Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
File:                     aWZRzL2U9r6et0MyEiM1yrvvw5o.mft (raw, json)
Hash identifier:          WInuxYPs1v7WTv4TmFBMOMmQCLLg3IjE7SFtKlzTbUc=
Subject key identifier:   92:A3:0E:01:D5:74:8F:06:EF:A8:59:90:E7:FA:E7:12:ED:9B:19:08
Authority key identifier: 69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A
Certificate issuer:       /CN=696651ccbd94f6be9eb74332122335cabbefc39a
Certificate serial:       01967A56AF74D72246C1146F8DA2190F404F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
Manifest number:          043E
Signing time:             Mon 28 Apr 2025 03:00:23 +0000
Manifest this update:     Mon 28 Apr 2025 03:00:23 +0000
Manifest next update:     Tue 29 Apr 2025 03:00:23 +0000
Files and hashes:         1: aWZRzL2U9r6et0MyEiM1yrvvw5o.crl (hash: hwCwNc9Y0hbRfRV3J1NMXGsk+yrvnWEpRBtZvr7UaBo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 03:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:56:af:74:d7:22:46:c1:14:6f:8d:a2:19:0f:40:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=696651ccbd94f6be9eb74332122335cabbefc39a
        Validity
            Not Before: Apr 28 03:00:23 2025 GMT
            Not After : Apr 29 03:00:23 2025 GMT
        Subject: CN=92a30e01d5748f06efa85990e7fae712ed9b1908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:05:9b:ab:e1:6e:06:ce:11:32:50:45:e0:f1:
                    ca:b8:eb:9b:47:ee:4e:af:e2:44:5c:36:1b:c7:b4:
                    7a:6d:77:73:b6:03:05:78:14:62:34:90:94:8f:a1:
                    e0:8c:a8:e4:7f:4f:06:dd:99:e0:05:84:f4:68:f5:
                    11:e3:04:c7:8e:11:0d:52:7d:32:4f:b9:51:4b:37:
                    9f:b4:6a:e3:07:3e:82:9c:2c:06:6a:2f:cb:be:e5:
                    be:70:f9:3e:84:79:0d:fe:4d:a1:ab:fc:a0:71:72:
                    26:dd:ce:07:f3:f5:b3:51:dd:17:35:82:93:43:08:
                    6e:08:4d:1f:92:b7:1a:07:99:94:38:d7:3b:c3:b1:
                    c9:3d:fb:6d:c1:3d:b3:76:42:c8:0c:f1:74:a4:8f:
                    25:83:77:b5:59:28:5b:00:c5:87:da:a5:68:0f:3c:
                    2a:c5:c5:a0:79:64:10:c3:1b:6c:88:2d:59:a6:1e:
                    51:9d:2b:15:d7:7a:ba:3e:5d:57:f1:df:8b:1c:59:
                    6a:59:fb:2f:63:e5:33:7a:d9:15:81:14:12:78:f8:
                    aa:30:cd:87:c0:e2:5b:35:9a:91:de:97:fc:5c:28:
                    3f:93:93:cd:0a:10:57:ae:b8:c0:36:5b:5a:ee:74:
                    ec:e0:13:46:8f:e8:20:d7:7d:4d:7b:a4:e0:2d:41:
                    28:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:A3:0E:01:D5:74:8F:06:EF:A8:59:90:E7:FA:E7:12:ED:9B:19:08
            X509v3 Authority Key Identifier:
