Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
File:                     AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json)
Hash identifier:          qrMnw9aP0BWGY2Y9GYLVj776FsuYC+us7IJ3M77GWpE=
Subject key identifier:   7B:B6:28:1A:57:B2:1B:0A:93:9D:C3:B0:58:8E:E8:59:DB:BF:FE:0A
Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77
Certificate issuer:       /CN=0289eecea279413257d8908c25568abeb8af8677
Certificate serial:       01976BBD70F587BD826E814CCBE49C4729D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
Manifest number:          0B05
Signing time:             Sat 14 Jun 2025 00:01:06 +0000
Manifest this update:     Sat 14 Jun 2025 00:01:06 +0000
Manifest next update:     Sun 15 Jun 2025 00:01:06 +0000
Files and hashes:         1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: rmQ88+htEE0Fq3KzStdinxQmLi/Qu1gQ6ZbWeBWR5Lc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 00:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:bd:70:f5:87:bd:82:6e:81:4c:cb:e4:9c:47:29:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0289eecea279413257d8908c25568abeb8af8677
        Validity
            Not Before: Jun 14 00:01:06 2025 GMT
            Not After : Jun 15 00:01:06 2025 GMT
        Subject: CN=7bb6281a57b21b0a939dc3b0588ee859dbbffe0a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:28:d0:09:64:0d:80:b8:83:71:83:79:aa:3b:
                    fb:78:76:2e:d9:5e:ee:4e:5c:01:94:73:94:7f:14:
                    0b:62:53:7c:42:34:7e:9b:4f:6a:9c:6b:25:77:26:
                    53:61:ba:1f:ec:7e:52:b4:7d:d3:ca:e4:5a:50:8e:
                    bf:bc:1e:ac:bc:ee:59:66:6a:6e:de:dc:12:cf:f4:
                    7a:6e:f5:0c:8d:99:76:e2:bc:c4:fc:0a:d9:8b:36:
                    3f:1a:50:b8:ce:1c:46:5b:ea:92:47:2a:32:86:f2:
                    e4:22:01:2c:e4:a0:20:4f:63:34:98:56:20:e1:68:
                    0e:49:54:af:dd:b3:61:06:6f:7c:54:26:40:df:78:
                    a2:6a:a5:0e:e3:d4:7e:88:48:1e:c4:01:1e:26:9b:
                    52:f2:da:a3:5f:a3:09:d9:30:d3:74:33:54:b7:11:
                    d9:cc:e0:7d:83:e5:15:2e:23:17:13:49:6c:ec:ff:
                    01:7d:f7:b6:3d:d5:b4:b7:b4:5c:75:23:a4:44:45:
                    90:d5:1d:b8:26:cf:b4:0f:36:e3:b1:9c:4c:fe:ba:
                    2c:10:67:c2:db:be:dd:ff:c2:2b:b2:4f:44:9e:11:
                    8d:35:a2:fc:b8:be:b9:89:e6:31:6b:3a:07:d2:76:
                    84:14:89:c9:b9:78:5f:dc:52:fd:df:0b:cf:7d:43:
                    e5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:B6:28:1A:57:B2:1B:0A:93:9D:C3:B0:58:8E:E8:59:DB:BF:FE:0A
            X509v3 Authority Key Identifier:
                keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:d0:bc:fa:b7:b3:db:f2:0e:d5:0b:39:66:80:28:f1:08:33:
         cf:15:1c:14:f7:a3:71:d1:c9:d5:23:08:87:96:6a:b2:13:5b:
         0f:1e:53:df:62:ab:cb:aa:fc:3b:28:18:ac:b0:63:97:15:86:
         3c:84:63:43:76:77:26:90:55:19:4f:c0:d9:ef:e7:0d:d1:c8:
         c9:7f:2d:e5:22:f4:7a:9e:d3:8a:e9:6d:10:7a:71:c4:42:91:
         0d:6e:bd:48:c4:0b:4d:b9:4f:8a:e5:58:b8:f4:9a:df:bc:59:
         7c:08:34:8d:6a:bb:1c:ee:8e:a2:fb:ea:97:61:f8:83:50:37:
         f6:56:30:d3:2d:28:88:08:e5:f7:80:57:e6:59:73:74:be:76:
         bd:9e:e0:c8:74:a3:02:d7:49:ee:30:67:8e:6b:09:a3:32:55:
         84:15:9e:96:47:09:6d:40:81:20:88:3f:f4:8c:a9:aa:e6:1e:
         b3:fa:fa:fa:b9:e8:cf:a0:ae:b5:ac:84:63:19:63:9e:53:72:
         46:62:32:8e:14:4a:90:96:51:3e:b0:f2:6a:ce:a1:df:73:3c:
         c7:cb:ce:60:f9:44:51:85:6e:18:09:01:c6:d8:dd:d5:e6:d5:
         aa:30:c8:07:2c:96:f9:4f:2c:49:1f:e6:e4:ae:40:b7:57:9e:
         45:50:5d:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdrvXD1h72CboFMy+ScRynWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh
Zjg2NzcwHhcNMjUwNjE0MDAwMTA2WhcNMjUwNjE1MDAwMTA2WjAzMTEwLwYDVQQD
Eyg3YmI2MjgxYTU3YjIxYjBhOTM5ZGMzYjA1ODhlZTg1OWRiYmZmZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjijQCWQNgLiDcYN5qjv7eHYu2V7u
TlwBlHOUfxQLYlN8QjR+m09qnGsldyZTYbof7H5StH3TyuRaUI6/vB6svO5ZZmpu
3twSz/R6bvUMjZl24rzE/ArZizY/GlC4zhxGW+qSRyoyhvLkIgEs5KAgT2M0mFYg
4WgOSVSv3bNhBm98VCZA33iiaqUO49R+iEgexAEeJptS8tqjX6MJ2TDTdDNUtxHZ
zOB9g+UVLiMXE0ls7P8Bffe2PdW0t7RcdSOkREWQ1R24Js+0DzbjsZxM/rosEGfC
277d/8Irsk9EnhGNNaL8uL65ieYxazoH0naEFInJuXhf3FL93wvPfUPlTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHu2KBpXshsKk53DsFiO6Fnbv/4KMB8GA1UdIwQY
MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt
MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky
LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr9C8+rez
2/IO1Qs5ZoAo8QgzzxUcFPejcdHJ1SMIh5ZqshNbDx5T32Kry6r8OygYrLBjlxWG
PIRjQ3Z3JpBVGU/A2e/nDdHIyX8t5SL0ep7TiultEHpxxEKRDW69SMQLTblPiuVY
uPSa37xZfAg0jWq7HO6Oovvql2H4g1A39lYw0y0oiAjl94BX5llzdL52vZ7gyHSj
AtdJ7jBnjmsJozJVhBWelkcJbUCBIIg/9IypquYes/r6+rnoz6CutayEYxljnlNy
RmIyjhRKkJZRPrDyas6h33M8x8vOYPlEUYVuGAkBxtjd1ebVqjDIByyW+U8sSR/m
5K5At1eeRVBdcw==
-----END CERTIFICATE-----