Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          417Q/BwMDILG5lqEgNzsQ4blNra17W1AZ0Z64BsIpds=
Subject key identifier:   0E:C6:65:C8:CE:5A:00:A8:39:4F:E3:18:E7:2E:D8:A9:2B:67:0D:61
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       01988F90453ADB84D787B37E15628701EA4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          0584
Signing time:             Sat 09 Aug 2025 16:00:53 +0000
Manifest this update:     Sat 09 Aug 2025 16:00:53 +0000
Manifest next update:     Sun 10 Aug 2025 16:00:53 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: Xd5hB+MSNnl+CLrTDT79bec4iW866V4ZPS+hoRmWVec=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:90:45:3a:db:84:d7:87:b3:7e:15:62:87:01:ea:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Aug  9 16:00:53 2025 GMT
            Not After : Aug 10 16:00:53 2025 GMT
        Subject: CN=0ec665c8ce5a00a8394fe318e72ed8a92b670d61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:0d:e4:38:fd:92:88:7f:ef:0c:a4:9c:56:2a:
                    ef:3a:f5:ad:91:2d:d4:f7:ad:a3:6d:ac:92:13:d0:
                    0a:ee:37:f0:da:fa:5f:91:dd:55:cc:2a:ad:9d:eb:
                    79:dd:46:75:ea:a4:1d:f8:5f:c6:a1:e4:dd:60:e0:
                    49:bb:86:78:53:cc:05:8c:52:f3:50:c8:ad:c3:da:
                    8d:24:44:f3:da:50:63:69:4c:2e:0e:a3:aa:75:df:
                    de:62:fe:ac:ff:cf:fe:62:57:bc:78:82:6e:00:e0:
                    dc:48:2c:4c:49:54:98:e3:24:ff:24:12:ab:60:81:
                    92:6b:d1:66:be:ad:c6:14:0e:ab:52:a1:53:46:3b:
                    31:43:8d:c7:74:72:bd:f2:16:d5:ea:33:9f:a2:1c:
                    da:17:e7:c7:4e:3c:04:05:ec:6a:f8:8b:33:c4:1f:
                    95:24:75:63:d5:0b:5c:5d:1d:c0:fc:90:8a:08:28:
                    cd:08:4b:f1:5b:4b:0e:19:14:43:ed:8a:72:38:e9:
                    63:cf:e4:b3:aa:17:c0:5c:4c:39:e1:ee:33:03:20:
                    e3:84:0d:d4:a9:ad:90:02:cc:50:05:e8:26:06:15:
                    22:76:68:23:c6:97:a4:15:88:c9:cb:bf:b4:56:6f:
                    94:9f:03:b3:e5:ac:2d:e3:ae:d8:05:b3:13:1e:e2:
                    73:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:C6:65:C8:CE:5A:00:A8:39:4F:E3:18:E7:2E:D8:A9:2B:67:0D:61
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:8c:8f:c3:44:eb:f8:fa:8b:48:b8:5e:51:1b:dd:ed:57:19:
         8c:86:28:82:12:b0:c1:60:a5:a3:39:21:8f:99:9f:eb:80:f4:
         52:67:ae:f1:1c:5b:c5:37:18:4b:7e:94:11:ed:0a:cc:bd:82:
         61:74:df:08:f2:eb:1c:a1:5c:1e:5d:b9:b3:03:1c:f0:eb:5d:
         ac:1c:4c:68:a5:95:2c:7b:3d:4a:06:13:76:78:97:11:e1:be:
         fe:a5:c6:fb:cd:a5:1c:bb:bf:1e:a4:9a:4a:b6:c0:55:37:2d:
         ea:4e:e1:a6:24:68:4d:d3:87:d7:84:2a:f1:d7:21:85:40:b4:
         b4:18:6b:14:1a:e7:a6:3b:a7:b2:6e:32:59:8a:aa:45:5f:14:
         92:13:e5:43:65:e3:dd:95:99:c4:73:29:1a:ce:68:0a:a9:a8:
         73:0e:33:9a:c4:bc:74:d6:46:94:24:62:ee:1b:fd:0e:7e:67:
         02:c4:6b:bf:00:f2:83:80:71:8e:87:15:36:55:18:e1:e4:92:
         a8:2a:ee:eb:8d:d7:8c:a4:89:64:cc:69:bf:06:3d:4f:78:62:
         c6:1e:59:a5:a1:68:76:42:ca:22:a9:69:72:9b:dc:05:f5:ff:
         2b:59:c1:c1:15:f6:16:20:08:dc:9e:51:1e:c2:58:9c:64:66:
         86:fd:bf:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPkEU624TXh7N+FWKHAepLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjUwODA5MTYwMDUzWhcNMjUwODEwMTYwMDUzWjAzMTEwLwYDVQQD
EygwZWM2NjVjOGNlNWEwMGE4Mzk0ZmUzMThlNzJlZDhhOTJiNjcwZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg3kOP2SiH/vDKScVirvOvWtkS3U
962jbaySE9AK7jfw2vpfkd1VzCqtnet53UZ16qQd+F/GoeTdYOBJu4Z4U8wFjFLz
UMitw9qNJETz2lBjaUwuDqOqdd/eYv6s/8/+Yle8eIJuAODcSCxMSVSY4yT/JBKr
YIGSa9Fmvq3GFA6rUqFTRjsxQ43HdHK98hbV6jOfohzaF+fHTjwEBexq+IszxB+V
JHVj1QtcXR3A/JCKCCjNCEvxW0sOGRRD7YpyOOljz+SzqhfAXEw54e4zAyDjhA3U
qa2QAsxQBegmBhUidmgjxpekFYjJy7+0Vm+UnwOz5awt467YBbMTHuJzQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7GZcjOWgCoOU/jGOcu2KkrZw1hMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARoyPw0Tr
+PqLSLheURvd7VcZjIYoghKwwWClozkhj5mf64D0Umeu8RxbxTcYS36UEe0KzL2C
YXTfCPLrHKFcHl25swMc8OtdrBxMaKWVLHs9SgYTdniXEeG+/qXG+82lHLu/HqSa
SrbAVTct6k7hpiRoTdOH14Qq8dchhUC0tBhrFBrnpjunsm4yWYqqRV8UkhPlQ2Xj
3ZWZxHMpGs5oCqmocw4zmsS8dNZGlCRi7hv9Dn5nAsRrvwDyg4BxjocVNlUY4eSS
qCru643XjKSJZMxpvwY9T3hixh5ZpaFodkLKIqlpcpvcBfX/K1nBwRX2FiAI3J5R
HsJYnGRmhv2/sw==
-----END CERTIFICATE-----