Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          EL8d1yY583n/MnZM2HPgRgaD0WClUxn3J6nldpOOj9w=
Subject key identifier:   39:65:BA:B0:29:62:18:2C:5D:1D:DF:64:F5:8E:8E:54:33:A5:5A:43
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       01984965777F57C95A86D82975208190EC86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          1016
Signing time:             Sun 27 Jul 2025 01:00:43 +0000
Manifest this update:     Sun 27 Jul 2025 01:00:43 +0000
Manifest next update:     Mon 28 Jul 2025 01:00:43 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: QHNz6RVrFOguvG5iaHiJFrpKDVrGz9AB880t546rL7M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 20:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:65:77:7f:57:c9:5a:86:d8:29:75:20:81:90:ec:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jul 27 01:00:43 2025 GMT
            Not After : Jul 28 01:00:43 2025 GMT
        Subject: CN=3965bab02962182c5d1ddf64f58e8e5433a55a43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:0b:90:76:0e:19:ff:d1:90:ab:9d:5f:6a:5c:
                    6b:f4:ce:43:d9:fb:4d:42:84:36:a9:cb:03:91:a2:
                    2a:97:33:2b:48:dd:03:27:c1:89:27:0f:bb:ff:ae:
                    80:58:ff:3f:63:3f:13:e0:dc:cf:60:ea:1b:1e:cc:
                    33:9b:ef:7f:a0:b1:0a:6f:09:92:ed:75:62:ad:78:
                    a7:47:59:dc:48:fb:b8:b0:9d:a9:3d:c3:f7:10:bc:
                    d0:dd:2a:0a:32:f0:56:86:5e:44:3f:79:d9:f8:1d:
                    90:10:ab:0d:c1:b8:5a:74:97:52:82:6f:23:03:4c:
                    ec:49:c0:c7:47:f8:c0:f3:ff:04:a2:c5:b5:e7:14:
                    e8:dc:72:9c:e7:45:7d:8b:12:70:9a:8e:87:04:37:
                    99:0d:7f:76:a5:0e:f7:31:89:6e:52:f0:8d:93:9b:
                    56:1f:7e:b2:5b:2a:b8:4b:e2:e0:17:8c:fc:09:5b:
                    68:6e:81:b6:d3:26:80:dc:71:c3:29:60:aa:3d:37:
                    87:fd:85:8d:d9:fb:08:b1:3a:55:44:f0:1d:c9:68:
                    e5:76:e2:4d:0f:32:53:5d:17:ad:08:21:d6:eb:8b:
                    75:e6:bd:9b:82:99:fa:fc:b9:92:c5:ec:24:d3:40:
                    65:fe:7e:8f:36:bd:1d:e9:db:26:a5:ce:fa:95:0d:
                    00:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:65:BA:B0:29:62:18:2C:5D:1D:DF:64:F5:8E:8E:54:33:A5:5A:43
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:cd:aa:c1:49:de:2e:de:da:5e:f0:6f:15:06:35:9f:0c:03:
         fa:59:45:0a:89:1c:0d:88:bd:ae:a1:78:d7:6b:8f:a9:ba:fc:
         03:8b:8c:4f:50:82:ad:98:fc:a7:b0:40:b0:c0:ad:10:86:fe:
         a4:f7:05:66:3d:d7:09:81:25:e0:ac:25:e6:b6:0b:00:af:c2:
         67:c6:9d:6d:3e:4a:b9:cf:0e:43:8c:0a:cf:16:d8:44:ba:67:
         aa:a0:d3:f1:49:c2:40:54:2b:94:3e:e5:a2:11:20:5a:50:67:
         22:bf:a8:6a:96:54:63:aa:41:26:ce:b8:90:2e:81:fd:41:92:
         f1:8b:4e:84:6e:dd:67:ef:4b:57:3f:72:64:db:39:7b:c3:a2:
         99:0f:35:94:76:cc:dd:1c:1d:56:a1:c8:48:0a:3b:8b:77:10:
         23:eb:2a:80:d5:3a:3a:3f:c0:c3:40:b0:24:e4:c3:c6:e1:7c:
         22:de:0f:d5:ca:a0:d3:c2:4c:92:3f:d9:e5:d5:32:ec:16:41:
         01:fe:07:c9:bd:ca:9f:57:4c:ed:fa:e1:6b:5f:53:de:12:07:
         ab:ff:5a:2e:ed:bc:f6:3a:59:4d:67:ee:ba:59:1b:34:38:36:
         45:5a:0a:fa:2a:d0:67:fb:88:f0:09:8d:43:e5:6e:cb:f5:ff:
         bd:ea:f9:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJZXd/V8lahtgpdSCBkOyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNzI3MDEwMDQzWhcNMjUwNzI4MDEwMDQzWjAzMTEwLwYDVQQD
EygzOTY1YmFiMDI5NjIxODJjNWQxZGRmNjRmNThlOGU1NDMzYTU1YTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwuQdg4Z/9GQq51falxr9M5D2ftN
QoQ2qcsDkaIqlzMrSN0DJ8GJJw+7/66AWP8/Yz8T4NzPYOobHswzm+9/oLEKbwmS
7XVirXinR1ncSPu4sJ2pPcP3ELzQ3SoKMvBWhl5EP3nZ+B2QEKsNwbhadJdSgm8j
A0zsScDHR/jA8/8EosW15xTo3HKc50V9ixJwmo6HBDeZDX92pQ73MYluUvCNk5tW
H36yWyq4S+LgF4z8CVtoboG20yaA3HHDKWCqPTeH/YWN2fsIsTpVRPAdyWjlduJN
DzJTXRetCCHW64t15r2bgpn6/LmSxewk00Bl/n6PNr0d6dsmpc76lQ0AXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDllurApYhgsXR3fZPWOjlQzpVpDMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbs2qwUne
Lt7aXvBvFQY1nwwD+llFCokcDYi9rqF412uPqbr8A4uMT1CCrZj8p7BAsMCtEIb+
pPcFZj3XCYEl4Kwl5rYLAK/CZ8adbT5Kuc8OQ4wKzxbYRLpnqqDT8UnCQFQrlD7l
ohEgWlBnIr+oapZUY6pBJs64kC6B/UGS8YtOhG7dZ+9LVz9yZNs5e8OimQ81lHbM
3RwdVqHISAo7i3cQI+sqgNU6Oj/Aw0CwJOTDxuF8It4P1cqg08JMkj/Z5dUy7BZB
Af4Hyb3Kn1dM7frha19T3hIHq/9aLu289jpZTWfuulkbNDg2RVoK+irQZ/uI8AmN
Q+Vuy/X/ver5ig==
-----END CERTIFICATE-----