Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
File:                     aweCDo1ADzwl3dC-G0bFTpVZYKE.mft (raw, json)
Hash identifier:          8xmxe55ogORNrc7ukU2Ox20rIkRsfPKssWi+7NXaCKE=
Subject key identifier:   6D:A8:74:4D:85:3B:A4:64:61:04:A4:0E:05:48:C9:C9:92:A8:F3:28
Authority key identifier: 6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1
Certificate issuer:       /CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
Certificate serial:       01976C2AD3AF042044E5D86530D525142CC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
Manifest number:          0CA8
Signing time:             Sat 14 Jun 2025 02:00:35 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:35 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:35 +0000
Files and hashes:         1: aweCDo1ADzwl3dC-G0bFTpVZYKE.crl (hash: qUlKxP/IGggYAcz5lsTrQn3drSOJ+Hq7whX+2MR1zAI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:d3:af:04:20:44:e5:d8:65:30:d5:25:14:2c:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b07820e8d400f3c25ddd0be1b46c54e955960a1
        Validity
            Not Before: Jun 14 02:00:35 2025 GMT
            Not After : Jun 15 02:00:35 2025 GMT
        Subject: CN=6da8744d853ba4646104a40e0548c9c992a8f328
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ae:ec:fd:b9:b6:81:8e:fb:ce:f8:fd:7d:99:
                    c6:3e:0c:fc:f6:be:42:0b:d2:4d:48:69:a7:cc:89:
                    c2:20:e1:b1:b7:07:cf:5c:f2:3c:4e:20:8e:7a:3f:
                    4b:2b:5c:b5:20:1b:cc:2f:41:4a:3a:b6:ec:bc:39:
                    de:83:4a:f8:4f:84:80:1c:0a:02:93:5c:9e:7c:9c:
                    ae:43:9f:bf:c8:b1:4a:58:d4:6a:af:b3:bc:ac:6f:
                    71:01:88:a6:06:ae:62:34:69:4b:7e:34:40:b5:15:
                    da:78:7d:3a:76:21:45:5e:f0:6f:ee:1e:5a:d3:b0:
                    0c:d2:a3:92:7c:22:12:00:b2:73:48:69:de:df:0a:
                    53:b2:aa:c9:a1:3f:bb:fe:74:89:9d:9b:ae:ce:65:
                    ea:c1:be:8a:8a:b3:0b:4a:4f:18:1b:55:4b:fe:1b:
                    58:fe:01:92:bb:e3:bb:2f:2b:a8:2e:9d:f2:d0:7b:
                    70:bd:2a:8e:03:a9:f3:05:39:af:8c:ca:ef:01:0a:
                    87:34:81:e2:5a:42:f4:63:84:e8:03:70:bf:d8:0b:
                    b1:96:b3:84:e7:0d:83:e5:62:ab:8a:9a:9a:da:a8:
                    05:c2:a7:f0:9b:cd:84:41:e9:fd:b9:94:4e:a4:5a:
                    7c:0f:ca:58:a2:46:66:bd:77:4a:8f:14:7a:ef:42:
                    6d:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:A8:74:4D:85:3B:A4:64:61:04:A4:0E:05:48:C9:C9:92:A8:F3:28
            X509v3 Authority Key Identifier:
