Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
File:                     kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft (raw, json)
Hash identifier:          cjA1kqi/oIhUTlET8SZPmnsrOySCJ3BhlQRyCgXeXgw=
Subject key identifier:   2E:1D:E8:25:EF:71:88:5C:34:C7:7F:04:DF:C6:73:2B:CF:DA:42:97
Authority key identifier: 90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D
Certificate issuer:       /CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
Certificate serial:       01965726699FC8F507B68AA1AB1AE98AEB9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
Manifest number:          064F
Signing time:             Mon 21 Apr 2025 07:00:57 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:57 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:57 +0000
Files and hashes:         1: kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl (hash: x/lK3TDsHEBStkX5+6X9wKNaaX547jiYuCy+eJLLuO4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:69:9f:c8:f5:07:b6:8a:a1:ab:1a:e9:8a:eb:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
        Validity
            Not Before: Apr 21 07:00:57 2025 GMT
            Not After : Apr 22 07:00:57 2025 GMT
        Subject: CN=2e1de825ef71885c34c77f04dfc6732bcfda4297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:66:93:e3:08:1b:4f:2b:85:dd:7c:3f:55:01:
                    54:d6:2e:55:74:2a:48:6d:df:18:71:7f:95:e6:78:
                    a5:8b:48:6f:be:72:1e:e0:f3:02:60:76:85:90:2e:
                    0a:3c:48:f2:e5:69:1e:21:8c:1e:fb:c1:9c:01:86:
                    f1:1f:22:c5:4a:c8:f3:07:3c:27:27:63:07:98:a1:
                    40:25:5b:10:5a:23:a1:23:30:c9:04:37:ec:c5:7a:
                    f5:0e:99:bf:3f:2c:35:a4:7c:bd:03:77:3f:48:f1:
                    aa:2d:2c:fc:90:46:59:6a:17:b2:7e:3c:15:cf:32:
                    72:b4:18:9b:99:e6:6b:b8:2e:1d:34:30:0d:b6:ec:
                    1b:bc:49:26:eb:02:a8:ab:57:db:2d:5b:80:9e:a4:
                    18:02:60:8d:ab:fe:39:a9:94:82:83:ea:a2:9f:65:
                    3f:11:ab:0a:1a:35:1f:e6:ee:89:89:df:ff:47:c0:
                    1f:ea:02:b5:e9:14:13:fe:98:ab:ce:6f:f8:57:18:
                    42:61:ad:2c:dc:c5:21:21:73:c4:90:fd:47:49:8b:
                    67:52:4d:e1:17:59:38:b6:0f:a3:ed:44:a7:a2:bb:
                    e9:82:d6:0b:84:36:3c:5f:b7:b3:52:b6:3a:76:a6:
                    a5:a3:7d:20:4a:12:4b:7a:7e:d4:3c:14:5e:7d:c9:
                    ac:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:1D:E8:25:EF:71:88:5C:34:C7:7F:04:DF:C6:73:2B:CF:DA:42:97
            X509v3 Authority Key Identifier:
                keyid:90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:cc:28:bf:e3:a9:2f:43:60:d4:dc:ee:b0:11:d5:68:30:ec:
         91:fb:3c:2c:76:6a:b6:7c:8b:43:8a:36:37:0f:5b:44:65:14:
         03:36:a1:c8:19:38:56:2c:01:79:cf:b5:57:5d:fa:76:61:1d:
         82:46:cb:3c:d5:e6:84:a9:3c:6c:e6:75:69:b3:de:c7:ed:79:
         e4:9a:a6:b2:2e:7a:48:1c:8b:3a:30:27:36:31:69:32:29:8f:
         9a:e4:1f:8b:a4:b1:d9:9a:70:3e:56:86:fe:8d:13:b8:67:73:
         18:8c:48:45:f4:76:6c:25:b0:67:a7:e7:8a:6f:ee:b4:a5:e6:
         e3:1c:7b:44:c6:04:64:f5:69:fc:5f:79:a6:0e:02:24:0c:d7:
         50:62:3f:5c:7d:ba:56:0b:ba:80:c6:0c:0f:14:a7:f0:c1:eb:
         68:d1:8b:dc:d4:1d:d2:be:9a:0d:88:58:bd:3a:cf:3e:68:ee:
         89:ce:af:33:67:05:7d:33:ef:6c:de:be:f4:56:11:65:8c:8e:
         b7:9c:0b:b4:92:b8:2f:d1:43:38:ed:f4:ca:93:50:46:ff:6e:
         2e:f8:9c:63:ff:d2:d5:da:d0:00:47:7d:86:46:b8:7d:cd:df:
         1a:df:8c:3f:51:9d:1e:19:68:f3:c8:18:7a:bb:f6:88:1d:00:
         58:72:6f:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJmmfyPUHtoqhqxrpiuueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjU5MjhjNzUyYWQ5YTA4Y2ZlYjFiODhmNDYzYzNjMGRk
MmU4NWQwHhcNMjUwNDIxMDcwMDU3WhcNMjUwNDIyMDcwMDU3WjAzMTEwLwYDVQQD
EygyZTFkZTgyNWVmNzE4ODVjMzRjNzdmMDRkZmM2NzMyYmNmZGE0Mjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aT4wgbTyuF3Xw/VQFU1i5VdCpI
bd8YcX+V5nili0hvvnIe4PMCYHaFkC4KPEjy5WkeIYwe+8GcAYbxHyLFSsjzBzwn
J2MHmKFAJVsQWiOhIzDJBDfsxXr1Dpm/Pyw1pHy9A3c/SPGqLSz8kEZZaheyfjwV
zzJytBibmeZruC4dNDANtuwbvEkm6wKoq1fbLVuAnqQYAmCNq/45qZSCg+qin2U/
EasKGjUf5u6Jid//R8Af6gK16RQT/pirzm/4VxhCYa0s3MUhIXPEkP1HSYtnUk3h
F1k4tg+j7USnorvpgtYLhDY8X7ezUrY6dqalo30gShJLen7UPBRefcmsMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC4d6CXvcYhcNMd/BN/GcyvP2kKXMB8GA1UdIwQY
MBaAFJD1kox1KtmgjP6xuI9GPDwN0uhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYt
MDRhNmNkODE2YTAzLzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYtMDRhNmNkODE2YTAz
LzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA8wov+Op
L0Ng1NzusBHVaDDskfs8LHZqtnyLQ4o2Nw9bRGUUAzahyBk4ViwBec+1V136dmEd
gkbLPNXmhKk8bOZ1abPex+155Jqmsi56SByLOjAnNjFpMimPmuQfi6Sx2ZpwPlaG
/o0TuGdzGIxIRfR2bCWwZ6fnim/utKXm4xx7RMYEZPVp/F95pg4CJAzXUGI/XH26
Vgu6gMYMDxSn8MHraNGL3NQd0r6aDYhYvTrPPmjuic6vM2cFfTPvbN6+9FYRZYyO
t5wLtJK4L9FDOO30ypNQRv9uLvicY//S1drQAEd9hka4fc3fGt+MP1GdHhlo88gY
erv2iB0AWHJvmQ==
-----END CERTIFICATE-----