Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          gyPkoT5iGlh9Dq/kQpCXxAXbUTdphmCi4XNEY96CxDU=
Subject key identifier:   96:D9:B7:00:A7:F1:3D:DF:81:D5:CB:0F:F8:77:8E:4E:CB:C3:9A:3B
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       019767724D56216FDB685C9FC83A3FAAB072
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          049E
Signing time:             Fri 13 Jun 2025 04:00:33 +0000
Manifest this update:     Fri 13 Jun 2025 04:00:33 +0000
Manifest next update:     Sat 14 Jun 2025 04:00:33 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: SLJ2ZEqpOEMF45LNVddRSNf+lo09seOJ+XqABcLVQe0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 22:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:67:72:4d:56:21:6f:db:68:5c:9f:c8:3a:3f:aa:b0:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Jun 13 04:00:33 2025 GMT
            Not After : Jun 14 04:00:33 2025 GMT
        Subject: CN=96d9b700a7f13ddf81d5cb0ff8778e4ecbc39a3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:2c:74:0d:b4:c4:a0:56:78:fd:b2:e9:81:e8:
                    e4:6d:77:3c:af:e8:98:5f:76:79:3f:7c:b6:3f:53:
                    cb:14:55:25:b1:e9:cf:81:2c:d3:d8:89:b4:95:42:
                    c7:b6:5b:37:18:1e:f0:09:9e:03:95:5d:24:70:4a:
                    4c:09:0d:61:c7:d7:8b:9d:87:c3:8a:2a:75:dd:25:
                    03:a0:c2:af:36:69:29:f1:d2:17:c1:18:3b:54:1f:
                    6d:38:88:df:67:a2:c0:79:e8:32:2c:be:73:94:a4:
                    00:9d:3f:86:69:1b:c0:10:be:36:10:85:ae:57:2e:
                    58:c5:4e:a2:93:55:d0:39:e9:9f:80:ba:18:cb:10:
                    88:5b:b3:90:7e:33:23:78:75:c2:29:5b:5f:1c:33:
                    74:89:62:56:bc:aa:71:c6:d5:ec:df:0a:ce:74:cd:
                    82:55:38:a7:0a:42:dc:17:a9:79:d9:b7:9e:b2:be:
                    44:00:29:7c:59:61:b5:3c:6d:b8:dd:57:f3:5a:37:
                    38:7f:54:d0:91:42:33:5a:08:fc:2a:a6:25:c1:e1:
                    21:96:2d:e4:8b:db:23:8c:80:9a:4c:2a:8d:ac:a6:
                    f5:79:43:71:d7:92:99:e4:f0:84:0f:9e:ef:8e:96:
                    60:e8:6f:84:d3:57:55:b5:ee:81:14:c8:a9:b8:c6:
                    8a:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:D9:B7:00:A7:F1:3D:DF:81:D5:CB:0F:F8:77:8E:4E:CB:C3:9A:3B
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:b8:06:1b:ab:69:c5:fb:79:6a:d2:3a:1c:08:bd:46:65:18:
         6d:63:70:b5:e0:bb:bd:ad:f6:71:a4:82:4e:e9:28:79:db:fe:
         c5:5c:ca:6a:9c:c4:12:8b:07:e6:39:91:e2:af:12:8c:95:81:
         c0:ef:ad:db:fc:c3:11:6e:44:62:07:19:11:3c:44:8b:1b:22:
         3c:c3:74:39:b5:89:dc:17:81:ae:53:d2:aa:18:dd:b8:75:1b:
         cb:02:f1:f8:08:1d:d6:57:ae:c0:ad:73:30:24:f3:39:79:0e:
         9d:9a:d6:ff:ff:47:bd:fd:ae:18:9d:8d:0f:70:5c:8c:60:f3:
         88:d3:6a:cb:92:04:12:4e:eb:73:ce:0b:e3:0c:69:82:f5:75:
         76:3d:10:1b:76:ad:56:78:61:17:e3:45:44:d8:cf:7c:f4:34:
         79:33:a4:2c:fa:13:72:40:36:89:22:f9:68:bf:95:cc:34:d7:
         f4:2f:85:64:98:c3:26:08:03:9e:e1:3b:4e:e2:0a:70:f1:a8:
         37:d4:96:2b:21:aa:2e:a9:eb:d8:33:43:17:e3:7f:e3:83:cb:
         f1:44:a4:da:b3:e7:1e:cc:56:0a:f7:88:1c:bb:3e:04:72:81:
         51:3d:b8:d4:08:11:a2:0e:74:28:1e:6c:fe:3e:ab:a4:11:f5:
         a2:5b:e6:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdnck1WIW/baFyfyDo/qrByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwNjEzMDQwMDMzWhcNMjUwNjE0MDQwMDMzWjAzMTEwLwYDVQQD
Eyg5NmQ5YjcwMGE3ZjEzZGRmODFkNWNiMGZmODc3OGU0ZWNiYzM5YTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyx0DbTEoFZ4/bLpgejkbXc8r+iY
X3Z5P3y2P1PLFFUlsenPgSzT2Im0lULHtls3GB7wCZ4DlV0kcEpMCQ1hx9eLnYfD
iip13SUDoMKvNmkp8dIXwRg7VB9tOIjfZ6LAeegyLL5zlKQAnT+GaRvAEL42EIWu
Vy5YxU6ik1XQOemfgLoYyxCIW7OQfjMjeHXCKVtfHDN0iWJWvKpxxtXs3wrOdM2C
VTinCkLcF6l52beesr5EACl8WWG1PG243VfzWjc4f1TQkUIzWgj8KqYlweEhli3k
i9sjjICaTCqNrKb1eUNx15KZ5PCED57vjpZg6G+E01dVte6BFMipuMaKywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJbZtwCn8T3fgdXLD/h3jk7Lw5o7MB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPrgGG6tp
xft5atI6HAi9RmUYbWNwteC7va32caSCTukoedv+xVzKapzEEosH5jmR4q8SjJWB
wO+t2/zDEW5EYgcZETxEixsiPMN0ObWJ3BeBrlPSqhjduHUbywLx+Agd1leuwK1z
MCTzOXkOnZrW//9Hvf2uGJ2ND3BcjGDziNNqy5IEEk7rc84L4wxpgvV1dj0QG3at
VnhhF+NFRNjPfPQ0eTOkLPoTckA2iSL5aL+VzDTX9C+FZJjDJggDnuE7TuIKcPGo
N9SWKyGqLqnr2DNDF+N/44PL8USk2rPnHsxWCveIHLs+BHKBUT241AgRog50KB5s
/j6rpBH1olvmag==
-----END CERTIFICATE-----