Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
File:                     kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json)
Hash identifier:          XtV3UEvHpo2DgmVcO8D0fwHVMMBBc0O08L1LcpG06Zk=
Subject key identifier:   4A:3F:A6:E5:8D:F6:4B:EE:96:59:16:29:C2:60:D5:F7:7E:37:89:62
Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
Certificate issuer:       /CN=91d338370e10627a4cd631e3fde186e194898c81
Certificate serial:       019510902C17829CC2AACDC43A17B0B59077
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
Manifest number:          0A41
Signing time:             Sun 16 Feb 2025 21:00:38 +0000
Manifest this update:     Sun 16 Feb 2025 21:00:38 +0000
Manifest next update:     Mon 17 Feb 2025 21:00:38 +0000
Files and hashes:         1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: Ibte+SU0pMc2RjyjxOSevC8hAPodea6ZPa8BfBSCC/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 21:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:90:2c:17:82:9c:c2:aa:cd:c4:3a:17:b0:b5:90:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81
        Validity
            Not Before: Feb 16 21:00:38 2025 GMT
            Not After : Feb 17 21:00:38 2025 GMT
        Subject: CN=4a3fa6e58df64bee96591629c260d5f77e378962
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e1:2d:37:ec:bb:62:80:04:0b:f8:10:e4:06:
                    6c:be:93:43:74:40:5c:3c:5d:ac:67:bd:f2:12:f1:
                    ee:20:a4:86:5d:ad:32:b6:5a:cf:f5:46:27:43:27:
                    dd:a4:47:c1:44:78:b8:17:3c:cd:71:91:6f:cd:b0:
                    4c:ee:c6:96:fc:c5:3b:fe:e4:d7:51:1f:ed:d3:4b:
                    e7:ac:75:58:13:a7:ba:6c:31:65:62:8e:8d:78:16:
                    c1:da:f7:20:1a:0e:a8:b6:b8:5e:e9:cc:86:e8:1c:
                    c2:7e:ef:27:76:0b:56:eb:09:9a:72:21:da:0e:b2:
                    71:99:b3:b1:7c:b2:e3:17:6e:0a:e0:9a:33:09:c7:
                    30:cb:a6:db:20:e3:10:22:fc:01:d8:d9:05:01:f0:
                    00:48:48:52:fb:37:1f:7c:4d:c4:cb:37:5e:7d:3c:
                    5f:88:7d:61:9a:63:b2:e0:17:32:ba:d9:1d:38:57:
                    a3:fe:ed:20:ea:4f:71:32:77:a7:88:6a:e5:58:69:
                    6f:7c:51:58:eb:59:aa:b4:46:d4:16:99:b0:67:af:
                    49:f7:2c:44:c8:f4:6a:30:0f:f9:07:28:ec:c5:8a:
                    af:15:7c:86:2c:53:58:d6:6e:44:5c:6b:15:5f:54:
                    be:54:bf:42:d5:dc:9c:e5:bd:53:89:11:d3:11:f8:
                    60:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:3F:A6:E5:8D:F6:4B:EE:96:59:16:29:C2:60:D5:F7:7E:37:89:62
            X509v3 Authority Key Identifier:
                keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:c8:35:5c:f5:4c:db:9b:44:e4:70:13:e0:48:f8:70:74:55:
         f0:f6:31:c0:09:dd:99:61:a7:b4:12:0c:eb:3a:b3:85:60:04:
         03:e1:a0:80:d8:10:8d:86:ab:f3:53:5b:c1:92:93:f5:31:5f:
         c4:9c:bc:20:4d:84:6f:37:0a:bc:69:e2:b9:55:8f:56:13:3b:
         b0:ae:64:ba:06:a2:56:8e:93:6f:f9:ed:b5:25:f0:1a:16:43:
         bd:f3:4b:c0:1a:e5:43:c5:ea:84:b2:fd:03:80:7b:8f:f2:59:
         62:22:1b:1e:00:37:a4:21:71:ba:d3:32:62:95:c1:cc:ae:3d:
         64:86:b5:bd:84:d5:97:af:54:53:1c:85:d3:b6:28:95:1c:1d:
         df:3a:36:79:35:93:dd:ef:21:d2:f4:5f:ec:e5:cc:7f:15:27:
         95:e1:56:7c:07:06:48:b7:7b:0e:83:bf:58:2d:64:0c:a5:10:
         d7:68:33:54:30:4c:59:96:ce:d5:d2:cf:d8:67:05:c8:8f:40:
         51:7d:03:6d:49:c9:18:32:b3:e8:eb:cd:71:ab:68:61:95:2e:
         6b:f5:41:f2:4f:96:2d:09:0a:81:63:41:6a:04:9b:78:1b:d1:
         b2:2a:d3:23:35:76:2f:aa:b8:fa:65:f9:28:14:97:01:27:51:
         46:33:72:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQkCwXgpzCqs3EOhewtZB3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4
OThjODEwHhcNMjUwMjE2MjEwMDM4WhcNMjUwMjE3MjEwMDM4WjAzMTEwLwYDVQQD
Eyg0YTNmYTZlNThkZjY0YmVlOTY1OTE2MjljMjYwZDVmNzdlMzc4OTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uEtN+y7YoAEC/gQ5AZsvpNDdEBc
PF2sZ73yEvHuIKSGXa0ytlrP9UYnQyfdpEfBRHi4FzzNcZFvzbBM7saW/MU7/uTX
UR/t00vnrHVYE6e6bDFlYo6NeBbB2vcgGg6otrhe6cyG6BzCfu8ndgtW6wmaciHa
DrJxmbOxfLLjF24K4JozCccwy6bbIOMQIvwB2NkFAfAASEhS+zcffE3EyzdefTxf
iH1hmmOy4BcyutkdOFej/u0g6k9xMneniGrlWGlvfFFY61mqtEbUFpmwZ69J9yxE
yPRqMA/5ByjsxYqvFXyGLFNY1m5EXGsVX1S+VL9C1dyc5b1TiRHTEfhgfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEo/puWN9kvullkWKcJg1fd+N4liMB8GA1UdIwQY
MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt
MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0
LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN8g1XPVM
25tE5HAT4Ej4cHRV8PYxwAndmWGntBIM6zqzhWAEA+GggNgQjYar81NbwZKT9TFf
xJy8IE2EbzcKvGniuVWPVhM7sK5kugaiVo6Tb/nttSXwGhZDvfNLwBrlQ8XqhLL9
A4B7j/JZYiIbHgA3pCFxutMyYpXBzK49ZIa1vYTVl69UUxyF07YolRwd3zo2eTWT
3e8h0vRf7OXMfxUnleFWfAcGSLd7DoO/WC1kDKUQ12gzVDBMWZbO1dLP2GcFyI9A
UX0DbUnJGDKz6OvNcatoYZUua/VB8k+WLQkKgWNBagSbeBvRsirTIzV2L6q4+mX5
KBSXASdRRjNy+g==
-----END CERTIFICATE-----