Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
File:                     avKqUEvzdkSAPC7vFgTThgsd74Y.mft (raw, json)
Hash identifier:          uww1leLi5pqcYNMPKtJST/hmKsNrYs7Fl8dFgvBp/3c=
Subject key identifier:   E2:1B:B4:39:BD:61:FB:0F:DE:D5:11:AE:B1:DF:99:8A:D7:15:D3:E7
Authority key identifier: 6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86
Certificate issuer:       /CN=6af2aa504bf37644803c2eef1604d3860b1def86
Certificate serial:       01977978F6DA213658961F5E2CF345576E64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
Manifest number:          04F4
Signing time:             Mon 16 Jun 2025 16:00:59 +0000
Manifest this update:     Mon 16 Jun 2025 16:00:59 +0000
Manifest next update:     Tue 17 Jun 2025 16:00:59 +0000
Files and hashes:         1: avKqUEvzdkSAPC7vFgTThgsd74Y.crl (hash: b/Pk/B+Iaa3Kz0UxGohW8gsFOjIf8gEVrd7+HE2si2U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Jun 2025 14:25:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:79:78:f6:da:21:36:58:96:1f:5e:2c:f3:45:57:6e:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6af2aa504bf37644803c2eef1604d3860b1def86
        Validity
            Not Before: Jun 16 16:00:59 2025 GMT
            Not After : Jun 17 16:00:59 2025 GMT
        Subject: CN=e21bb439bd61fb0fded511aeb1df998ad715d3e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:33:a2:ad:06:22:59:2f:45:68:40:e9:c2:79:
                    bc:16:41:3b:de:7d:44:2a:34:a9:3e:cd:2a:61:5d:
                    46:a5:3e:47:01:38:06:00:80:e6:b3:67:08:d7:36:
                    70:0a:3d:d4:28:a7:64:48:9c:fd:bf:ef:6d:b7:c2:
                    87:35:d0:48:d2:7e:3b:19:9b:c7:2f:76:40:ed:d9:
                    d8:ab:4e:a4:ac:62:b5:b3:9d:a7:90:18:12:19:40:
                    7d:49:f6:27:17:a4:db:9d:b9:5b:b9:3f:66:48:99:
                    9f:90:ec:26:33:e8:f3:85:c3:a7:7d:bf:e2:05:99:
                    13:5f:75:a0:5a:45:9b:f6:16:70:4b:9a:d9:ad:c0:
                    aa:a0:2b:5f:60:94:1a:f9:77:8b:65:6a:88:d1:3f:
                    6f:84:2e:9f:14:6e:23:19:1b:67:4f:05:8a:90:4b:
                    5c:e6:ce:43:a2:de:05:30:b1:d6:e0:0d:c1:1f:a3:
                    a8:e6:aa:90:79:a5:37:be:f8:2a:6a:b5:c1:30:bd:
                    14:0e:0a:83:15:11:75:d9:90:58:4b:84:2a:01:1d:
                    68:ed:95:12:c9:e4:04:c0:34:e0:b0:ab:3b:3a:4b:
                    6b:ea:f7:ce:24:47:3b:34:f2:c5:67:49:a6:92:30:
                    8b:ac:e5:bf:df:2c:f1:07:b8:75:ee:82:81:8f:2b:
                    6a:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:1B:B4:39:BD:61:FB:0F:DE:D5:11:AE:B1:DF:99:8A:D7:15:D3:E7
            X509v3 Authority Key Identifier:
                keyid:6A:F2:AA:50:4B:F3:76:44:80:3C:2E:EF:16:04:D3:86:0B:1D:EF:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/avKqUEvzdkSAPC7vFgTThgsd74Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a01938-fabc-4362-9fd0-d4343d9e47bf/1/avKqUEvzdkSAPC7vFgTThgsd74Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:da:c7:00:5e:cd:28:67:ae:6e:a9:f7:f8:72:88:a9:88:42:
         6d:44:4d:4e:7d:41:0c:32:c7:ed:c2:10:cf:a5:1f:35:96:2a:
         b7:10:ca:b4:63:14:6d:92:a7:ac:0f:56:6a:45:1d:73:fe:7d:
         c5:af:cc:9a:8d:bc:46:0b:40:be:08:35:79:49:46:19:a9:82:
         9d:fb:9b:88:74:10:94:cf:be:3e:9f:a0:d1:83:d1:39:60:85:
         cf:cb:d3:40:42:e2:5f:9a:3a:40:14:ea:ee:42:d8:9d:29:2f:
         33:94:b0:c4:39:38:3a:85:f7:2d:2f:c0:a4:01:4c:74:f7:00:
         ef:8f:8b:5a:48:76:47:d8:54:fd:fe:1c:e1:2f:2b:e8:94:18:
         a0:76:d6:2f:b2:17:22:a5:db:ad:fc:80:41:e2:a8:70:38:6b:
         cf:53:96:b7:14:58:06:75:29:a2:e9:8b:9d:a3:36:c1:d1:19:
         e7:a2:0d:ef:07:fa:e2:1d:82:69:20:4c:2a:ff:c5:f4:62:bb:
         91:eb:cb:d1:1c:3a:5c:a5:5a:48:a4:0a:97:0d:89:45:51:29:
         de:55:85:7b:8a:27:3d:38:a1:28:c0:e3:28:78:eb:02:48:45:
         8d:f2:9a:13:5b:fc:a5:5e:57:d2:2a:53:61:dc:0f:df:63:e5:
         8b:93:9f:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd5ePbaITZYlh9eLPNFV25kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhZjJhYTUwNGJmMzc2NDQ4MDNjMmVlZjE2MDRkMzg2MGIx
ZGVmODYwHhcNMjUwNjE2MTYwMDU5WhcNMjUwNjE3MTYwMDU5WjAzMTEwLwYDVQQD
EyhlMjFiYjQzOWJkNjFmYjBmZGVkNTExYWViMWRmOTk4YWQ3MTVkM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzOirQYiWS9FaEDpwnm8FkE73n1E
KjSpPs0qYV1GpT5HATgGAIDms2cI1zZwCj3UKKdkSJz9v+9tt8KHNdBI0n47GZvH
L3ZA7dnYq06krGK1s52nkBgSGUB9SfYnF6TbnblbuT9mSJmfkOwmM+jzhcOnfb/i
BZkTX3WgWkWb9hZwS5rZrcCqoCtfYJQa+XeLZWqI0T9vhC6fFG4jGRtnTwWKkEtc
5s5Dot4FMLHW4A3BH6Oo5qqQeaU3vvgqarXBML0UDgqDFRF12ZBYS4QqAR1o7ZUS
yeQEwDTgsKs7Oktr6vfOJEc7NPLFZ0mmkjCLrOW/3yzxB7h17oKBjytqEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIbtDm9YfsP3tURrrHfmYrXFdPnMB8GA1UdIwQY
MBaAFGryqlBL83ZEgDwu7xYE04YLHe+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAt
ZDQzNDNkOWU0N2JmLzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hMDE5MzgtZmFiYy00MzYyLTlmZDAtZDQzNDNkOWU0N2Jm
LzEvYXZLcVVFdnpka1NBUEM3dkZnVFRoZ3NkNzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9rHAF7N
KGeubqn3+HKIqYhCbURNTn1BDDLH7cIQz6UfNZYqtxDKtGMUbZKnrA9WakUdc/59
xa/Mmo28RgtAvgg1eUlGGamCnfubiHQQlM++Pp+g0YPROWCFz8vTQELiX5o6QBTq
7kLYnSkvM5SwxDk4OoX3LS/ApAFMdPcA74+LWkh2R9hU/f4c4S8r6JQYoHbWL7IX
IqXbrfyAQeKocDhrz1OWtxRYBnUpoumLnaM2wdEZ56IN7wf64h2CaSBMKv/F9GK7
kevL0Rw6XKVaSKQKlw2JRVEp3lWFe4onPTihKMDjKHjrAkhFjfKaE1v8pV5X0ipT
YdwP32Pli5OfUg==
-----END CERTIFICATE-----