Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
File:                     AguJY5thIAOqgSvktlIbVnhFao4.mft (raw, json)
Hash identifier:          w8cedAR6pFV6/OqMofQqZPedp4963fSeXOJtbXljvwY=
Subject key identifier:   36:F8:59:F5:DE:1C:41:DD:51:32:7C:F5:22:EA:27:5B:8A:53:AF:8A
Authority key identifier: 02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E
Certificate issuer:       /CN=020b89639b612003aa812be4b6521b5678456a8e
Certificate serial:       0196C2DDF5363953876539D583F08CA26605
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
Manifest number:          0298
Signing time:             Mon 12 May 2025 05:00:48 +0000
Manifest this update:     Mon 12 May 2025 05:00:48 +0000
Manifest next update:     Tue 13 May 2025 05:00:48 +0000
Files and hashes:         1: AguJY5thIAOqgSvktlIbVnhFao4.crl (hash: KSjJr1WwyYNc57e0OVGk3ibixdeFOeCjFtkyi0OhP8I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c2:dd:f5:36:39:53:87:65:39:d5:83:f0:8c:a2:66:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=020b89639b612003aa812be4b6521b5678456a8e
        Validity
            Not Before: May 12 05:00:48 2025 GMT
            Not After : May 13 05:00:48 2025 GMT
        Subject: CN=36f859f5de1c41dd51327cf522ea275b8a53af8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:03:2c:2c:2a:cd:13:31:61:fd:a7:9a:7b:38:
                    29:26:64:9a:b5:03:cf:ff:a6:07:b3:c0:26:81:1f:
                    02:73:78:c5:10:42:d0:b0:dd:7f:08:1f:63:d6:9f:
                    38:3d:aa:e9:5b:3f:66:a5:cf:77:cd:23:de:e1:01:
                    c4:34:ce:26:61:dc:23:10:14:8b:2b:b9:02:c4:3b:
                    5a:b5:0b:50:d1:65:76:78:ae:75:9c:14:36:68:e4:
                    a2:f8:71:4f:d8:82:81:ad:29:53:fb:b8:70:b4:47:
                    2f:b9:06:16:20:33:98:31:6a:58:86:fc:e0:2f:b3:
                    0c:41:f5:11:72:ce:99:64:7d:af:5c:c7:3a:fe:67:
                    fd:a0:c1:6e:91:d5:a6:15:9b:f0:6c:ee:6c:9a:50:
                    60:7e:cf:12:30:d4:3c:4e:c5:10:83:b5:2e:e2:fd:
                    b2:97:67:4f:5d:b5:ba:d1:e6:53:c8:25:77:7f:cf:
                    30:7e:05:48:5d:34:d5:52:ac:b6:8d:55:f2:88:57:
                    b6:2d:3a:1b:9b:1a:a3:de:c8:d7:b1:a8:cb:8b:9a:
                    81:db:10:43:dd:c6:03:a0:f2:b9:53:6c:5a:22:ac:
                    a4:e0:cb:a0:ff:18:76:97:68:55:af:87:0b:0b:0f:
                    9a:b1:31:78:d2:a4:f3:db:45:dd:8c:20:b3:89:9b:
                    14:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:F8:59:F5:DE:1C:41:DD:51:32:7C:F5:22:EA:27:5B:8A:53:AF:8A
            X509v3 Authority Key Identifier:
