Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          ffK1Bt7AgHAVjmiv0sFZoD4YcUfsuM7Wsgpye/GRzL0=
Subject key identifier:   E4:E1:DF:5E:7D:6E:39:82:5F:F0:7B:DF:41:E5:26:E9:12:B6:B1:41
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       0196D1AC221DDFC47725DEEFFC73271213D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0ADA
Signing time:             Thu 15 May 2025 02:00:41 +0000
Manifest this update:     Thu 15 May 2025 02:00:41 +0000
Manifest next update:     Fri 16 May 2025 02:00:41 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: 7wcFE/q6/O16HKAwZDPLlE5t01ivco+8bNB/4NOPdc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d1:ac:22:1d:df:c4:77:25:de:ef:fc:73:27:12:13:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: May 15 02:00:41 2025 GMT
            Not After : May 16 02:00:41 2025 GMT
        Subject: CN=e4e1df5e7d6e39825ff07bdf41e526e912b6b141
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:82:96:a0:cc:f2:f7:a5:3f:c7:75:bf:86:48:
                    01:17:30:97:b9:1c:98:0d:4b:17:89:3b:5a:ae:52:
                    f3:c0:f2:02:ab:d8:ad:f9:4d:32:82:fa:99:b1:a2:
                    e9:67:f4:3e:dd:06:96:a7:6b:2f:8e:de:44:8a:cb:
                    40:57:f7:29:a4:7d:80:dc:c4:36:0d:66:12:38:11:
                    a2:3c:72:6a:e8:c6:4b:d9:4e:0e:d5:1f:01:a8:7e:
                    08:a2:01:7d:b1:e0:db:01:97:c2:17:74:99:e8:7c:
                    22:6e:04:53:f8:dd:c5:9d:51:48:62:7a:19:37:62:
                    69:a4:89:3e:02:b2:34:70:2f:1d:f1:87:ea:a7:a9:
                    04:07:a5:92:b7:af:7e:a1:4a:2f:8c:16:40:16:74:
                    a1:f3:ad:8b:15:3a:cd:54:a9:62:c6:6a:ad:23:05:
                    df:68:75:5e:e9:76:76:b8:02:a7:44:e4:e7:e0:8d:
                    cc:47:4f:a6:4f:d0:bc:fa:5c:05:f9:cb:86:dd:50:
                    31:e9:34:68:d7:a2:db:8d:c6:b1:6d:14:3e:a6:3d:
                    a6:2e:20:c1:19:f4:48:c6:84:8c:51:5a:ed:4c:0f:
                    a4:25:3c:1a:30:cc:8d:97:6e:80:4c:9f:70:6d:e5:
                    1d:53:4d:e0:dd:a5:cf:8c:47:65:de:8d:cc:ae:ff:
                    40:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:E1:DF:5E:7D:6E:39:82:5F:F0:7B:DF:41:E5:26:E9:12:B6:B1:41
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:35:9d:cd:76:79:c4:61:24:8b:da:14:12:10:37:2a:33:28:
         28:f5:9e:05:ef:a2:25:8f:8d:36:57:7a:76:8a:49:fa:d4:e4:
         81:e9:c0:72:e2:62:e6:16:9c:9c:e8:2a:5e:c9:1a:88:16:20:
         fd:5f:91:49:73:f5:08:9c:e8:0f:3a:f5:39:e7:0c:27:1e:4e:
         8f:b2:b1:ff:60:c0:48:42:6b:46:5c:ed:14:47:7a:fc:ab:fa:
         49:26:a1:51:c4:63:dd:74:95:34:ce:7c:4f:4d:09:14:a0:24:
         00:18:38:6a:7c:a7:06:9a:20:0b:7f:76:ea:9c:1b:c2:88:e1:
         83:c5:cd:70:2f:c3:5d:89:e5:94:96:84:98:15:0d:53:ff:49:
         8c:93:6e:d8:82:30:13:2f:4e:87:91:94:58:68:f7:0f:bd:17:
         cf:e4:38:45:32:58:62:e6:f6:50:d9:a0:c4:24:08:e5:a0:1c:
         92:44:38:b2:88:00:50:43:14:08:59:5b:6d:88:eb:33:86:9e:
         21:4b:b6:93:2f:b5:16:c8:4f:4b:8f:ba:e5:75:ab:88:dc:6b:
         a4:1d:b9:3b:33:da:a4:a3:10:b7:6b:b3:e4:a6:ba:99:08:be:
         ae:d1:15:16:7c:c3:54:05:7e:11:5e:57:5d:56:f1:43:d2:35:
         6f:3b:9a:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbRrCId38R3Jd7v/HMnEhPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjUwNTE1MDIwMDQxWhcNMjUwNTE2MDIwMDQxWjAzMTEwLwYDVQQD
EyhlNGUxZGY1ZTdkNmUzOTgyNWZmMDdiZGY0MWU1MjZlOTEyYjZiMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoKWoMzy96U/x3W/hkgBFzCXuRyY
DUsXiTtarlLzwPICq9it+U0ygvqZsaLpZ/Q+3QaWp2svjt5EistAV/cppH2A3MQ2
DWYSOBGiPHJq6MZL2U4O1R8BqH4IogF9seDbAZfCF3SZ6HwibgRT+N3FnVFIYnoZ
N2JppIk+ArI0cC8d8Yfqp6kEB6WSt69+oUovjBZAFnSh862LFTrNVKlixmqtIwXf
aHVe6XZ2uAKnROTn4I3MR0+mT9C8+lwF+cuG3VAx6TRo16LbjcaxbRQ+pj2mLiDB
GfRIxoSMUVrtTA+kJTwaMMyNl26ATJ9wbeUdU03g3aXPjEdl3o3Mrv9ACwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTh3159bjmCX/B730HlJukStrFBMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsDWdzXZ5
xGEki9oUEhA3KjMoKPWeBe+iJY+NNld6dopJ+tTkgenAcuJi5hacnOgqXskaiBYg
/V+RSXP1CJzoDzr1OecMJx5Oj7Kx/2DASEJrRlztFEd6/Kv6SSahUcRj3XSVNM58
T00JFKAkABg4anynBpogC3926pwbwojhg8XNcC/DXYnllJaEmBUNU/9JjJNu2IIw
Ey9Oh5GUWGj3D70Xz+Q4RTJYYub2UNmgxCQI5aAckkQ4sogAUEMUCFlbbYjrM4ae
IUu2ky+1FshPS4+65XWriNxrpB25OzPapKMQt2uz5Ka6mQi+rtEVFnzDVAV+EV5X
XVbxQ9I1bzuafw==
-----END CERTIFICATE-----