Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          1oGwrXCVkvJJNXYQUj09TypdWDVXvznnyxFHJQvTCBg=
Subject key identifier:   29:D2:6E:66:25:3A:10:2D:46:4A:AC:EB:AD:9A:A6:9A:A8:18:FF:D3
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       01976583E8E9361FC772960C62AA0796021F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          049D
Signing time:             Thu 12 Jun 2025 19:00:33 +0000
Manifest this update:     Thu 12 Jun 2025 19:00:33 +0000
Manifest next update:     Fri 13 Jun 2025 19:00:33 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: rv40pt8q0AHC/C4nrN49Uk63SQYZ9ciBQTYvfdEmw78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 19:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:65:83:e8:e9:36:1f:c7:72:96:0c:62:aa:07:96:02:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Jun 12 19:00:33 2025 GMT
            Not After : Jun 13 19:00:33 2025 GMT
        Subject: CN=29d26e66253a102d464aacebad9aa69aa818ffd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5e:57:61:7e:c8:fc:b4:65:d9:01:26:04:ad:
                    5a:39:51:e8:26:68:32:7c:5b:0c:09:4d:1e:81:e0:
                    49:98:04:da:c7:71:d2:2c:1c:74:5b:6a:ee:b6:54:
                    7b:e1:eb:9f:82:97:d0:06:7e:10:ba:1e:c4:5f:0c:
                    29:e4:45:6b:38:87:91:4b:de:ee:09:99:71:66:0e:
                    35:47:de:46:43:13:21:24:37:00:df:26:32:09:74:
                    1e:a5:90:15:66:19:22:02:b4:db:40:06:a0:fb:80:
                    7f:74:c9:2f:de:1a:f0:4b:8a:af:c8:19:25:18:5f:
                    29:4b:0f:77:d6:17:ca:c1:b3:af:46:5d:e8:6a:a1:
                    90:6b:ca:8a:b8:fa:65:80:ff:08:72:87:da:72:27:
                    3e:f3:4e:ce:8f:1d:5e:8b:1a:71:96:a0:9f:12:48:
                    54:cb:d0:3a:de:b5:a7:99:a4:a4:85:55:6a:81:92:
                    08:28:f5:7c:19:45:1a:ef:04:79:7d:2e:70:6f:ad:
                    83:2c:4d:5d:c2:87:b9:59:30:db:e2:69:f3:74:6d:
                    92:8c:31:12:cf:18:35:c2:1c:30:10:6a:25:d6:cd:
                    98:5f:60:ce:6c:2c:c3:87:75:9d:34:13:fe:05:4d:
                    99:1d:aa:48:fc:9d:8e:83:4d:3a:c6:3b:10:a1:a0:
                    46:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:D2:6E:66:25:3A:10:2D:46:4A:AC:EB:AD:9A:A6:9A:A8:18:FF:D3
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:2f:7a:82:b6:b5:22:ca:8b:cf:a4:29:08:81:64:3b:1b:f3:
         4c:1e:9a:59:83:cb:28:12:46:1e:41:c6:84:60:01:6f:33:43:
         d8:ff:44:be:d9:bb:0e:f7:cc:a8:f3:5e:3d:34:8d:3b:2c:4d:
         02:d8:d2:90:b7:cf:1b:cf:95:08:54:41:f4:b8:ee:18:69:7f:
         9b:48:9a:08:73:be:9b:22:4a:08:d2:04:ac:2c:f7:27:33:39:
         87:06:f4:84:5c:41:aa:bf:35:13:0a:46:9e:6a:72:8e:34:0c:
         3b:ec:13:b1:3a:11:aa:7c:29:2d:34:b3:05:47:cb:51:5f:84:
         52:22:24:2f:91:24:c2:69:73:13:4d:b8:24:8e:d7:24:f0:c6:
         71:88:01:7c:68:67:ad:f1:5a:d1:11:32:41:c4:3a:5a:58:15:
         8c:d3:ce:93:1c:97:0d:78:ca:38:dc:32:f2:57:78:38:75:41:
         46:2a:57:c2:f8:ff:e7:ae:27:c1:96:b5:ce:2f:e2:c1:9a:98:
         04:78:81:58:0f:5c:87:94:6b:24:ca:e9:a3:7b:6b:3e:c5:84:
         6d:eb:0e:d2:c4:8b:5c:70:52:f6:b9:6e:62:1c:d6:96:c6:ae:
         90:73:b0:74:40:5b:ad:e3:60:c0:22:32:12:49:c2:a3:02:6e:
         25:86:ad:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdlg+jpNh/HcpYMYqoHlgIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwNjEyMTkwMDMzWhcNMjUwNjEzMTkwMDMzWjAzMTEwLwYDVQQD
EygyOWQyNmU2NjI1M2ExMDJkNDY0YWFjZWJhZDlhYTY5YWE4MThmZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl5XYX7I/LRl2QEmBK1aOVHoJmgy
fFsMCU0egeBJmATax3HSLBx0W2rutlR74eufgpfQBn4Quh7EXwwp5EVrOIeRS97u
CZlxZg41R95GQxMhJDcA3yYyCXQepZAVZhkiArTbQAag+4B/dMkv3hrwS4qvyBkl
GF8pSw931hfKwbOvRl3oaqGQa8qKuPplgP8Icofacic+807Ojx1eixpxlqCfEkhU
y9A63rWnmaSkhVVqgZIIKPV8GUUa7wR5fS5wb62DLE1dwoe5WTDb4mnzdG2SjDES
zxg1whwwEGol1s2YX2DObCzDh3WdNBP+BU2ZHapI/J2Og006xjsQoaBGfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnSbmYlOhAtRkqs662appqoGP/TMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmC96gra1
IsqLz6QpCIFkOxvzTB6aWYPLKBJGHkHGhGABbzND2P9Evtm7DvfMqPNePTSNOyxN
AtjSkLfPG8+VCFRB9LjuGGl/m0iaCHO+myJKCNIErCz3JzM5hwb0hFxBqr81EwpG
nmpyjjQMO+wTsToRqnwpLTSzBUfLUV+EUiIkL5EkwmlzE024JI7XJPDGcYgBfGhn
rfFa0REyQcQ6WlgVjNPOkxyXDXjKONwy8ld4OHVBRipXwvj/564nwZa1zi/iwZqY
BHiBWA9ch5RrJMrpo3trPsWEbesO0sSLXHBS9rluYhzWlsaukHOwdEBbreNgwCIy
EknCowJuJYatdw==
-----END CERTIFICATE-----