                keyid:02:0B:89:63:9B:61:20:03:AA:81:2B:E4:B6:52:1B:56:78:45:6A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AguJY5thIAOqgSvktlIbVnhFao4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/77e9c5-abc2-4c39-b502-ebf329e96846/1/AguJY5thIAOqgSvktlIbVnhFao4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:b4:3b:00:f9:42:85:fa:5b:c3:c6:84:80:45:c3:30:4a:8e:
         67:e6:be:5b:22:89:a4:a8:f4:6a:db:97:ed:a7:d6:b7:08:ed:
         71:55:fd:02:83:19:04:05:c3:d9:c1:31:70:02:c3:60:dd:db:
         b9:97:26:df:ca:56:78:3b:a4:74:b1:ad:06:4e:75:1e:f0:9d:
         dc:6d:b1:b1:4d:27:1f:fe:f5:15:11:56:a3:05:ab:b6:29:3f:
         96:32:49:c7:21:19:fd:e8:36:42:dd:64:5d:91:f1:67:69:3e:
         8b:48:8c:f2:4e:9c:c5:a6:9c:c6:a6:61:32:f0:5a:4b:be:85:
         94:64:96:81:af:fc:92:32:af:01:c4:2a:4b:b6:51:38:65:1d:
         df:d4:6f:ab:23:36:5c:1d:08:09:92:f6:d1:61:b5:d1:7b:91:
         15:65:74:b5:a3:fd:7c:5c:b0:7a:9b:66:48:0e:25:14:27:59:
         dd:53:27:ec:38:c7:d5:c1:14:4a:c0:8a:fe:ff:99:79:f8:b0:
         56:03:28:08:95:b1:c9:51:12:08:ee:e7:0a:fc:98:99:12:c1:
         42:29:95:b2:08:64:92:35:f6:7e:de:05:c3:14:ec:cc:31:ca:
         7e:af:be:06:c5:44:5f:81:87:51:5d:11:75:2e:1d:ee:17:1c:
         e4:4b:1b:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbC3fU2OVOHZTnVg/CMomYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMGI4OTYzOWI2MTIwMDNhYTgxMmJlNGI2NTIxYjU2Nzg0
NTZhOGUwHhcNMjUwNTEyMDUwMDQ4WhcNMjUwNTEzMDUwMDQ4WjAzMTEwLwYDVQQD
EygzNmY4NTlmNWRlMWM0MWRkNTEzMjdjZjUyMmVhMjc1YjhhNTNhZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgMsLCrNEzFh/aeaezgpJmSatQPP
/6YHs8AmgR8Cc3jFEELQsN1/CB9j1p84ParpWz9mpc93zSPe4QHENM4mYdwjEBSL
K7kCxDtatQtQ0WV2eK51nBQ2aOSi+HFP2IKBrSlT+7hwtEcvuQYWIDOYMWpYhvzg
L7MMQfURcs6ZZH2vXMc6/mf9oMFukdWmFZvwbO5smlBgfs8SMNQ8TsUQg7Uu4v2y
l2dPXbW60eZTyCV3f88wfgVIXTTVUqy2jVXyiFe2LTobmxqj3sjXsajLi5qB2xBD
3cYDoPK5U2xaIqyk4Mug/xh2l2hVr4cLCw+asTF40qTz20XdjCCziZsUAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDb4WfXeHEHdUTJ89SLqJ1uKU6+KMB8GA1UdIwQY
MBaAFAILiWObYSADqoEr5LZSG1Z4RWqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDIt
ZWJmMzI5ZTk2ODQ2LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi83N2U5YzUtYWJjMi00YzM5LWI1MDItZWJmMzI5ZTk2ODQ2
LzEvQWd1Slk1dGhJQU9xZ1N2a3RsSWJWbmhGYW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKrQ7APlC
hfpbw8aEgEXDMEqOZ+a+WyKJpKj0atuX7afWtwjtcVX9AoMZBAXD2cExcALDYN3b
uZcm38pWeDukdLGtBk51HvCd3G2xsU0nH/71FRFWowWrtik/ljJJxyEZ/eg2Qt1k
XZHxZ2k+i0iM8k6cxaacxqZhMvBaS76FlGSWga/8kjKvAcQqS7ZROGUd39RvqyM2
XB0ICZL20WG10XuRFWV0taP9fFyweptmSA4lFCdZ3VMn7DjH1cEUSsCK/v+Zefiw
VgMoCJWxyVESCO7nCvyYmRLBQimVsghkkjX2ft4FwxTszDHKfq++BsVEX4GHUV0R
dS4d7hcc5EsbbA==
-----END CERTIFICATE-----