Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
File:                     KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft (raw, json)
Hash identifier:          HH0e0YnqSCbxqXJ+74adEBGD5ZGmj/VnMSdfU00ExUM=
Subject key identifier:   FB:56:90:05:1D:D5:A7:17:14:B4:F1:9D:6E:5F:A9:7F:DF:C9:06:69
Authority key identifier: 2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66
Certificate issuer:       /CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
Certificate serial:       0196545C11EB67099A0A759F3E8A5C1E8350
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
Manifest number:          068E
Signing time:             Sun 20 Apr 2025 18:00:42 +0000
Manifest this update:     Sun 20 Apr 2025 18:00:42 +0000
Manifest next update:     Mon 21 Apr 2025 18:00:42 +0000
Files and hashes:         1: KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl (hash: TplzFpi/Jd7hga9OB8t1qMyi2qK5OOTsaweHoJCYjac=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:5c:11:eb:67:09:9a:0a:75:9f:3e:8a:5c:1e:83:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
        Validity
            Not Before: Apr 20 18:00:42 2025 GMT
            Not After : Apr 21 18:00:42 2025 GMT
        Subject: CN=fb5690051dd5a71714b4f19d6e5fa97fdfc90669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:3c:ff:be:62:37:6d:04:a8:7d:76:9f:01:10:
                    47:2d:6e:a5:f2:49:8d:91:4e:32:b5:33:ef:99:96:
                    98:65:22:9c:d9:41:12:5e:a4:26:e6:ef:25:f1:06:
                    bf:6c:e3:4d:a2:7b:e0:6a:d1:61:a1:47:09:d2:b7:
                    32:65:8a:46:58:cc:1b:98:67:c2:0a:1e:39:d3:42:
                    54:3e:a9:25:12:61:0f:a4:7f:7d:4b:5a:9b:92:fb:
                    92:2e:c2:8c:28:df:07:3d:13:0c:3c:57:36:8e:3a:
                    00:19:73:5c:38:1e:df:4f:03:22:73:4f:c6:03:48:
                    05:31:84:7e:ba:ef:93:51:b3:ec:9d:83:1d:76:d5:
                    5f:45:10:c8:87:f5:12:d4:58:ba:93:4a:8d:eb:b3:
                    d8:fc:19:b5:11:0e:9e:a3:62:30:e7:c7:e1:b8:51:
                    6c:99:b0:41:63:23:69:db:07:b9:97:ee:26:29:d1:
                    87:e7:01:dc:ec:d6:47:8c:28:b1:a7:af:75:e8:2e:
                    41:c9:34:5a:fd:21:f3:0d:e8:d9:ef:27:53:cb:b5:
                    b0:1c:15:b0:36:b4:99:fb:6f:89:d1:95:63:9b:b1:
                    94:03:3b:cf:d1:fd:65:c2:6e:11:54:38:c2:10:1f:
                    b0:64:f5:19:14:9e:0e:3d:9c:7b:b8:9b:fa:c7:45:
                    ec:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:56:90:05:1D:D5:A7:17:14:B4:F1:9D:6E:5F:A9:7F:DF:C9:06:69
            X509v3 Authority Key Identifier:
                keyid:2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:09:3a:2f:8d:d2:ec:28:2a:d1:71:54:03:71:17:1d:94:1c:
         28:2e:fa:f7:47:4e:ae:98:8e:f4:2d:6f:a4:b2:0b:63:ff:28:
         7e:84:53:2b:78:7a:26:6e:b5:1a:85:51:f4:fe:65:b4:75:8d:
         e4:3c:0b:83:0f:e6:1a:fb:9a:67:b9:c9:13:b7:da:8a:e6:f6:
         49:31:fe:db:e9:22:49:3c:46:6a:82:4b:bb:d2:0a:db:e4:b6:
         4d:60:7f:d6:af:bd:7c:e9:79:33:09:6b:f4:6e:fc:38:79:fb:
         b8:66:4f:44:b7:48:44:c2:b8:f3:2b:28:e7:2f:7e:44:0c:27:
         8f:80:be:e3:f8:59:38:dd:a9:ff:ce:29:85:b3:f8:8c:bc:f8:
         a4:90:c9:81:55:16:5f:a0:d5:4b:94:b1:49:a6:63:24:30:99:
         49:f7:7c:c7:e1:d2:93:72:a3:92:29:f1:e5:ef:d4:82:21:72:
         ec:8b:89:ce:8c:fa:56:4e:e0:1c:6b:25:23:35:d7:9b:40:d1:
         e0:3a:bc:c0:e2:70:e9:ce:c5:2e:5c:df:21:77:00:d1:6b:b4:
         18:67:92:d5:36:c5:bb:5b:87:25:15:d0:a3:88:58:bb:70:c4:
         6b:84:5d:03:d2:3f:b8:5b:0e:ed:85:47:a8:60:c4:05:6d:75:
         14:7d:85:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUXBHrZwmaCnWfPopcHoNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzM3OGI2M2JjYTQ4N2MzMmU4Y2U4MTJmNGY4NWQ3YzZl
Zjg3NjYwHhcNMjUwNDIwMTgwMDQyWhcNMjUwNDIxMTgwMDQyWjAzMTEwLwYDVQQD
EyhmYjU2OTAwNTFkZDVhNzE3MTRiNGYxOWQ2ZTVmYTk3ZmRmYzkwNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzz/vmI3bQSofXafARBHLW6l8kmN
kU4ytTPvmZaYZSKc2UESXqQm5u8l8Qa/bONNonvgatFhoUcJ0rcyZYpGWMwbmGfC
Ch4500JUPqklEmEPpH99S1qbkvuSLsKMKN8HPRMMPFc2jjoAGXNcOB7fTwMic0/G
A0gFMYR+uu+TUbPsnYMddtVfRRDIh/US1Fi6k0qN67PY/Bm1EQ6eo2Iw58fhuFFs
mbBBYyNp2we5l+4mKdGH5wHc7NZHjCixp6916C5ByTRa/SHzDejZ7ydTy7WwHBWw
NrSZ+2+J0ZVjm7GUAzvP0f1lwm4RVDjCEB+wZPUZFJ4OPZx7uJv6x0XsbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtWkAUd1acXFLTxnW5fqX/fyQZpMB8GA1UdIwQY
MBaAFCrDeLY7ykh8MujOgS9PhdfG74dmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDkt
MDc3ZDUyZWFiNzBkLzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDktMDc3ZDUyZWFiNzBk
LzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASwk6L43S
7Cgq0XFUA3EXHZQcKC7690dOrpiO9C1vpLILY/8ofoRTK3h6Jm61GoVR9P5ltHWN
5DwLgw/mGvuaZ7nJE7faiub2STH+2+kiSTxGaoJLu9IK2+S2TWB/1q+9fOl5Mwlr
9G78OHn7uGZPRLdIRMK48yso5y9+RAwnj4C+4/hZON2p/84phbP4jLz4pJDJgVUW
X6DVS5SxSaZjJDCZSfd8x+HSk3Kjkinx5e/UgiFy7IuJzoz6Vk7gHGslIzXXm0DR
4Dq8wOJw6c7FLlzfIXcA0Wu0GGeS1TbFu1uHJRXQo4hYu3DEa4RdA9I/uFsO7YVH
qGDEBW11FH2FKQ==
-----END CERTIFICATE-----