Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
File:                     kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json)
Hash identifier:          wVtfLtyeeBES+6wOX2TDjjKqmL7d4lLcCEMMUdzSdAo=
Subject key identifier:   90:74:F8:2E:45:70:3F:49:B1:99:2D:53:E5:8A:75:4B:25:6D:CA:E3
Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC
Certificate issuer:       /CN=918687c8542442170cc51ef5316d3963609708dc
Certificate serial:       019750464910DC29386C9E6467A7C1712C4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
Manifest number:          118C
Signing time:             Sun 08 Jun 2025 16:01:12 +0000
Manifest this update:     Sun 08 Jun 2025 16:01:12 +0000
Manifest next update:     Mon 09 Jun 2025 16:01:12 +0000
Files and hashes:         1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: NHN7qgMKMU4+mDlwseI8Uk6NTqIJZFBaC/GRmi5ok5A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 16:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:50:46:49:10:dc:29:38:6c:9e:64:67:a7:c1:71:2c:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918687c8542442170cc51ef5316d3963609708dc
        Validity
            Not Before: Jun  8 16:01:12 2025 GMT
            Not After : Jun  9 16:01:12 2025 GMT
        Subject: CN=9074f82e45703f49b1992d53e58a754b256dcae3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a4:83:79:34:6e:75:5d:3c:58:8d:78:82:d8:
                    54:2f:65:86:9e:dc:59:ef:2b:07:27:54:3d:85:33:
                    59:c1:09:ee:71:2b:72:35:a8:54:28:99:e3:c6:0f:
                    f4:15:91:d0:6d:cf:aa:07:b8:d2:d7:da:45:f0:4f:
                    d4:e2:fe:e3:bd:ce:e4:42:8a:38:5e:84:8a:a1:3d:
                    48:14:1d:83:cb:e8:eb:6b:00:30:44:c3:1c:e9:f3:
                    b9:ea:4f:6a:4b:56:c3:33:e5:f6:39:85:df:6a:c1:
                    d6:98:36:32:fe:a4:ef:e9:e8:e9:3e:ab:b5:7f:16:
                    dc:c9:f4:2d:59:80:22:b8:15:52:1d:63:c3:02:72:
                    b1:b0:20:d6:73:2e:4b:63:54:9a:03:f6:34:5d:49:
                    ed:bf:3a:a5:58:a8:07:19:13:72:3d:08:44:32:3a:
                    bf:11:25:9a:45:74:f6:52:36:ab:81:94:76:d9:3a:
                    d3:63:66:0b:d4:aa:9d:36:08:c5:09:95:16:b1:c2:
                    0f:2b:54:27:45:4b:5f:f3:10:08:48:6b:85:b1:27:
                    7e:c1:74:64:5b:1b:fa:d7:d0:64:c8:ef:62:b4:24:
                    f4:d0:cf:83:01:76:43:ea:24:82:7a:71:e3:4e:07:
                    dc:7b:eb:05:3d:48:50:51:62:2f:d8:05:ce:37:8f:
                    47:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:74:F8:2E:45:70:3F:49:B1:99:2D:53:E5:8A:75:4B:25:6D:CA:E3
            X509v3 Authority Key Identifier:
                keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:69:a4:44:06:c1:7e:69:de:2a:94:c0:ec:b2:41:d0:a1:77:
         80:06:d7:b8:b5:2a:60:4f:28:7c:12:2b:b4:6b:9a:c5:f6:f6:
         90:52:ab:fe:16:c7:95:03:e1:84:d4:7f:89:21:55:32:7f:cc:
         e7:0b:b1:42:c8:b1:0c:06:85:a0:5b:48:84:cf:f8:11:33:bd:
         5f:19:da:b7:73:ff:60:bf:c4:8b:b7:b3:9a:78:06:3f:a6:ad:
         c6:66:62:71:8e:6a:8d:95:48:7a:d8:63:1e:98:28:c7:dd:ce:
         ff:5d:16:ca:86:fe:65:50:a4:50:4b:56:22:ce:d7:8f:bb:ef:
         ab:88:ba:32:c7:04:49:0e:98:a1:77:3a:47:92:ef:26:7c:fc:
         9f:04:39:b1:27:44:91:ce:b1:b0:74:5b:02:c0:34:14:9e:45:
         f6:17:63:80:4c:1d:08:70:5e:d2:61:6d:b2:3a:a1:fc:b9:77:
         7d:63:02:45:7c:e9:0d:67:7f:e7:28:cc:4c:2e:ec:57:66:19:
         35:fe:aa:9d:eb:0b:29:2b:0e:d9:65:02:c7:ba:b6:4c:db:4c:
         0c:84:6e:4d:60:1f:dc:b8:3f:7a:86:da:08:41:2b:01:f0:de:
         dc:6f:68:5d:9a:73:b3:47:ab:75:67:2c:74:97:e2:13:fb:00:
         44:8c:1f:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdQRkkQ3Ck4bJ5kZ6fBcSxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5
NzA4ZGMwHhcNMjUwNjA4MTYwMTEyWhcNMjUwNjA5MTYwMTEyWjAzMTEwLwYDVQQD
Eyg5MDc0ZjgyZTQ1NzAzZjQ5YjE5OTJkNTNlNThhNzU0YjI1NmRjYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqSDeTRudV08WI14gthUL2WGntxZ
7ysHJ1Q9hTNZwQnucStyNahUKJnjxg/0FZHQbc+qB7jS19pF8E/U4v7jvc7kQoo4
XoSKoT1IFB2Dy+jrawAwRMMc6fO56k9qS1bDM+X2OYXfasHWmDYy/qTv6ejpPqu1
fxbcyfQtWYAiuBVSHWPDAnKxsCDWcy5LY1SaA/Y0XUntvzqlWKgHGRNyPQhEMjq/
ESWaRXT2UjargZR22TrTY2YL1KqdNgjFCZUWscIPK1QnRUtf8xAISGuFsSd+wXRk
Wxv619BkyO9itCT00M+DAXZD6iSCenHjTgfce+sFPUhQUWIv2AXON49HAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJB0+C5FcD9JsZktU+WKdUslbcrjMB8GA1UdIwQY
MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt
ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx
LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQGmkRAbB
fmneKpTA7LJB0KF3gAbXuLUqYE8ofBIrtGuaxfb2kFKr/hbHlQPhhNR/iSFVMn/M
5wuxQsixDAaFoFtIhM/4ETO9Xxnat3P/YL/Ei7ezmngGP6atxmZicY5qjZVIethj
Hpgox93O/10Wyob+ZVCkUEtWIs7Xj7vvq4i6MscESQ6YoXc6R5LvJnz8nwQ5sSdE
kc6xsHRbAsA0FJ5F9hdjgEwdCHBe0mFtsjqh/Ll3fWMCRXzpDWd/5yjMTC7sV2YZ
Nf6qnesLKSsO2WUCx7q2TNtMDIRuTWAf3Lg/eobaCEErAfDe3G9oXZpzs0erdWcs
dJfiE/sARIwfFA==
-----END CERTIFICATE-----