Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
File:                     kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft (raw, json)
Hash identifier:          MEnNJamilCLYyuu5Vw8NrExL7zpvuZiQML1ok1ck6S8=
Subject key identifier:   D3:9E:32:C8:C9:B5:21:86:4C:2D:27:AA:DB:BC:51:88:A7:15:86:E2
Authority key identifier: 90:7D:17:81:C2:8A:02:74:1E:A7:A6:3A:CE:3A:95:31:7E:EB:8B:7C
Certificate issuer:       /CN=907d1781c28a02741ea7a63ace3a95317eeb8b7c
Certificate serial:       01974931304D7385E16C3E8D9F802FD360C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
Manifest number:          0513
Signing time:             Sat 07 Jun 2025 07:00:49 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:49 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:49 +0000
Files and hashes:         1: kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl (hash: j/Zqg1Zea8IG0z9uQbIS3AS8kQoyb0DJSLCVLZhF9pA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:31:30:4d:73:85:e1:6c:3e:8d:9f:80:2f:d3:60:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907d1781c28a02741ea7a63ace3a95317eeb8b7c
        Validity
            Not Before: Jun  7 07:00:49 2025 GMT
            Not After : Jun  8 07:00:49 2025 GMT
        Subject: CN=d39e32c8c9b521864c2d27aadbbc5188a71586e2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:1b:d1:65:48:a1:58:6d:28:fe:8b:63:ac:6c:
                    4a:23:2c:bb:82:78:fe:b4:88:a6:bc:c6:99:2d:32:
                    e9:14:1a:7c:a5:6c:bd:16:30:e9:75:5d:e1:a0:84:
                    5c:f5:d7:c6:95:a1:37:a7:25:be:41:21:43:be:13:
                    a3:fb:6a:d9:8f:b2:c1:83:0a:a3:8c:a6:dc:31:a3:
                    41:7d:5d:98:d4:7a:25:d2:df:2b:ad:59:e2:62:4c:
                    b4:29:93:25:82:ab:a7:d3:a1:7f:e3:a0:e3:98:76:
                    cb:e6:0b:b8:2d:4b:64:75:d6:0f:77:ed:fb:ae:e1:
                    c7:dd:73:4d:18:4a:50:86:7a:59:0b:f5:b9:a0:d7:
                    38:71:c2:ac:ed:8e:19:92:19:c7:1b:32:36:0b:f1:
                    75:a0:96:d9:65:09:97:bd:53:1e:3f:52:57:10:c2:
                    f2:86:ca:db:35:03:c4:a0:3a:d3:f2:b0:b6:fe:66:
                    5f:62:a9:bf:ec:44:d2:c8:40:92:a7:bd:71:fc:95:
                    f4:35:4e:0d:37:f1:ac:6f:fb:f8:b1:9b:d6:1a:a4:
                    4e:85:55:1c:97:97:a8:58:18:1c:72:11:cb:3e:aa:
                    48:dd:68:76:c1:38:f6:80:7e:65:0f:6e:2a:3a:a8:
                    b1:62:38:25:5e:5c:98:a9:2c:5f:d0:07:23:7c:83:
                    d2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:9E:32:C8:C9:B5:21:86:4C:2D:27:AA:DB:BC:51:88:A7:15:86:E2
