Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          O/hQVJT9Zp4Bi+p2/T6vgz161HmvAooW/Y8rYc6xMck=
Subject key identifier:   72:E1:B8:C3:DD:EE:70:EF:39:AF:2C:CA:E4:CD:D3:45:86:64:7D:69
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       019756111B1EE130BBDCA8F0F94ABAACE993
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          0495
Signing time:             Mon 09 Jun 2025 19:00:50 +0000
Manifest this update:     Mon 09 Jun 2025 19:00:50 +0000
Manifest next update:     Tue 10 Jun 2025 19:00:50 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: dQ46e6H1uIZw5E56LP5tk0Zc6BXAICdFClzzO/R3oWA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:56:11:1b:1e:e1:30:bb:dc:a8:f0:f9:4a:ba:ac:e9:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Jun  9 19:00:50 2025 GMT
            Not After : Jun 10 19:00:50 2025 GMT
        Subject: CN=72e1b8c3ddee70ef39af2ccae4cdd34586647d69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:7a:06:07:19:9d:9e:1e:60:57:3e:41:9a:ec:
                    62:c5:26:8c:7e:7a:6d:7e:a8:64:28:d6:ae:37:17:
                    ec:72:52:23:38:6b:d9:67:df:d2:ea:21:71:41:ba:
                    f0:ee:94:83:fb:cd:09:3a:e7:9d:14:e2:b2:fe:2c:
                    11:cf:bd:b0:1c:3d:bf:d5:46:c1:3e:28:90:3b:f9:
                    dd:fc:da:e8:e6:1b:a7:20:04:c0:ff:e0:db:08:b9:
                    6e:ef:42:6e:19:fc:c9:4d:53:fe:cf:49:f1:f5:bb:
                    3d:a9:f1:ec:dd:0b:f0:b5:9e:8d:d1:19:df:8e:77:
                    c4:b6:c7:55:f3:b5:ec:a2:d5:16:8f:a1:a0:20:d0:
                    e3:1e:03:22:17:d7:be:75:f4:84:c0:c1:fd:8f:e3:
                    23:b3:a9:e9:4f:0a:c4:e5:ba:0c:a8:9c:ef:65:46:
                    f5:1e:72:49:38:cc:5a:c9:11:b8:46:f8:2f:1b:2b:
                    d8:4a:85:8b:97:60:cc:69:c8:20:d9:ea:15:c4:d6:
                    27:bd:07:52:77:e2:db:e4:f2:4c:67:8e:0d:5c:d1:
                    58:35:e4:d4:f0:e8:bb:5c:08:b5:85:ec:88:07:71:
                    bc:07:40:6c:3c:25:bd:68:23:3f:d9:34:85:2d:64:
                    8c:42:8d:89:5a:90:3f:f6:08:08:69:a4:6b:dd:36:
                    22:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E1:B8:C3:DD:EE:70:EF:39:AF:2C:CA:E4:CD:D3:45:86:64:7D:69
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:66:c6:b7:2b:e6:b7:7f:e7:e6:b4:00:80:38:f8:8c:ea:e3:
         e3:d9:d3:02:9c:ff:15:fb:f2:f5:6c:3f:22:f3:45:df:7b:b6:
         8b:6f:d6:53:cc:06:7b:b4:71:db:f9:b1:5c:3c:69:b2:00:c4:
         6a:9f:a9:70:ca:0a:4a:b8:21:b8:77:c6:1d:1d:45:df:c8:4a:
         71:6c:29:27:74:5f:7f:fe:e5:92:b3:a5:79:a2:4e:44:6d:02:
         d9:a6:12:d8:63:6c:ee:27:69:3e:9b:25:c0:01:2f:c9:cc:32:
         35:2f:d5:b0:d1:d9:33:85:34:08:35:52:44:96:0b:18:fb:1d:
         5c:4d:87:f9:4c:d8:bf:d0:4d:64:9d:33:91:85:fd:c1:d4:d9:
         e2:ae:47:38:5a:ac:b5:9e:34:72:cf:35:e0:d2:a4:a5:bd:7d:
         39:cd:1e:26:86:de:5d:b2:62:3a:21:a3:51:c2:c9:06:7f:8c:
         13:9e:bc:9c:db:21:fe:d7:2d:d6:49:87:24:95:be:dc:b5:c3:
         c7:8d:ad:54:4d:2a:e8:b8:27:4a:cd:fc:36:4b:a1:f1:a4:15:
         3f:3e:ab:85:67:3a:0f:a7:47:ac:e8:d9:7c:46:14:72:b1:29:
         2e:58:ba:7d:3f:3d:92:3d:49:c7:d7:ad:52:f8:da:d0:67:a3:
         23:b5:3c:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdWERse4TC73Kjw+Uq6rOmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwNjA5MTkwMDUwWhcNMjUwNjEwMTkwMDUwWjAzMTEwLwYDVQQD
Eyg3MmUxYjhjM2RkZWU3MGVmMzlhZjJjY2FlNGNkZDM0NTg2NjQ3ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXoGBxmdnh5gVz5BmuxixSaMfnpt
fqhkKNauNxfsclIjOGvZZ9/S6iFxQbrw7pSD+80JOuedFOKy/iwRz72wHD2/1UbB
PiiQO/nd/Nro5hunIATA/+DbCLlu70JuGfzJTVP+z0nx9bs9qfHs3QvwtZ6N0Rnf
jnfEtsdV87XsotUWj6GgINDjHgMiF9e+dfSEwMH9j+Mjs6npTwrE5boMqJzvZUb1
HnJJOMxayRG4RvgvGyvYSoWLl2DMacgg2eoVxNYnvQdSd+Lb5PJMZ44NXNFYNeTU
8Oi7XAi1heyIB3G8B0BsPCW9aCM/2TSFLWSMQo2JWpA/9ggIaaRr3TYiSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLhuMPd7nDvOa8syuTN00WGZH1pMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmmbGtyvm
t3/n5rQAgDj4jOrj49nTApz/Ffvy9Ww/IvNF33u2i2/WU8wGe7Rx2/mxXDxpsgDE
ap+pcMoKSrghuHfGHR1F38hKcWwpJ3Rff/7lkrOleaJORG0C2aYS2GNs7idpPpsl
wAEvycwyNS/VsNHZM4U0CDVSRJYLGPsdXE2H+UzYv9BNZJ0zkYX9wdTZ4q5HOFqs
tZ40cs814NKkpb19Oc0eJobeXbJiOiGjUcLJBn+ME568nNsh/tct1kmHJJW+3LXD
x42tVE0q6LgnSs38Nkuh8aQVPz6rhWc6D6dHrOjZfEYUcrEpLli6fT89kj1Jx9et
Uvja0GejI7U8xg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:20:55 2025 by rpki-client