Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          BvuTVXHjBZtaFjGtYuhJHPQgbEigqJGwKPi9jP/R0qA=
Subject key identifier:   29:07:1F:C4:92:1F:57:67:B2:50:F9:D0:4E:A2:D2:0C:92:F2:39:19
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       01976F2C1DADEDF26DD7FCF661AFBB843C6D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          04A2
Signing time:             Sat 14 Jun 2025 16:00:51 +0000
Manifest this update:     Sat 14 Jun 2025 16:00:51 +0000
Manifest next update:     Sun 15 Jun 2025 16:00:51 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: eS0qtimkLt36tHBEhIrBGQpJCnVQ/HAbkf8alJ37iWY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 10:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:2c:1d:ad:ed:f2:6d:d7:fc:f6:61:af:bb:84:3c:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Jun 14 16:00:51 2025 GMT
            Not After : Jun 15 16:00:51 2025 GMT
        Subject: CN=29071fc4921f5767b250f9d04ea2d20c92f23919
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:1b:98:8b:4d:f3:10:13:1b:e3:41:cc:3a:cb:
                    67:8b:a7:05:e1:47:a8:d8:12:15:99:85:d5:4a:e3:
                    41:74:16:2e:ec:39:31:a2:4a:f6:6b:cb:3b:09:52:
                    40:13:58:ef:e3:e1:49:d1:9e:69:c9:61:91:da:39:
                    d5:20:ab:f7:30:13:b7:8d:97:1e:5c:b4:72:16:8c:
                    e1:dd:95:fe:8c:b2:fb:df:7a:d1:2d:91:36:d2:72:
                    e1:df:47:d1:ee:35:85:03:c9:ad:bd:b1:22:02:ce:
                    32:89:16:50:a8:8c:59:b7:59:1a:8a:ea:9f:c3:17:
                    bc:52:c2:3b:7f:b8:f4:7a:87:00:8b:5d:52:09:4f:
                    13:34:2a:e7:46:33:d9:06:24:bc:43:6f:94:35:a3:
                    b6:7c:20:85:b1:22:8a:ed:3f:77:a9:a8:c7:cb:ab:
                    7e:e8:e3:30:23:f9:75:a1:e6:ab:6b:a4:d1:9c:5d:
                    2a:15:9d:0d:2c:c8:bf:49:fb:fa:71:5d:76:65:54:
                    16:0b:b3:41:4b:1d:89:22:95:a8:cf:cc:2a:9a:b3:
                    51:0e:cb:61:62:2a:8b:f6:6d:e3:36:e9:2a:21:4e:
                    77:a9:74:9e:55:c1:5f:28:78:9e:07:12:10:3e:f8:
                    ad:81:2d:20:10:ef:7d:63:44:ea:7f:16:02:3a:e3:
                    0c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:07:1F:C4:92:1F:57:67:B2:50:F9:D0:4E:A2:D2:0C:92:F2:39:19
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:5d:d9:78:1e:07:41:7f:da:e9:62:94:2f:1b:fa:7c:23:2c:
         23:83:f9:6f:b4:48:9a:28:d5:16:51:ae:74:8d:b7:14:f9:08:
         20:00:aa:3b:ba:44:b8:40:1b:51:7a:9e:d4:b1:7d:11:ac:07:
         8c:4a:69:6f:60:f0:13:94:5b:c2:6c:ac:1c:71:b7:b6:d7:32:
         0f:80:95:13:aa:43:1c:9b:c4:e5:26:df:e8:a4:a7:de:9b:05:
         ea:7f:88:58:49:2d:95:0d:db:79:4f:27:31:8d:fc:2e:2c:2a:
         ac:84:23:49:ed:a5:92:4b:1f:0f:52:2e:e1:73:ec:f5:6f:c1:
         81:cd:06:99:22:bb:f7:67:a4:eb:ae:4b:4e:71:88:1f:40:42:
         e2:83:99:7b:e1:f6:c8:c5:c8:6a:f6:81:df:30:76:7e:b4:19:
         1a:58:77:a3:5e:c3:dd:85:a9:32:c8:16:c6:24:2c:5a:c7:fb:
         13:83:39:83:c5:63:f1:b9:d6:6c:3a:6d:b3:91:18:d8:9a:ef:
         59:87:60:fd:ff:0c:3c:1c:f1:b2:5e:74:3d:e7:1f:00:18:08:
         05:3d:bd:93:7a:4d:61:19:c9:de:0d:7a:b8:5f:fc:3b:c3:d5:
         68:c3:7a:ef:35:10:e3:5c:be:2d:2c:87:6b:42:c7:6d:5e:c6:
         f8:61:78:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvLB2t7fJt1/z2Ya+7hDxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwNjE0MTYwMDUxWhcNMjUwNjE1MTYwMDUxWjAzMTEwLwYDVQQD
EygyOTA3MWZjNDkyMWY1NzY3YjI1MGY5ZDA0ZWEyZDIwYzkyZjIzOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRuYi03zEBMb40HMOstni6cF4Ueo
2BIVmYXVSuNBdBYu7Dkxokr2a8s7CVJAE1jv4+FJ0Z5pyWGR2jnVIKv3MBO3jZce
XLRyFozh3ZX+jLL733rRLZE20nLh30fR7jWFA8mtvbEiAs4yiRZQqIxZt1kaiuqf
wxe8UsI7f7j0eocAi11SCU8TNCrnRjPZBiS8Q2+UNaO2fCCFsSKK7T93qajHy6t+
6OMwI/l1oeara6TRnF0qFZ0NLMi/Sfv6cV12ZVQWC7NBSx2JIpWoz8wqmrNRDsth
YiqL9m3jNukqIU53qXSeVcFfKHieBxIQPvitgS0gEO99Y0TqfxYCOuMMFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCkHH8SSH1dnslD50E6i0gyS8jkZMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdF3ZeB4H
QX/a6WKULxv6fCMsI4P5b7RImijVFlGudI23FPkIIACqO7pEuEAbUXqe1LF9EawH
jEppb2DwE5RbwmysHHG3ttcyD4CVE6pDHJvE5Sbf6KSn3psF6n+IWEktlQ3beU8n
MY38LiwqrIQjSe2lkksfD1Iu4XPs9W/Bgc0GmSK792ek665LTnGIH0BC4oOZe+H2
yMXIavaB3zB2frQZGlh3o17D3YWpMsgWxiQsWsf7E4M5g8Vj8bnWbDpts5EY2Jrv
WYdg/f8MPBzxsl50PecfABgIBT29k3pNYRnJ3g16uF/8O8PVaMN67zUQ41y+LSyH
a0LHbV7G+GF49g==
-----END CERTIFICATE-----