                keyid:6B:07:82:0E:8D:40:0F:3C:25:DD:D0:BE:1B:46:C5:4E:95:59:60:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aweCDo1ADzwl3dC-G0bFTpVZYKE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/bfc6b1-02af-4cb1-a06d-4d493082da1c/1/aweCDo1ADzwl3dC-G0bFTpVZYKE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:a5:0a:cf:53:54:d6:cc:be:3c:da:85:18:ce:f6:b2:e5:8b:
         14:72:64:3d:96:93:ec:1c:65:67:fe:7e:c6:be:fb:15:2b:39:
         c3:b6:bc:fe:1d:f3:1d:99:b8:20:ef:1c:bf:16:9d:f0:bb:5f:
         9a:9e:f6:45:c9:a0:60:bc:26:be:a0:d0:99:d4:11:54:11:18:
         a0:fa:8c:75:ab:68:9e:e1:90:a5:f9:0d:74:91:41:d8:d9:c3:
         5e:8e:ae:8b:10:04:36:23:ad:56:b0:ff:a5:2d:86:76:9e:b1:
         97:91:b2:30:ac:5d:89:05:63:ad:14:aa:6a:29:4e:34:75:45:
         fb:c2:a4:21:fc:7b:c8:73:92:6c:bf:86:90:77:f8:60:bf:d3:
         db:e4:34:89:fb:91:cf:ad:fd:bf:6e:1c:c5:01:b3:d7:8c:c6:
         57:31:0c:20:2a:25:2c:27:12:8b:9b:4e:99:8d:bd:e5:8e:16:
         cc:5b:fe:52:e7:be:66:20:11:aa:8a:5e:0d:bf:b8:f8:2a:01:
         5a:62:ec:a4:f2:b4:9e:7d:07:77:7f:71:cd:f3:59:c3:c9:d4:
         10:5f:8a:51:2d:01:3e:10:72:d5:53:0b:2c:54:f5:a7:ad:aa:
         d2:d8:b4:8d:4f:b3:ce:4a:fe:7a:51:8c:fd:7b:11:a9:6d:93:
         13:76:de:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKtOvBCBE5dhlMNUlFCzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMDc4MjBlOGQ0MDBmM2MyNWRkZDBiZTFiNDZjNTRlOTU1
OTYwYTEwHhcNMjUwNjE0MDIwMDM1WhcNMjUwNjE1MDIwMDM1WjAzMTEwLwYDVQQD
Eyg2ZGE4NzQ0ZDg1M2JhNDY0NjEwNGE0MGUwNTQ4YzljOTkyYThmMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxq7s/bm2gY77zvj9fZnGPgz89r5C
C9JNSGmnzInCIOGxtwfPXPI8TiCOej9LK1y1IBvML0FKOrbsvDneg0r4T4SAHAoC
k1yefJyuQ5+/yLFKWNRqr7O8rG9xAYimBq5iNGlLfjRAtRXaeH06diFFXvBv7h5a
07AM0qOSfCISALJzSGne3wpTsqrJoT+7/nSJnZuuzmXqwb6KirMLSk8YG1VL/htY
/gGSu+O7LyuoLp3y0HtwvSqOA6nzBTmvjMrvAQqHNIHiWkL0Y4ToA3C/2AuxlrOE
5w2D5WKripqa2qgFwqfwm82EQen9uZROpFp8D8pYokZmvXdKjxR670JtZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2odE2FO6RkYQSkDgVIycmSqPMoMB8GA1UdIwQY
MBaAFGsHgg6NQA88Jd3QvhtGxU6VWWChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQt
NGQ0OTMwODJkYTFjLzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iZmM2YjEtMDJhZi00Y2IxLWEwNmQtNGQ0OTMwODJkYTFj
LzEvYXdlQ0RvMUFEendsM2RDLUcwYkZUcFZaWUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL6UKz1NU
1sy+PNqFGM72suWLFHJkPZaT7BxlZ/5+xr77FSs5w7a8/h3zHZm4IO8cvxad8Ltf
mp72RcmgYLwmvqDQmdQRVBEYoPqMdatonuGQpfkNdJFB2NnDXo6uixAENiOtVrD/
pS2Gdp6xl5GyMKxdiQVjrRSqailONHVF+8KkIfx7yHOSbL+GkHf4YL/T2+Q0ifuR
z639v24cxQGz14zGVzEMIColLCcSi5tOmY295Y4WzFv+Uue+ZiARqopeDb+4+CoB
WmLspPK0nn0Hd39xzfNZw8nUEF+KUS0BPhBy1VMLLFT1p62q0ti0jU+zzkr+elGM
/XsRqW2TE3be5Q==
-----END CERTIFICATE-----