Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
File:                     IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft (raw, json)
Hash identifier:          BZvA3ZR4AXBdVd6hAada6VkFxqFV8Pw704yS52fs2p8=
Subject key identifier:   A5:D5:3D:37:85:95:09:27:96:29:10:5A:0B:C5:F8:CA:91:D6:0A:F3
Authority key identifier: 22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D
Certificate issuer:       /CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
Certificate serial:       019676E7F01CA11AD9272E7B94C2243B87C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
Manifest number:          0AE0
Signing time:             Sun 27 Apr 2025 11:00:33 +0000
Manifest this update:     Sun 27 Apr 2025 11:00:33 +0000
Manifest next update:     Mon 28 Apr 2025 11:00:33 +0000
Files and hashes:         1: IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl (hash: RiTC3DEzyxGFeriMQYQHuHu0RWj9yH5Yr4b+EyIaJys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:29:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:e7:f0:1c:a1:1a:d9:27:2e:7b:94:c2:24:3b:87:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22fbef695fa95d0c95909e51aa1fab94fc40267d
        Validity
            Not Before: Apr 27 11:00:33 2025 GMT
            Not After : Apr 28 11:00:33 2025 GMT
        Subject: CN=a5d53d37859509279629105a0bc5f8ca91d60af3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d1:90:0d:cc:07:6b:e3:fa:31:4f:79:68:48:
                    a3:2f:68:b1:09:fd:49:16:1f:e6:1c:3f:46:1b:2b:
                    cf:0f:41:04:77:39:73:84:6b:ff:3d:b9:d3:95:b4:
                    d7:31:98:95:2c:2d:51:20:58:23:90:41:31:eb:7b:
                    f2:e9:01:2c:ff:d4:8f:42:e3:2b:09:5e:8d:47:c2:
                    7a:56:58:2c:2f:2a:77:99:74:c4:d9:b8:88:9d:e1:
                    e7:8c:09:b2:27:b3:29:a0:fb:7d:e2:58:bd:f7:29:
                    9a:73:c7:5b:6c:08:4f:85:66:d0:21:92:80:a4:e5:
                    c5:80:2a:84:33:48:49:ff:a9:29:3b:f2:12:92:ab:
                    fd:32:7a:07:a2:d1:fd:3c:16:d7:b3:a3:dc:4a:c9:
                    19:c5:ac:2d:01:bd:80:da:71:09:80:9b:56:1d:ff:
                    ab:24:ef:07:27:d7:81:68:d7:00:27:79:91:72:77:
                    fb:11:ec:de:e4:4d:f8:6b:11:ba:84:1e:08:f3:42:
                    65:2c:07:1f:d6:09:f7:8f:3b:ed:a9:f1:e4:a6:6f:
                    82:e7:ed:0e:41:90:03:40:a0:89:ee:1e:f8:7f:4d:
                    d4:d6:f0:ce:96:25:f9:97:09:cb:c9:f1:a9:37:d9:
                    bd:d2:eb:a5:bc:39:c8:ee:8b:7d:9f:b8:26:98:00:
                    61:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:D5:3D:37:85:95:09:27:96:29:10:5A:0B:C5:F8:CA:91:D6:0A:F3
