Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
File:                     Afp6rPiShM693j1MEkYvxE3rw4Q.mft (raw, json)
Hash identifier:          Po7uG9h0rVEqeIjTsRY76t6MFmOIzESH73JwQmOEkwo=
Subject key identifier:   CA:FC:80:9A:8D:46:50:5C:6A:80:28:67:F6:D6:48:30:90:1A:E0:01
Authority key identifier: 01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84
Certificate issuer:       /CN=01fa7aacf89284cebdde3d4c12462fc44debc384
Certificate serial:       01969002B5763FCFCB65422F0A980001C5CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
Manifest number:          0AB8
Signing time:             Fri 02 May 2025 08:00:18 +0000
Manifest this update:     Fri 02 May 2025 08:00:18 +0000
Manifest next update:     Sat 03 May 2025 08:00:18 +0000
Files and hashes:         1: Afp6rPiShM693j1MEkYvxE3rw4Q.crl (hash: iTobul/qUxj+LIyLj+3Yuqhe6SDDtNYCqJpr08lCObg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 08:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:90:02:b5:76:3f:cf:cb:65:42:2f:0a:98:00:01:c5:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01fa7aacf89284cebdde3d4c12462fc44debc384
        Validity
            Not Before: May  2 08:00:18 2025 GMT
            Not After : May  3 08:00:18 2025 GMT
        Subject: CN=cafc809a8d46505c6a802867f6d64830901ae001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:b2:68:85:dc:db:31:76:6f:70:98:ac:56:a4:
                    39:a3:57:21:df:b7:5b:5a:61:e5:c7:3a:22:b8:70:
                    6e:7b:cb:fa:ae:14:c5:b6:29:e9:ed:ad:97:a3:4f:
                    fa:ee:b0:16:00:bf:39:a5:7d:45:69:05:4f:ee:db:
                    60:97:16:29:76:02:95:3e:6c:f7:ce:ca:e5:b1:64:
                    55:3a:41:ce:22:a7:1b:fb:e2:3b:08:74:8b:9e:dc:
                    b7:6f:08:00:9b:47:39:b5:90:5d:ed:16:b6:59:a8:
                    c6:cb:ad:24:de:6d:7d:65:5a:4f:b8:f3:a1:12:ee:
                    11:5b:ae:89:b9:1e:a3:0f:76:4a:32:6f:10:4c:4c:
                    ac:3d:7b:77:28:ae:16:c8:d4:1f:de:0a:d4:27:4c:
                    66:09:62:07:3c:96:56:db:2d:bc:e4:0b:82:c4:12:
                    0d:9f:f6:3b:41:7d:8c:e1:e2:99:a8:5f:30:fa:08:
                    4b:e0:45:d4:a0:ea:58:0d:ae:0b:ac:fd:b3:2d:f7:
                    1b:6f:6c:63:25:de:d8:9f:4b:10:09:7b:56:90:26:
                    36:e5:d2:43:7d:ac:39:12:ce:70:8b:12:58:1a:57:
                    1b:0f:b1:05:f6:d9:33:ab:68:1c:d2:3f:b2:e2:58:
                    32:cb:5d:c4:bc:99:1e:10:e8:bb:91:a8:3e:93:4f:
                    8b:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:FC:80:9A:8D:46:50:5C:6A:80:28:67:F6:D6:48:30:90:1A:E0:01
            X509v3 Authority Key Identifier:
