Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File:                     AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier:          6f2PhsHc23fD2d29Gm2XuKB0oXOxV9bFjHBuxC65qVA=
Subject key identifier:   67:70:4B:35:BA:BB:42:30:D9:60:5B:07:3D:23:09:13:17:F4:E2:4D
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer:       /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial:       019681A32074D3B8A2B6BFBC4B1B91646A2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number:          0CC0
Signing time:             Tue 29 Apr 2025 13:01:13 +0000
Manifest this update:     Tue 29 Apr 2025 13:01:13 +0000
Manifest next update:     Wed 30 Apr 2025 13:01:13 +0000
Files and hashes:         1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: bjCQ8e9gc1KwLV4jEMP1DOJEje9q/Ft4c73PTgOygac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 30 Apr 2025 13:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:81:a3:20:74:d3:b8:a2:b6:bf:bc:4b:1b:91:64:6a:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
        Validity
            Not Before: Apr 29 13:01:13 2025 GMT
            Not After : Apr 30 13:01:13 2025 GMT
        Subject: CN=67704b35babb4230d9605b073d23091317f4e24d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:08:8b:6a:f4:46:b7:7b:da:1d:d1:cb:34:bb:
                    ad:59:1d:cb:d0:30:51:e6:3f:b7:9a:ee:d7:d5:89:
                    97:7b:bb:ef:81:68:8d:b4:74:63:4d:31:c2:e9:7d:
                    51:c5:13:b9:e7:b1:b9:58:1f:23:c1:10:c3:13:01:
                    19:09:f7:eb:6c:52:5c:fd:38:cb:00:d3:ba:2f:e7:
                    a7:e7:55:50:2d:89:0d:31:67:1a:9e:f7:91:b1:2f:
                    8a:e5:c2:62:cd:f6:01:1b:b2:d3:aa:06:2f:08:f5:
                    9f:5c:9a:06:52:79:e4:c4:2b:45:08:77:ed:c1:fa:
                    23:48:5e:fa:55:f4:7d:b9:0c:84:0d:f8:c9:e8:2f:
                    c9:0a:36:ba:62:b8:45:b4:50:2d:00:83:ff:2f:17:
                    7f:70:06:eb:c2:dd:93:16:3d:5c:d5:32:aa:11:10:
                    20:38:3e:73:36:d0:6d:7f:c7:f6:29:64:82:f5:ff:
                    67:76:6c:c9:94:4b:0d:26:4b:c1:77:b2:e2:97:24:
                    4f:89:41:92:e6:09:e6:69:07:5c:21:80:71:cf:1f:
                    04:0c:e7:0b:1c:a3:2a:a4:6d:97:e2:02:fa:e5:fd:
                    6c:0a:35:a4:5f:fc:9e:a6:86:31:af:19:f6:a8:2c:
                    2a:b5:3b:71:79:30:b5:a6:fe:0d:47:fd:a5:22:3e:
                    56:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:70:4B:35:BA:BB:42:30:D9:60:5B:07:3D:23:09:13:17:F4:E2:4D
            X509v3 Authority Key Identifier:
                keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:52:6e:42:b3:76:fb:26:a3:09:01:d7:f0:cd:d0:23:0e:95:
         bf:24:a4:e5:8f:7a:11:5b:be:f9:a2:ef:8f:5f:71:1f:4e:3a:
         a6:d9:9c:64:f0:fd:70:a6:f6:2f:a8:77:7c:be:39:76:fd:6f:
         3c:0b:04:14:d5:19:2f:d2:cd:f7:4c:f1:74:54:95:cc:71:d6:
         c1:a3:0d:fc:8e:73:79:03:8e:7a:6a:25:c8:94:57:70:5c:ac:
         c2:83:7f:e1:07:2f:3a:cb:c9:30:e3:b4:68:ad:65:14:16:23:
         0e:79:79:b5:8b:36:5a:cc:09:b7:5a:fd:26:9e:e6:35:17:08:
         21:36:45:31:87:d9:06:a1:93:7b:b9:16:d7:d6:16:ef:54:b0:
         74:a9:66:4f:5c:a4:6b:2d:bd:b6:ad:aa:33:bc:28:a3:da:14:
         c9:3c:65:04:31:36:1f:30:dc:c4:c2:59:e7:ee:63:05:60:60:
         92:d2:c8:cc:13:ff:89:d3:cb:da:78:22:6d:4b:84:db:5b:ea:
         b9:32:be:97:e1:dd:d4:d4:50:7d:4b:87:1e:06:ea:c1:ca:5b:
         9b:33:32:61:bc:03:7f:6e:5b:c2:f1:f2:c4:67:33:79:d6:c5:
         ac:53:03:fb:43:eb:df:17:40:97:47:64:a1:72:bf:f5:01:f8:
         8c:6e:4a:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaBoyB007iitr+8SxuRZGovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjUwNDI5MTMwMTEzWhcNMjUwNDMwMTMwMTEzWjAzMTEwLwYDVQQD
Eyg2NzcwNGIzNWJhYmI0MjMwZDk2MDViMDczZDIzMDkxMzE3ZjRlMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQiLavRGt3vaHdHLNLutWR3L0DBR
5j+3mu7X1YmXe7vvgWiNtHRjTTHC6X1RxRO557G5WB8jwRDDEwEZCffrbFJc/TjL
ANO6L+en51VQLYkNMWcanveRsS+K5cJizfYBG7LTqgYvCPWfXJoGUnnkxCtFCHft
wfojSF76VfR9uQyEDfjJ6C/JCja6YrhFtFAtAIP/Lxd/cAbrwt2TFj1c1TKqERAg
OD5zNtBtf8f2KWSC9f9ndmzJlEsNJkvBd7LilyRPiUGS5gnmaQdcIYBxzx8EDOcL
HKMqpG2X4gL65f1sCjWkX/yepoYxrxn2qCwqtTtxeTC1pv4NR/2lIj5WlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdwSzW6u0Iw2WBbBz0jCRMX9OJNMB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUFJuQrN2
+yajCQHX8M3QIw6VvySk5Y96EVu++aLvj19xH046ptmcZPD9cKb2L6h3fL45dv1v
PAsEFNUZL9LN90zxdFSVzHHWwaMN/I5zeQOOemolyJRXcFyswoN/4QcvOsvJMOO0
aK1lFBYjDnl5tYs2WswJt1r9Jp7mNRcIITZFMYfZBqGTe7kW19YW71SwdKlmT1yk
ay29tq2qM7woo9oUyTxlBDE2HzDcxMJZ5+5jBWBgktLIzBP/idPL2ngibUuE21vq
uTK+l+Hd1NRQfUuHHgbqwcpbmzMyYbwDf25bwvHyxGczedbFrFMD+0Pr3xdAl0dk
oXK/9QH4jG5KzA==
-----END CERTIFICATE-----