            X509v3 Authority Key Identifier:
                keyid:22:FB:EF:69:5F:A9:5D:0C:95:90:9E:51:AA:1F:AB:94:FC:40:26:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/87aa20-222c-4acb-b291-f629508c072d/1/IvvvaV-pXQyVkJ5Rqh-rlPxAJn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:8c:70:4e:d1:03:2c:60:b9:75:bf:9e:59:52:60:9e:fd:06:
         a7:84:5b:f4:7b:a3:0b:f3:7d:81:cd:f3:af:5b:f0:1a:98:7f:
         1a:56:ab:25:d1:3c:2d:be:5a:db:18:c7:b6:71:63:68:ba:06:
         bf:a3:2d:ec:06:83:a9:2b:49:a1:be:60:b2:b6:22:e9:6f:e4:
         e9:8f:44:2d:94:af:c6:42:c5:b4:77:d4:d8:06:03:c0:3b:9b:
         86:f9:e7:54:ac:0f:d4:f8:3e:02:aa:bd:a7:fd:27:d0:b7:bf:
         56:e7:77:19:82:b8:f4:30:c5:c3:ca:90:eb:60:b3:0a:81:29:
         e9:6c:bb:95:f7:09:c7:ed:32:75:91:1c:0e:ee:d7:93:3b:b2:
         7b:2c:92:74:ee:82:da:b9:8d:6f:97:08:59:fe:51:77:79:b3:
         ad:38:86:e9:dd:94:98:de:e2:c8:90:be:0f:8d:9f:d5:07:cf:
         70:85:aa:68:a1:06:39:ac:27:30:70:df:df:8d:d4:d7:32:48:
         1c:b9:9b:e5:dd:38:be:33:ab:42:72:2f:01:38:26:9d:7d:85:
         ce:77:2e:e8:8a:01:3b:20:50:84:54:38:f0:87:9f:e1:18:09:
         e5:cc:1c:f9:69:08:43:9b:ad:4b:4d:8c:40:de:a6:64:21:7e:
         4c:cf:a3:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ25/AcoRrZJy57lMIkO4fDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZmJlZjY5NWZhOTVkMGM5NTkwOWU1MWFhMWZhYjk0ZmM0
MDI2N2QwHhcNMjUwNDI3MTEwMDMzWhcNMjUwNDI4MTEwMDMzWjAzMTEwLwYDVQQD
EyhhNWQ1M2QzNzg1OTUwOTI3OTYyOTEwNWEwYmM1ZjhjYTkxZDYwYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9GQDcwHa+P6MU95aEijL2ixCf1J
Fh/mHD9GGyvPD0EEdzlzhGv/PbnTlbTXMZiVLC1RIFgjkEEx63vy6QEs/9SPQuMr
CV6NR8J6VlgsLyp3mXTE2biIneHnjAmyJ7MpoPt94li99ymac8dbbAhPhWbQIZKA
pOXFgCqEM0hJ/6kpO/ISkqv9MnoHotH9PBbXs6PcSskZxawtAb2A2nEJgJtWHf+r
JO8HJ9eBaNcAJ3mRcnf7Eeze5E34axG6hB4I80JlLAcf1gn3jzvtqfHkpm+C5+0O
QZADQKCJ7h74f03U1vDOliX5lwnLyfGpN9m90uulvDnI7ot9n7gmmABhoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKXVPTeFlQknlikQWgvF+MqR1grzMB8GA1UdIwQY
MBaAFCL772lfqV0MlZCeUaofq5T8QCZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEt
ZjYyOTUwOGMwNzJkLzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84N2FhMjAtMjIyYy00YWNiLWIyOTEtZjYyOTUwOGMwNzJk
LzEvSXZ2dmFWLXBYUXlWa0o1UnFoLXJsUHhBSm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjoxwTtED
LGC5db+eWVJgnv0Gp4Rb9HujC/N9gc3zr1vwGph/GlarJdE8Lb5a2xjHtnFjaLoG
v6Mt7AaDqStJob5gsrYi6W/k6Y9ELZSvxkLFtHfU2AYDwDubhvnnVKwP1Pg+Aqq9
p/0n0Le/Vud3GYK49DDFw8qQ62CzCoEp6Wy7lfcJx+0ydZEcDu7XkzuyeyySdO6C
2rmNb5cIWf5Rd3mzrTiG6d2UmN7iyJC+D42f1QfPcIWqaKEGOawnMHDf343U1zJI
HLmb5d04vjOrQnIvATgmnX2Fzncu6IoBOyBQhFQ48Ief4RgJ5cwc+WkIQ5utS02M
QN6mZCF+TM+jfw==
-----END CERTIFICATE-----