            X509v3 Authority Key Identifier:
                keyid:90:7D:17:81:C2:8A:02:74:1E:A7:A6:3A:CE:3A:95:31:7E:EB:8B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:f5:a3:a9:d1:46:ee:24:d6:08:dc:66:82:92:12:71:f0:89:
         af:74:5e:aa:35:7a:d9:89:f8:92:47:fe:01:7a:ab:08:af:32:
         47:9f:3d:a6:ed:f6:01:8c:9b:39:16:a8:60:ca:af:8b:ad:45:
         02:a6:aa:e8:9f:84:ea:d7:d7:a1:a9:91:13:6d:0d:44:4a:b4:
         40:cf:a1:f7:0f:10:d0:33:73:56:39:45:11:ec:15:cc:e5:eb:
         2f:85:9d:28:73:9a:d7:82:a8:52:cf:f8:c7:90:33:2b:74:1d:
         b9:e7:57:3c:f1:ad:cf:ed:70:c6:64:85:a0:2e:2a:a2:9a:67:
         82:d2:42:37:b5:56:b2:93:a2:d4:25:df:89:85:80:0d:17:c0:
         91:b0:0d:47:23:ec:9a:1b:d0:c5:30:da:cb:41:22:f8:f9:ab:
         42:a4:5d:71:bb:77:89:14:ad:5d:8e:9b:5e:be:3a:7d:fb:89:
         1d:96:05:3a:0e:11:4a:76:ba:70:1f:34:94:a0:f7:4b:91:2e:
         81:a3:a7:bc:cf:78:6a:06:2a:d2:84:2b:7c:4c:8d:92:2a:4b:
         8a:f6:70:de:c0:70:77:7a:a7:1b:8f:f4:20:bb:1f:39:bf:dc:
         11:e7:66:68:14:ce:04:fd:05:f4:f6:9b:54:ca:6e:cd:ec:e4:
         39:2d:2c:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMTBNc4XhbD6Nn4Av02DEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2QxNzgxYzI4YTAyNzQxZWE3YTYzYWNlM2E5NTMxN2Vl
YjhiN2MwHhcNMjUwNjA3MDcwMDQ5WhcNMjUwNjA4MDcwMDQ5WjAzMTEwLwYDVQQD
EyhkMzllMzJjOGM5YjUyMTg2NGMyZDI3YWFkYmJjNTE4OGE3MTU4NmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxvRZUihWG0o/otjrGxKIyy7gnj+
tIimvMaZLTLpFBp8pWy9FjDpdV3hoIRc9dfGlaE3pyW+QSFDvhOj+2rZj7LBgwqj
jKbcMaNBfV2Y1Hol0t8rrVniYky0KZMlgqun06F/46DjmHbL5gu4LUtkddYPd+37
ruHH3XNNGEpQhnpZC/W5oNc4ccKs7Y4ZkhnHGzI2C/F1oJbZZQmXvVMeP1JXEMLy
hsrbNQPEoDrT8rC2/mZfYqm/7ETSyECSp71x/JX0NU4NN/Gsb/v4sZvWGqROhVUc
l5eoWBgcchHLPqpI3Wh2wTj2gH5lD24qOqixYjglXlyYqSxf0AcjfIPSyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNOeMsjJtSGGTC0nqtu8UYinFYbiMB8GA1UdIwQY
MBaAFJB9F4HCigJ0HqemOs46lTF+64t8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC84MThmNmEtN2UwYS00YTAwLTk1NmUt
MmQ5OTNmZjAzMWJlLzEva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC84MThmNmEtN2UwYS00YTAwLTk1NmUtMmQ5OTNmZjAzMWJl
LzEva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANPWjqdFG
7iTWCNxmgpIScfCJr3ReqjV62Yn4kkf+AXqrCK8yR589pu32AYybORaoYMqvi61F
Aqaq6J+E6tfXoamRE20NREq0QM+h9w8Q0DNzVjlFEewVzOXrL4WdKHOa14KoUs/4
x5AzK3QduedXPPGtz+1wxmSFoC4qoppngtJCN7VWspOi1CXfiYWADRfAkbANRyPs
mhvQxTDay0Ei+PmrQqRdcbt3iRStXY6bXr46ffuJHZYFOg4RSna6cB80lKD3S5Eu
gaOnvM94agYq0oQrfEyNkipLivZw3sBwd3qnG4/0ILsfOb/cEedmaBTOBP0F9Pab
VMpuzezkOS0shA==
-----END CERTIFICATE-----