Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft
File:                     AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft (raw, json)
Hash identifier:          zLH7weBA2Cuc7iAhq7QMzgGFwp+Av50Df328H1xuLww=
Subject key identifier:   C9:65:94:9C:26:78:6C:84:0B:12:B9:87:59:54:9B:87:00:00:E6:DD
Authority key identifier: 02:72:BD:3B:32:AE:CA:F2:6C:A8:ED:B3:C8:78:FE:57:95:F2:AB:6F
Certificate issuer:       /CN=0272bd3b32aecaf26ca8edb3c878fe5795f2ab6f
Certificate serial:       0196760CBCD73A1A3B17B98B73744F85B14E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AnK9OzKuyvJsqO2zyHj-V5Xyq28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft
Manifest number:          068A
Signing time:             Sun 27 Apr 2025 07:01:08 +0000
Manifest this update:     Sun 27 Apr 2025 07:01:08 +0000
Manifest next update:     Mon 28 Apr 2025 07:01:08 +0000
Files and hashes:         1: AnK9OzKuyvJsqO2zyHj-V5Xyq28.crl (hash: rfzJkA5L0kAb5A0ks6bJkdiTVRDXI3rnMXrt2dGMk3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AnK9OzKuyvJsqO2zyHj-V5Xyq28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:bc:d7:3a:1a:3b:17:b9:8b:73:74:4f:85:b1:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0272bd3b32aecaf26ca8edb3c878fe5795f2ab6f
        Validity
            Not Before: Apr 27 07:01:08 2025 GMT
            Not After : Apr 28 07:01:08 2025 GMT
        Subject: CN=c965949c26786c840b12b98759549b870000e6dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:05:10:44:ac:46:62:ed:dc:6a:a1:de:6b:4f:
                    c4:59:b9:65:4a:90:83:0b:e7:68:a2:74:5d:a3:b0:
                    76:84:96:f4:d3:d1:54:11:f9:3a:7f:ea:3f:8d:e5:
                    1d:bd:64:0c:8b:24:8d:e7:d2:4e:98:c6:58:66:49:
                    db:4c:82:e3:87:fa:df:1f:48:19:20:aa:78:09:1e:
                    d9:32:7b:07:9f:4f:a0:ed:c6:1d:0c:1f:e5:a0:c6:
                    3f:95:bc:88:e6:c9:7a:f2:1a:e2:97:85:8f:a1:ec:
                    55:76:41:79:b8:da:55:7f:f7:10:b4:f5:42:6c:7e:
                    fa:80:23:3f:72:c3:89:a7:a3:d8:ae:09:c5:6b:05:
                    1a:89:e4:bc:3e:32:34:7f:c8:90:f1:95:1e:a6:34:
                    32:02:6d:25:a9:2e:75:bb:27:0a:46:46:82:1a:c7:
                    a8:03:5c:ed:51:0d:be:df:59:73:b5:ac:2b:84:ee:
                    cd:e9:f4:21:02:fd:f5:ae:b3:d8:46:53:ff:d9:99:
                    1b:73:69:f1:0b:23:23:f6:14:63:30:7f:9c:25:f8:
                    2e:80:6a:ab:08:5e:11:d7:59:62:f3:ae:d1:fe:e0:
                    4c:1a:24:f6:56:59:1b:20:16:6b:57:3a:39:7a:71:
                    bb:d4:9e:45:31:66:a2:7b:20:51:fb:c6:83:f7:64:
                    d2:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:65:94:9C:26:78:6C:84:0B:12:B9:87:59:54:9B:87:00:00:E6:DD
            X509v3 Authority Key Identifier:
                keyid:02:72:BD:3B:32:AE:CA:F2:6C:A8:ED:B3:C8:78:FE:57:95:F2:AB:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AnK9OzKuyvJsqO2zyHj-V5Xyq28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/af2e75-ecee-48e1-8af6-12dede9d0c71/1/AnK9OzKuyvJsqO2zyHj-V5Xyq28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:12:45:5d:a3:a3:4e:6d:2f:33:ed:00:a5:22:3e:2f:5a:c9:
         8c:d2:68:9f:2d:8e:64:44:d1:69:2a:1b:ed:a5:6e:39:6c:8a:
         7f:e3:30:54:6e:af:84:2c:86:37:27:9e:ea:e2:65:63:74:cb:
         40:31:0f:e7:2d:88:d9:d2:cc:c5:77:70:a6:cd:36:e5:18:86:
         01:1a:b7:20:1a:7d:f0:98:9f:86:4f:64:0b:39:3f:ee:94:ec:
         ad:04:73:7b:17:5a:c0:94:4d:5b:bb:c7:e5:2e:0f:d9:3d:37:
         4c:b3:ce:23:cf:4f:2e:a6:d0:cc:8c:2d:81:1d:dd:ae:a8:9e:
         5a:f9:8d:ad:1f:81:80:c3:84:79:5b:cb:38:31:ab:a5:1b:01:
         c0:87:e5:ab:36:81:73:11:0a:1c:86:e5:7b:41:79:3e:ff:b1:
         fb:28:f2:20:82:7f:3d:ec:52:0c:cf:22:81:d7:aa:72:e2:57:
         60:f5:29:30:5d:68:37:89:80:79:90:27:e1:3c:7e:70:12:e3:
         cf:fe:c8:61:04:b6:40:39:13:18:29:72:b2:0c:e4:34:8b:8a:
         a0:25:9a:cb:a4:a2:23:3c:b9:d8:d4:87:88:89:6e:12:1c:71:
         99:1e:c9:89:d7:6a:d8:45:6d:53:04:07:48:b2:48:67:ef:00:
         b2:52:cf:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DLzXOho7F7mLc3RPhbFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNzJiZDNiMzJhZWNhZjI2Y2E4ZWRiM2M4NzhmZTU3OTVm
MmFiNmYwHhcNMjUwNDI3MDcwMTA4WhcNMjUwNDI4MDcwMTA4WjAzMTEwLwYDVQQD
EyhjOTY1OTQ5YzI2Nzg2Yzg0MGIxMmI5ODc1OTU0OWI4NzAwMDBlNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgUQRKxGYu3caqHea0/EWbllSpCD
C+doonRdo7B2hJb009FUEfk6f+o/jeUdvWQMiySN59JOmMZYZknbTILjh/rfH0gZ
IKp4CR7ZMnsHn0+g7cYdDB/loMY/lbyI5sl68hril4WPoexVdkF5uNpVf/cQtPVC
bH76gCM/csOJp6PYrgnFawUaieS8PjI0f8iQ8ZUepjQyAm0lqS51uycKRkaCGseo
A1ztUQ2+31lztawrhO7N6fQhAv31rrPYRlP/2Zkbc2nxCyMj9hRjMH+cJfgugGqr
CF4R11li867R/uBMGiT2VlkbIBZrVzo5enG71J5FMWaieyBR+8aD92TS2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlllJwmeGyECxK5h1lUm4cAAObdMB8GA1UdIwQY
MBaAFAJyvTsyrsrybKjts8h4/leV8qtvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW5LOU96S3V5dkpzcU8yenlIai1WNVh5cTI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZjJlNzUtZWNlZS00OGUxLThhZjYt
MTJkZWRlOWQwYzcxLzEvQW5LOU96S3V5dkpzcU8yenlIai1WNVh5cTI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZjJlNzUtZWNlZS00OGUxLThhZjYtMTJkZWRlOWQwYzcx
LzEvQW5LOU96S3V5dkpzcU8yenlIai1WNVh5cTI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAehJFXaOj
Tm0vM+0ApSI+L1rJjNJony2OZETRaSob7aVuOWyKf+MwVG6vhCyGNyee6uJlY3TL
QDEP5y2I2dLMxXdwps025RiGARq3IBp98Jifhk9kCzk/7pTsrQRzexdawJRNW7vH
5S4P2T03TLPOI89PLqbQzIwtgR3drqieWvmNrR+BgMOEeVvLODGrpRsBwIflqzaB
cxEKHIble0F5Pv+x+yjyIIJ/PexSDM8igdeqcuJXYPUpMF1oN4mAeZAn4Tx+cBLj
z/7IYQS2QDkTGClysgzkNIuKoCWay6SiIzy52NSHiIluEhxxmR7Jiddq2EVtUwQH
SLJIZ+8AslLP6w==
-----END CERTIFICATE-----