a:55:ff:72:06:3d:6b:51:
                    f1:e4:29:e3:6e:7a:d0:3b:06:b7:2e:0e:3f:b5:2b:
                    51:ed:fa:23:62:98:06:c8:83:8b:d3:65:a1:04:46:
                    a2:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:7B:A7:2F:13:E0:18:71:7B:A6:DD:F9:EE:20:8A:2E:E5:1C:94:F8
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:d2:b5:8b:e4:de:88:0c:d5:6b:b3:42:0c:b0:0f:f8:09:36:
         63:02:8f:41:d0:d3:14:69:6d:0b:d3:18:12:89:36:cd:a5:98:
         25:a3:1b:a1:9a:37:a5:3f:a2:c9:cc:f4:ac:7e:3b:ca:93:2c:
         15:9f:86:83:c0:d1:ba:93:7e:53:d9:a1:6c:54:6a:96:7e:c5:
         97:5c:fa:ee:ef:76:cb:86:0d:11:1a:82:97:a6:c6:06:1a:34:
         27:fb:e8:9c:99:f6:d5:f7:4b:81:4a:10:5d:38:9b:05:ce:f1:
         05:48:05:17:db:38:b1:5a:83:d9:26:98:b9:18:6b:d1:09:f4:
         78:be:27:ed:d4:f9:67:dd:82:c2:18:e7:c9:2a:73:bb:53:23:
         b0:ff:94:90:ae:1f:c7:60:3e:be:52:eb:c8:d4:e3:9b:1e:07:
         b7:22:65:a5:84:c8:ca:c4:3f:87:b4:5a:8f:b4:12:11:ab:b7:
         49:68:1f:8b:4e:b6:b2:4c:c8:ad:8f:1a:c6:a8:fe:a2:20:17:
         d1:51:6c:da:09:05:3c:8c:c4:f6:09:af:f6:5d:f6:e8:78:1d:
         00:43:c7:17:4c:ba:50:c3:c7:60:1d:9c:67:e5:af:67:b3:fc:
         f4:21:dc:31:07:90:ac:5f:c9:f2:15:4e:8e:d0:24:6d:c5:ce:
         3d:ac:eb:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa5pJhVpqmSCqeaOeFYOv3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUwNTEwMTAwMTMzWhcNMjUwNTExMTAwMTMzWjAzMTEwLwYDVQQD
EyhmZjdiYTcyZjEzZTAxODcxN2JhNmRkZjllZTIwOGEyZWU1MWM5NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTjSk1YVJXtJYus0elzj35F4Iroj
daFpmnGD408nratanVT2lqShtc3wXxm55XpjwvIPE3C6YpercduwYEahN1ejluyQ
ExlVuMPQkPXfJOHRkQjwOXgjtIXoeGo5Qm+W1bL11x3diDxy6SSBaoee1gmXJ4Mg
n2S9sRCE++peShCq8QXE2xJ/ACtcldnMeHF4bUtH+N3auhLh9+SxzLU4/vd0AEie
gHomuQFmz8mbW2BUiK5YAJjsV7CYMIcDgtL5w8H77BaHt6XbAxBsjccXN30et0HU
qJqrSlX/cgY9a1Hx5CnjbnrQOwa3Lg4/tStR7fojYpgGyIOL02WhBEai3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP97py8T4Bhxe6bd+e4gii7lHJT4MB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNK1i+Te
iAzVa7NCDLAP+Ak2YwKPQdDTFGltC9MYEok2zaWYJaMboZo3pT+iycz0rH47ypMs
FZ+Gg8DRupN+U9mhbFRqln7Fl1z67u92y4YNERqCl6bGBho0J/vonJn21fdLgUoQ
XTibBc7xBUgFF9s4sVqD2SaYuRhr0Qn0eL4n7dT5Z92CwhjnySpzu1MjsP+UkK4f
x2A+vlLryNTjmx4HtyJlpYTIysQ/h7Raj7QSEau3SWgfi062skzIrY8axqj+oiAX
0VFs2gkFPIzE9gmv9l326HgdAEPHF0y6UMPHYB2cZ+WvZ7P89CHcMQeQrF/J8hVO
jtAkbcXOPazrLA==
-----END CERTIFICATE-----