                keyid:01:FA:7A:AC:F8:92:84:CE:BD:DE:3D:4C:12:46:2F:C4:4D:EB:C3:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Afp6rPiShM693j1MEkYvxE3rw4Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/645e1a-ef72-4922-aa9a-7be43eddf2ca/1/Afp6rPiShM693j1MEkYvxE3rw4Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:d6:0f:53:71:12:ba:c3:12:9d:66:ac:0b:41:29:26:1e:6d:
         ff:2b:1f:9e:d1:49:d4:1a:14:3f:54:c4:c7:f7:c3:d2:f4:37:
         1a:d5:c3:84:54:13:70:07:1e:22:7e:51:56:9f:db:c3:51:b1:
         c2:1b:2b:1c:7d:c9:0a:cc:48:1e:01:3b:8d:3e:dc:d6:24:6c:
         7b:f7:42:95:bd:5e:cc:a2:9d:08:20:44:3c:8c:ca:7d:f3:f8:
         49:4e:22:b3:2b:d7:63:f2:71:92:07:f1:9f:5d:22:14:30:2a:
         ed:10:4e:c8:c8:8a:54:9e:3c:e8:6c:81:ae:92:53:f7:e2:b7:
         77:a3:d2:d5:11:82:10:08:70:22:20:59:76:27:ae:7b:9f:38:
         d2:a9:bb:a9:b0:fb:65:0c:2b:64:50:63:82:19:5e:b9:a2:88:
         1d:9a:c3:0b:6d:23:d6:f2:67:2c:f6:04:05:c0:73:87:6f:d5:
         cb:a1:ac:c2:5a:c3:86:3f:81:f7:42:62:cc:f9:fb:50:c8:7c:
         9b:56:41:3b:49:c6:57:a0:73:1f:c8:51:4a:e0:c2:c8:03:20:
         3d:c5:9d:4e:66:60:2e:21:e4:58:b8:44:4e:2a:8f:4a:83:25:
         65:0a:46:7a:2c:4c:f0:c4:33:64:a6:b4:2d:6c:ca:93:2a:4b:
         09:fe:8d:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaQArV2P8/LZUIvCpgAAcXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZmE3YWFjZjg5Mjg0Y2ViZGRlM2Q0YzEyNDYyZmM0NGRl
YmMzODQwHhcNMjUwNTAyMDgwMDE4WhcNMjUwNTAzMDgwMDE4WjAzMTEwLwYDVQQD
EyhjYWZjODA5YThkNDY1MDVjNmE4MDI4NjdmNmQ2NDgzMDkwMWFlMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7JohdzbMXZvcJisVqQ5o1ch37db
WmHlxzoiuHBue8v6rhTFtinp7a2Xo0/67rAWAL85pX1FaQVP7ttglxYpdgKVPmz3
zsrlsWRVOkHOIqcb++I7CHSLnty3bwgAm0c5tZBd7Ra2WajGy60k3m19ZVpPuPOh
Eu4RW66JuR6jD3ZKMm8QTEysPXt3KK4WyNQf3grUJ0xmCWIHPJZW2y285AuCxBIN
n/Y7QX2M4eKZqF8w+ghL4EXUoOpYDa4LrP2zLfcbb2xjJd7Yn0sQCXtWkCY25dJD
faw5Es5wixJYGlcbD7EF9tkzq2gc0j+y4lgyy13EvJkeEOi7kag+k0+LXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMr8gJqNRlBcaoAoZ/bWSDCQGuABMB8GA1UdIwQY
MBaAFAH6eqz4koTOvd49TBJGL8RN68OEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEt
N2JlNDNlZGRmMmNhLzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82NDVlMWEtZWY3Mi00OTIyLWFhOWEtN2JlNDNlZGRmMmNh
LzEvQWZwNnJQaVNoTTY5M2oxTUVrWXZ4RTNydzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYNYPU3ES
usMSnWasC0EpJh5t/ysfntFJ1BoUP1TEx/fD0vQ3GtXDhFQTcAceIn5RVp/bw1Gx
whsrHH3JCsxIHgE7jT7c1iRse/dClb1ezKKdCCBEPIzKffP4SU4isyvXY/Jxkgfx
n10iFDAq7RBOyMiKVJ486GyBrpJT9+K3d6PS1RGCEAhwIiBZdieue5840qm7qbD7
ZQwrZFBjghleuaKIHZrDC20j1vJnLPYEBcBzh2/Vy6GswlrDhj+B90JizPn7UMh8
m1ZBO0nGV6BzH8hRSuDCyAMgPcWdTmZgLiHkWLhETiqPSoMlZQpGeixM8MQzZKa0
LWzKkypLCf6NPQ==
-----END CERTIFICATE-----