Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          lk0dqltf/tz4T2iiY70RNNy/EO2OgfJUorspWy4usok=
Subject key identifier:   BD:CC:41:4A:FC:B0:1D:1B:CC:09:CF:21:AF:87:CB:24:ED:02:A7:7C
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       019769615757653AB585413915B87C77A68F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 13:01:16 +0000
Manifest this update:     Fri 13 Jun 2025 13:01:16 +0000
Manifest next update:     Sat 14 Jun 2025 13:01:16 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: s9+WGePBXWUwbOm+BrI0gf0GkeDweIm1znVVeuVcN1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:61:57:57:65:3a:b5:85:41:39:15:b8:7c:77:a6:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Jun 13 13:01:16 2025 GMT
            Not After : Jun 14 13:01:16 2025 GMT
        Subject: CN=bdcc414afcb01d1bcc09cf21af87cb24ed02a77c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:16:82:66:17:4f:5c:4f:e3:c1:ac:3e:76:9b:
                    ab:6e:ac:41:f5:31:77:7a:71:7b:37:3f:09:c3:59:
                    5f:21:4b:68:92:57:74:9c:1e:bb:ff:b0:cc:2d:d2:
                    2a:90:74:c3:22:40:05:79:ff:53:ac:2b:b1:66:68:
                    46:3d:2d:e9:8e:f6:1a:34:13:07:30:61:6d:44:7c:
                    25:6c:41:7c:6c:27:89:88:bd:bf:a6:5a:73:55:28:
                    d6:33:8d:68:80:97:27:65:80:d7:5d:c9:1e:5a:4a:
                    d6:f6:c4:17:59:9c:89:46:ed:14:3b:cb:e1:cf:5b:
                    ef:af:af:1f:f6:ff:6b:d1:45:b6:23:e4:af:34:d9:
                    8c:ed:27:df:f3:ed:79:90:a5:35:b9:9d:85:8e:19:
                    02:fa:6e:bd:d2:7f:d1:30:c6:60:62:56:66:18:21:
                    87:18:c9:7c:81:74:95:6a:da:81:cf:a6:29:ab:69:
                    90:b3:90:ab:f0:9e:e1:fc:5b:18:8d:13:9f:6b:e0:
                    39:62:a7:1e:ab:a7:cb:2d:91:88:15:dd:2d:80:65:
                    9d:da:f5:e8:78:a8:e3:0f:2c:48:0e:0c:f1:c9:98:
                    65:9c:cb:31:a6:fb:50:61:e7:de:4e:df:8b:a7:18:
                    77:ac:2d:9f:4d:35:c5:4b:1b:f5:13:4b:45:c1:5d:
                    7a:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:CC:41:4A:FC:B0:1D:1B:CC:09:CF:21:AF:87:CB:24:ED:02:A7:7C
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:9e:79:63:8b:06:f4:42:f3:cf:f3:88:11:46:d5:61:71:98:
         ef:54:28:0d:d6:b1:08:a5:cb:09:b6:c3:c1:ff:a9:40:d3:8c:
         7a:ec:7c:43:4a:69:e6:eb:bd:c1:83:5d:ca:4e:9b:87:cc:94:
         90:47:f3:74:ba:51:c1:b1:d3:25:46:38:da:54:65:bc:2f:43:
         1c:c8:00:4a:f1:f1:98:ba:22:eb:d8:fa:c8:99:58:0a:b2:17:
         9e:09:71:43:d5:e3:a4:b1:40:c3:d7:3e:da:34:30:2b:0f:e0:
         a4:de:41:25:a8:1f:47:55:b4:d6:0a:4c:60:ef:19:9f:4a:42:
         27:dc:5e:d2:6e:94:d8:a2:ba:66:6c:90:76:ab:2a:bd:47:95:
         1e:53:a3:88:27:ab:c5:6b:07:bd:82:c1:5c:98:9b:d6:b8:e2:
         48:60:04:90:9e:11:ad:b1:40:63:07:95:5b:f9:d6:f4:34:00:
         74:26:ea:70:07:ab:88:1f:ab:a7:51:ab:bf:f9:b2:72:28:71:
         92:a7:88:56:c9:72:41:e7:42:ae:cf:2b:c4:c4:0d:23:f1:a6:
         69:eb:c3:ca:f4:5b:15:d7:4b:57:15:0c:3f:60:d4:7e:1e:4f:
         f4:9c:a9:b9:94:46:8a:c9:28:8f:1e:90:44:39:6d:76:3a:75:
         c4:b9:ed:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpYVdXZTq1hUE5Fbh8d6aPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjUwNjEzMTMwMTE2WhcNMjUwNjE0MTMwMTE2WjAzMTEwLwYDVQQD
EyhiZGNjNDE0YWZjYjAxZDFiY2MwOWNmMjFhZjg3Y2IyNGVkMDJhNzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhaCZhdPXE/jwaw+dpurbqxB9TF3
enF7Nz8Jw1lfIUtokld0nB67/7DMLdIqkHTDIkAFef9TrCuxZmhGPS3pjvYaNBMH
MGFtRHwlbEF8bCeJiL2/plpzVSjWM41ogJcnZYDXXckeWkrW9sQXWZyJRu0UO8vh
z1vvr68f9v9r0UW2I+SvNNmM7Sff8+15kKU1uZ2FjhkC+m690n/RMMZgYlZmGCGH
GMl8gXSVatqBz6Ypq2mQs5Cr8J7h/FsYjROfa+A5Yqceq6fLLZGIFd0tgGWd2vXo
eKjjDyxIDgzxyZhlnMsxpvtQYefeTt+Lpxh3rC2fTTXFSxv1E0tFwV163QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3MQUr8sB0bzAnPIa+HyyTtAqd8MB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaJ55Y4sG
9ELzz/OIEUbVYXGY71QoDdaxCKXLCbbDwf+pQNOMeux8Q0pp5uu9wYNdyk6bh8yU
kEfzdLpRwbHTJUY42lRlvC9DHMgASvHxmLoi69j6yJlYCrIXnglxQ9XjpLFAw9c+
2jQwKw/gpN5BJagfR1W01gpMYO8Zn0pCJ9xe0m6U2KK6ZmyQdqsqvUeVHlOjiCer
xWsHvYLBXJib1rjiSGAEkJ4RrbFAYweVW/nW9DQAdCbqcAeriB+rp1Grv/mycihx
kqeIVslyQedCrs8rxMQNI/GmaevDyvRbFddLVxUMP2DUfh5P9JypuZRGiskojx6Q
RDltdjp1xLntDQ==
-----END CERTIFICATE-----