Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          btobP/mloESfpB/I8RArlhJ2hY+6OCOfUGs1FYMmSmk=
Subject key identifier:   D7:42:83:CA:C4:73:99:56:89:A9:E2:08:C3:D9:01:0C:B3:25:B4:CA
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       01965726AB552E99F41235E3D52ABDB18483
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0F14
Signing time:             Mon 21 Apr 2025 07:01:14 +0000
Manifest this update:     Mon 21 Apr 2025 07:01:14 +0000
Manifest next update:     Tue 22 Apr 2025 07:01:14 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: /jwb0JIbD9DZD/a3emd+KflYm4oPa1+ojGEtvFLisZ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 07:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:26:ab:55:2e:99:f4:12:35:e3:d5:2a:bd:b1:84:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Apr 21 07:01:14 2025 GMT
            Not After : Apr 22 07:01:14 2025 GMT
        Subject: CN=d74283cac473995689a9e208c3d9010cb325b4ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:93:34:89:36:5b:8d:fe:1b:20:9e:9e:a5:47:
                    23:62:1d:a9:c5:5f:e1:56:18:e1:9f:3e:f9:12:91:
                    32:bd:41:df:da:49:28:1a:04:a0:79:1b:4c:a4:fc:
                    59:0d:13:7b:26:55:44:11:9d:f0:eb:b9:3e:11:fe:
                    2b:ec:6a:39:58:b7:1b:39:a6:c3:fe:22:00:a1:12:
                    ef:8e:c2:2a:20:64:be:2d:9f:32:b7:88:1b:8f:11:
                    b5:a7:a1:d2:28:66:a1:f8:92:ce:e1:56:5f:55:a5:
                    41:d9:fb:53:14:3b:5d:e0:e0:b8:09:6d:0d:15:d8:
                    25:d5:41:88:a2:b5:ca:ad:48:cd:37:6a:bb:24:62:
                    38:89:50:32:41:32:c1:90:50:01:fa:5b:1b:74:b0:
                    5a:1b:08:c7:8c:b3:6c:76:23:0b:9d:b2:40:cf:d3:
                    72:cc:d3:fb:06:29:50:30:e1:fb:14:27:f7:61:83:
                    bc:10:bf:2e:f4:d1:fb:fc:7f:4d:7c:56:9a:81:25:
                    ee:30:bd:02:cb:da:a4:7f:69:10:89:38:73:8f:aa:
                    2e:48:1b:bc:75:9a:a4:22:2c:46:73:42:fc:d5:b7:
                    6a:aa:d4:62:d1:54:e7:e7:b8:d8:59:4a:27:2a:78:
                    4b:e4:32:09:15:25:d4:03:bc:51:5f:30:d5:fb:d0:
                    4f:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:42:83:CA:C4:73:99:56:89:A9:E2:08:C3:D9:01:0C:B3:25:B4:CA
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:e6:b5:46:4d:91:23:ac:8c:78:73:0a:64:09:c5:b9:e2:43:
         c7:bd:43:fe:33:16:fd:51:61:a5:d9:60:95:fb:55:a8:dd:43:
         cc:29:32:7a:b6:ec:4b:56:63:60:18:c8:5f:f0:cd:16:e9:4e:
         1a:58:06:8a:96:4e:76:60:4b:c4:cf:f3:fc:2a:41:4a:01:6f:
         fd:c0:fc:3e:32:aa:5c:f1:f7:2a:73:25:12:1a:90:fc:d4:6b:
         27:bc:e3:46:69:86:6e:1f:c3:2d:4d:a7:f2:eb:f0:77:60:8e:
         26:53:1c:15:35:01:95:30:11:d5:89:fc:9d:c2:9a:92:0c:51:
         00:1e:26:88:f7:48:31:e4:c1:1d:46:34:88:32:c4:6d:8e:d1:
         17:93:50:d6:25:80:bd:31:39:17:df:b2:01:40:f8:c3:96:c9:
         63:d9:1a:a1:de:16:c3:65:4a:b0:dc:bc:e2:03:eb:02:a8:dc:
         37:b8:e0:ea:ae:4f:fb:5c:ec:5a:e3:b5:1b:6d:98:0f:72:7b:
         3a:d0:b0:61:18:de:1f:e6:ba:18:89:2b:12:59:fb:11:a3:ff:
         24:6d:7f:67:35:eb:2e:2c:27:dd:fa:79:0c:07:0c:ff:bb:f3:
         f5:cb:3c:76:85:3d:df:d6:8f:3a:db:97:1c:af:45:ee:d7:33:
         b8:73:df:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJqtVLpn0EjXj1Sq9sYSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNDIxMDcwMTE0WhcNMjUwNDIyMDcwMTE0WjAzMTEwLwYDVQQD
EyhkNzQyODNjYWM0NzM5OTU2ODlhOWUyMDhjM2Q5MDEwY2IzMjViNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15M0iTZbjf4bIJ6epUcjYh2pxV/h
Vhjhnz75EpEyvUHf2kkoGgSgeRtMpPxZDRN7JlVEEZ3w67k+Ef4r7Go5WLcbOabD
/iIAoRLvjsIqIGS+LZ8yt4gbjxG1p6HSKGah+JLO4VZfVaVB2ftTFDtd4OC4CW0N
Fdgl1UGIorXKrUjNN2q7JGI4iVAyQTLBkFAB+lsbdLBaGwjHjLNsdiMLnbJAz9Ny
zNP7BilQMOH7FCf3YYO8EL8u9NH7/H9NfFaagSXuML0Cy9qkf2kQiThzj6ouSBu8
dZqkIixGc0L81bdqqtRi0VTn57jYWUonKnhL5DIJFSXUA7xRXzDV+9BPRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNdCg8rEc5lWianiCMPZAQyzJbTKMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVea1Rk2R
I6yMeHMKZAnFueJDx71D/jMW/VFhpdlglftVqN1DzCkyerbsS1ZjYBjIX/DNFulO
GlgGipZOdmBLxM/z/CpBSgFv/cD8PjKqXPH3KnMlEhqQ/NRrJ7zjRmmGbh/DLU2n
8uvwd2COJlMcFTUBlTAR1Yn8ncKakgxRAB4miPdIMeTBHUY0iDLEbY7RF5NQ1iWA
vTE5F9+yAUD4w5bJY9kaod4Ww2VKsNy84gPrAqjcN7jg6q5P+1zsWuO1G22YD3J7
OtCwYRjeH+a6GIkrEln7EaP/JG1/ZzXrLiwn3fp5DAcM/7vz9cs8doU939aPOtuX
HK9F7tczuHPfFw==
-----END CERTIFICATE-----