                keyid:69:66:51:CC:BD:94:F6:BE:9E:B7:43:32:12:23:35:CA:BB:EF:C3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWZRzL2U9r6et0MyEiM1yrvvw5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/dcc22e-aab3-4e17-a4a0-d87017d7a6ac/1/aWZRzL2U9r6et0MyEiM1yrvvw5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:21:7c:3a:e8:8a:9b:2b:05:9a:55:e8:e7:12:a9:bf:92:f4:
         45:82:b6:ba:03:58:e5:fb:b9:3e:28:61:f8:36:36:79:25:a3:
         28:d7:4b:7e:87:7f:48:33:bb:5d:a0:e0:f0:bc:b3:cb:2b:e8:
         f6:71:54:fa:84:80:c0:a1:96:4b:67:77:19:cd:8a:9d:77:c9:
         04:16:16:81:5b:f4:67:4e:94:c8:08:f8:bd:5b:34:fd:d3:81:
         de:a5:de:01:2c:a9:31:71:54:1c:fc:eb:16:9c:8e:36:d2:0a:
         94:64:7c:02:82:e3:aa:f4:81:b3:05:3e:23:12:c6:95:86:b1:
         bb:ab:39:9e:b2:c8:5b:2e:71:11:6c:fc:cb:ee:88:c2:a1:1c:
         fb:7f:12:fe:72:93:18:14:0b:18:bc:7d:1d:3b:74:7f:a3:d0:
         c3:a6:b2:51:04:32:1e:7b:00:5b:6e:9a:eb:4a:47:e4:82:52:
         e8:9e:9a:a2:e3:fc:51:d7:56:31:0d:d3:1d:5b:d2:3c:6b:d3:
         8c:62:2a:9c:80:74:0f:06:d9:40:f2:5d:c0:85:b3:41:0b:08:
         7c:d8:e3:eb:8d:d1:7e:4b:a1:91:da:67:75:a0:2c:6b:d8:63:
         a8:bf:5e:4b:7e:9f:a1:4c:32:14:f6:dd:21:d8:08:b9:00:52:
         a1:8c:42:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6Vq901yJGwRRvjaIZD0BPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NjY1MWNjYmQ5NGY2YmU5ZWI3NDMzMjEyMjMzNWNhYmJl
ZmMzOWEwHhcNMjUwNDI4MDMwMDIzWhcNMjUwNDI5MDMwMDIzWjAzMTEwLwYDVQQD
Eyg5MmEzMGUwMWQ1NzQ4ZjA2ZWZhODU5OTBlN2ZhZTcxMmVkOWIxOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAWbq+FuBs4RMlBF4PHKuOubR+5O
r+JEXDYbx7R6bXdztgMFeBRiNJCUj6HgjKjkf08G3ZngBYT0aPUR4wTHjhENUn0y
T7lRSzeftGrjBz6CnCwGai/LvuW+cPk+hHkN/k2hq/ygcXIm3c4H8/WzUd0XNYKT
QwhuCE0fkrcaB5mUONc7w7HJPfttwT2zdkLIDPF0pI8lg3e1WShbAMWH2qVoDzwq
xcWgeWQQwxtsiC1Zph5RnSsV13q6Pl1X8d+LHFlqWfsvY+UzetkVgRQSePiqMM2H
wOJbNZqR3pf8XCg/k5PNChBXrrjANlta7nTs4BNGj+gg131Ne6TgLUEoDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJKjDgHVdI8G76hZkOf65xLtmxkIMB8GA1UdIwQY
MBaAFGlmUcy9lPa+nrdDMhIjNcq778OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAt
ZDg3MDE3ZDdhNmFjLzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9kY2MyMmUtYWFiMy00ZTE3LWE0YTAtZDg3MDE3ZDdhNmFj
LzEvYVdaUnpMMlU5cjZldDBNeUVpTTF5cnZ2dzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOCF8OuiK
mysFmlXo5xKpv5L0RYK2ugNY5fu5Pihh+DY2eSWjKNdLfod/SDO7XaDg8Lyzyyvo
9nFU+oSAwKGWS2d3Gc2KnXfJBBYWgVv0Z06UyAj4vVs0/dOB3qXeASypMXFUHPzr
FpyONtIKlGR8AoLjqvSBswU+IxLGlYaxu6s5nrLIWy5xEWz8y+6IwqEc+38S/nKT
GBQLGLx9HTt0f6PQw6ayUQQyHnsAW26a60pH5IJS6J6aouP8UddWMQ3THVvSPGvT
jGIqnIB0DwbZQPJdwIWzQQsIfNjj643RfkuhkdpndaAsa9hjqL9eS36foUwyFPbd
IdgIuQBSoYxCRg==
-----END CERTIFICATE-----