Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
File:                     kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json)
Hash identifier:          ZVv6anUyaNUzVtEtA7/Y2isgFohM3ZdZUkmakERnpvA=
Subject key identifier:   F0:6A:05:1E:5F:CC:89:D3:CD:C8:04:75:C5:23:0D:8D:4A:8E:A8:8D
Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
Certificate issuer:       /CN=91d338370e10627a4cd631e3fde186e194898c81
Certificate serial:       01974C3217611DA7FFC79FC042375E320853
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
Manifest number:          0B69
Signing time:             Sat 07 Jun 2025 21:00:40 +0000
Manifest this update:     Sat 07 Jun 2025 21:00:40 +0000
Manifest next update:     Sun 08 Jun 2025 21:00:40 +0000
Files and hashes:         1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: sSbBavofRud4U+yoO6tVJgOMkcPL804G+xU0IpjkA9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:32:17:61:1d:a7:ff:c7:9f:c0:42:37:5e:32:08:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81
        Validity
            Not Before: Jun  7 21:00:40 2025 GMT
            Not After : Jun  8 21:00:40 2025 GMT
        Subject: CN=f06a051e5fcc89d3cdc80475c5230d8d4a8ea88d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:4c:50:e0:e3:05:83:d6:08:45:9e:1d:7b:18:
                    f1:75:f6:92:8f:3d:72:e3:e4:3e:7c:0a:13:c8:30:
                    43:fa:ca:6d:38:a1:10:8c:77:bb:fe:27:05:57:ef:
                    a4:24:09:96:50:02:1f:54:2f:2c:4d:73:1d:57:9c:
                    b7:08:20:12:34:97:59:93:c5:57:43:38:b1:20:ac:
                    5e:ae:c3:0b:e7:88:f0:05:ae:c7:9d:e5:3f:af:4e:
                    74:a5:9e:b4:4d:92:9d:37:12:cf:7c:8b:dd:76:a4:
                    2d:b4:20:7d:e3:b5:be:0c:3b:af:b3:eb:df:68:26:
                    59:17:58:8a:c9:ad:bc:c5:55:5a:c0:f4:f0:a8:cf:
                    12:bb:d8:e9:22:59:53:6f:d1:fd:00:eb:25:af:4f:
                    0f:39:82:95:12:62:63:dd:7b:7f:59:52:37:6e:3a:
                    31:f4:23:90:b7:6a:9d:39:a5:95:e3:25:8f:b8:c8:
                    64:04:48:92:d8:0e:21:74:a3:1a:36:38:95:92:2b:
                    d0:77:e0:8e:9b:36:a3:07:77:86:70:f1:5a:b5:11:
                    ed:4f:55:65:6f:bc:60:98:c1:16:fa:b8:76:b0:6d:
                    dd:ed:43:5c:7d:44:82:a2:47:f8:05:58:9a:09:9b:
                    e1:bf:fb:20:0e:2d:c2:64:05:a8:18:bf:20:45:62:
                    d7:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:6A:05:1E:5F:CC:89:D3:CD:C8:04:75:C5:23:0D:8D:4A:8E:A8:8D
            X509v3 Authority Key Identifier:
                keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:23:df:e4:e5:4b:5b:71:a9:43:d8:12:09:c2:2e:e4:20:94:
         60:8e:a8:ec:61:29:e2:d1:1e:21:a7:47:45:6b:b9:6c:9f:9d:
         20:10:25:e0:78:99:0e:74:29:6b:25:f4:ea:c4:6b:d1:de:eb:
         c9:c8:02:b2:a8:37:3e:dd:78:06:cf:8d:a0:b4:83:13:93:34:
         cf:77:e7:6d:1a:b3:b1:c8:32:88:ca:55:c5:14:c0:89:03:99:
         7d:6a:1d:07:6e:f6:a9:e4:7c:97:11:ac:0d:78:0d:6f:54:2f:
         19:9d:0e:f5:ce:32:20:22:a7:e0:90:a5:0c:25:17:92:55:9d:
         82:31:44:dd:bb:04:0c:1f:98:a9:af:62:c5:1f:5a:e7:a3:a2:
         1a:f8:67:db:b7:11:b9:ef:61:d4:ee:b8:58:1f:9d:6e:0c:61:
         1d:44:68:5f:ca:7e:a0:fc:94:34:b2:f9:98:75:c6:81:ae:1e:
         5b:be:36:36:c4:ee:c0:f6:9a:01:91:94:2f:3b:04:18:a6:c8:
         84:89:5b:f0:92:58:fa:00:92:7d:c5:4e:77:d2:c0:f4:42:db:
         ad:ff:27:90:15:c1:58:8d:b2:08:e2:f8:f5:47:a2:e0:16:82:
         9a:03:47:81:28:cf:c1:dd:04:83:53:fc:77:21:30:8f:95:37:
         d9:cd:dd:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMMhdhHaf/x5/AQjdeMghTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4
OThjODEwHhcNMjUwNjA3MjEwMDQwWhcNMjUwNjA4MjEwMDQwWjAzMTEwLwYDVQQD
EyhmMDZhMDUxZTVmY2M4OWQzY2RjODA0NzVjNTIzMGQ4ZDRhOGVhODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjExQ4OMFg9YIRZ4dexjxdfaSjz1y
4+Q+fAoTyDBD+sptOKEQjHe7/icFV++kJAmWUAIfVC8sTXMdV5y3CCASNJdZk8VX
QzixIKxersML54jwBa7HneU/r050pZ60TZKdNxLPfIvddqQttCB947W+DDuvs+vf
aCZZF1iKya28xVVawPTwqM8Su9jpIllTb9H9AOslr08POYKVEmJj3Xt/WVI3bjox
9COQt2qdOaWV4yWPuMhkBEiS2A4hdKMaNjiVkivQd+COmzajB3eGcPFatRHtT1Vl
b7xgmMEW+rh2sG3d7UNcfUSCokf4BViaCZvhv/sgDi3CZAWoGL8gRWLXvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPBqBR5fzInTzcgEdcUjDY1KjqiNMB8GA1UdIwQY
MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt
MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0
LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGiPf5OVL
W3GpQ9gSCcIu5CCUYI6o7GEp4tEeIadHRWu5bJ+dIBAl4HiZDnQpayX06sRr0d7r
ycgCsqg3Pt14Bs+NoLSDE5M0z3fnbRqzscgyiMpVxRTAiQOZfWodB272qeR8lxGs
DXgNb1QvGZ0O9c4yICKn4JClDCUXklWdgjFE3bsEDB+Yqa9ixR9a56OiGvhn27cR
ue9h1O64WB+dbgxhHURoX8p+oPyUNLL5mHXGga4eW742NsTuwPaaAZGULzsEGKbI
hIlb8JJY+gCSfcVOd9LA9ELbrf8nkBXBWI2yCOL49Uei4BaCmgNHgSjPwd0Eg1P8
dyEwj5U32c3duA==
-----END CERTIFICATE-----