Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
File:                     001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json)
Hash identifier:          U0DlaLO/WPVGla3VH4RzP2yd2dyM6fhs9FClDjDAowE=
Subject key identifier:   C0:1A:00:94:60:A9:22:D0:89:61:A8:6B:46:4A:AA:43:CB:37:0D:2A
Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
Certificate issuer:       /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Certificate serial:       01975791A2222F24E652582D138F471C7571
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
Manifest number:          1585
Signing time:             Tue 10 Jun 2025 02:00:51 +0000
Manifest this update:     Tue 10 Jun 2025 02:00:51 +0000
Manifest next update:     Wed 11 Jun 2025 02:00:51 +0000
Files and hashes:         1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: 2K1ltFcymqEW/H4Gx1QrEBBa4uoA44vu8AbWsdY+Fik=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:57:91:a2:22:2f:24:e6:52:58:2d:13:8f:47:1c:75:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
        Validity
            Not Before: Jun 10 02:00:51 2025 GMT
            Not After : Jun 11 02:00:51 2025 GMT
        Subject: CN=c01a009460a922d08961a86b464aaa43cb370d2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:29:9d:ff:8a:21:9a:71:e3:24:bc:fe:9e:70:
                    20:9c:c2:97:2c:60:f4:ac:dd:a9:e9:2e:78:05:34:
                    2d:c0:5f:f3:ba:ae:9a:c8:16:96:8b:7e:c7:bf:ab:
                    70:8a:f3:21:f1:9f:cb:c0:29:0d:91:29:00:42:d1:
                    f3:32:01:e9:22:1e:11:37:0c:2f:b0:10:d9:d3:9a:
                    23:4f:e6:4f:30:17:a3:a3:0e:b7:6a:89:2e:bd:27:
                    12:42:ec:c1:15:ac:bc:88:e7:48:6d:3b:13:1f:8c:
                    b5:6f:2c:b3:f4:1d:14:a9:b6:9c:af:ca:dc:66:29:
                    17:e4:25:1c:47:8b:0f:0a:90:cf:ce:29:da:5b:be:
                    83:b3:b7:69:58:1b:12:eb:35:e6:dd:e7:90:e8:37:
                    96:89:57:ab:cb:ee:f5:52:2a:88:f2:54:7b:2b:b8:
                    aa:84:56:39:13:1d:bb:8d:7a:53:26:cb:e8:3b:1d:
                    32:f9:cb:7f:91:02:03:f0:6f:4c:d9:6e:64:bc:62:
                    df:3e:83:30:f0:cd:2d:74:82:8b:4e:86:93:a4:6d:
                    d6:cb:3c:3f:90:73:87:ae:35:12:3b:39:f5:93:73:
                    0c:89:2c:ab:c4:9b:b9:d5:0f:60:a7:14:0e:14:7f:
                    4f:23:e0:9b:99:c4:03:97:7d:90:03:83:4d:79:f5:
                    c7:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:1A:00:94:60:A9:22:D0:89:61:A8:6B:46:4A:AA:43:CB:37:0D:2A
            X509v3 Authority Key Identifier:
                keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:cf:70:0a:73:2e:57:c6:8c:cd:ca:ae:a5:3d:74:7e:b1:b4:
         65:ad:26:84:0c:46:7a:b9:1a:4f:41:d6:44:00:70:6f:94:cc:
         64:47:01:f4:6b:5e:af:ba:46:b2:a4:2d:98:53:e5:dd:98:9c:
         53:e6:28:4d:d0:3a:a5:2d:ac:41:78:1b:d2:5e:d6:0d:45:76:
         24:ca:6b:56:c9:1a:3d:b5:e3:bd:e9:bb:a6:2b:f0:e3:57:da:
         da:94:b1:e8:f2:c5:b2:4e:1e:41:ec:6e:24:4b:35:e1:6c:99:
         67:f1:b8:c1:48:d4:81:17:39:c7:3b:e3:c7:62:9e:89:5f:3d:
         5f:38:5f:a4:92:91:e8:23:dc:62:cd:6e:84:31:d6:07:63:77:
         10:2f:42:c2:73:70:d0:ba:fc:5b:cf:9b:6e:ce:7e:d3:e2:6e:
         4e:84:e8:a9:6d:55:23:17:5d:1a:23:59:e9:32:7a:84:a0:b4:
         df:6f:ec:9f:d8:71:d5:8b:1b:77:2e:97:d2:59:d9:b8:da:64:
         55:d0:ce:00:05:7a:1f:80:d8:0d:c3:0c:fd:47:5e:00:3d:bc:
         75:c8:36:01:ae:de:e8:42:51:3f:1b:59:27:cc:90:ac:97:0d:
         ea:2c:30:72:45:e2:d8:e3:79:fe:d9:8a:27:be:6b:c9:dc:88:
         1e:87:ae:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdXkaIiLyTmUlgtE49HHHVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj
ZTMyZGYwHhcNMjUwNjEwMDIwMDUxWhcNMjUwNjExMDIwMDUxWjAzMTEwLwYDVQQD
EyhjMDFhMDA5NDYwYTkyMmQwODk2MWE4NmI0NjRhYWE0M2NiMzcwZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySmd/4ohmnHjJLz+nnAgnMKXLGD0
rN2p6S54BTQtwF/zuq6ayBaWi37Hv6twivMh8Z/LwCkNkSkAQtHzMgHpIh4RNwwv
sBDZ05ojT+ZPMBejow63aokuvScSQuzBFay8iOdIbTsTH4y1byyz9B0Uqbacr8rc
ZikX5CUcR4sPCpDPzinaW76Ds7dpWBsS6zXm3eeQ6DeWiVery+71UiqI8lR7K7iq
hFY5Ex27jXpTJsvoOx0y+ct/kQID8G9M2W5kvGLfPoMw8M0tdIKLToaTpG3Wyzw/
kHOHrjUSOzn1k3MMiSyrxJu51Q9gpxQOFH9PI+CbmcQDl32QA4NNefXHRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMAaAJRgqSLQiWGoa0ZKqkPLNw0qMB8GA1UdIwQY
MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt
NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz
LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAos9wCnMu
V8aMzcqupT10frG0Za0mhAxGerkaT0HWRABwb5TMZEcB9Gter7pGsqQtmFPl3Zic
U+YoTdA6pS2sQXgb0l7WDUV2JMprVskaPbXjvem7pivw41fa2pSx6PLFsk4eQexu
JEs14WyZZ/G4wUjUgRc5xzvjx2KeiV89XzhfpJKR6CPcYs1uhDHWB2N3EC9CwnNw
0Lr8W8+bbs5+0+JuToToqW1VIxddGiNZ6TJ6hKC032/sn9hx1Ysbdy6X0lnZuNpk
VdDOAAV6H4DYDcMM/UdeAD28dcg2Aa7e6EJRPxtZJ8yQrJcN6iwwckXi2ON5/tmK
J75rydyIHoeujw==
-----END CERTIFICATE-----