Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          cWFiyV6ZiBf+aftXwisAEkkTjx/gkn/SrS+sR0fUeQ8=
Subject key identifier:   0A:77:5B:12:5A:DD:A1:5D:31:93:DF:B6:0F:59:4C:B4:A9:67:E6:27
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       019761A816B7A86DFA9959681C58CD8AEB55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0F9E
Signing time:             Thu 12 Jun 2025 01:01:34 +0000
Manifest this update:     Thu 12 Jun 2025 01:01:34 +0000
Manifest next update:     Fri 13 Jun 2025 01:01:34 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: rchyToXzqr/wgFP7c/aLdVDHuJ3sojo0ziyXMkcEz5c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 21:26:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:a8:16:b7:a8:6d:fa:99:59:68:1c:58:cd:8a:eb:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jun 12 01:01:34 2025 GMT
            Not After : Jun 13 01:01:34 2025 GMT
        Subject: CN=0a775b125adda15d3193dfb60f594cb4a967e627
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:03:5b:79:27:7d:0d:d5:aa:ce:8c:88:36:82:
                    03:4a:90:9f:0a:2e:01:eb:cf:44:a2:51:db:70:2e:
                    8f:80:6f:38:37:8e:ae:32:dc:e7:a7:1d:56:65:62:
                    ba:4a:17:6d:49:10:bc:ca:e0:55:f5:ab:4e:87:80:
                    2c:69:e0:69:89:da:9b:e3:93:8c:f4:bb:1a:13:48:
                    fc:c4:17:54:8a:5e:32:7b:cc:e6:74:46:7f:86:b2:
                    69:3f:48:4e:1e:dd:f7:79:ab:c2:9c:dd:d0:6e:f0:
                    20:09:80:8d:6e:d0:e2:f2:19:12:b9:b1:c2:30:43:
                    5f:7f:95:c5:9a:16:6f:53:53:0f:2f:00:92:90:0e:
                    b7:21:64:e4:7f:67:59:64:c9:e6:a2:a0:ee:34:d3:
                    3d:ef:04:8d:ba:a4:55:80:d7:25:e3:3d:f8:42:f7:
                    14:90:86:2a:dc:16:18:ec:cc:fe:a9:b4:90:a3:25:
                    40:73:fb:fe:7f:23:ee:e1:4d:d5:7b:f5:2e:94:17:
                    f3:d9:db:05:48:a4:d2:7b:62:9f:4a:5c:58:34:b6:
                    a9:08:e5:5c:76:1d:a9:e6:75:ac:3e:52:ef:d7:1a:
                    cd:ae:1c:e2:56:09:6c:a0:3a:64:e2:d3:77:56:bd:
                    e8:f5:02:ed:03:75:d6:c4:9e:0b:94:3f:6f:1d:32:
                    a0:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:77:5B:12:5A:DD:A1:5D:31:93:DF:B6:0F:59:4C:B4:A9:67:E6:27
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:ab:3c:38:c6:87:92:ad:1e:a0:13:ca:9a:7a:62:2b:6a:1b:
         dd:e5:70:07:22:e3:11:24:dd:ce:79:31:ee:de:bc:c4:d7:40:
         f9:9e:4a:79:c9:82:d3:43:48:54:6c:10:3c:77:21:4e:2c:2d:
         6c:b0:f3:c4:bf:06:e4:75:91:e1:f6:a0:30:42:ef:f1:be:c4:
         3f:23:77:da:14:a3:23:f9:b1:11:0e:ce:a0:17:04:58:dc:1b:
         92:84:b5:c1:ae:1b:fc:4f:29:37:1f:5b:e4:81:dd:95:42:58:
         68:c0:48:c7:c2:c5:a8:81:08:51:32:fb:21:b4:f1:dd:02:2b:
         92:1d:c6:ba:c5:0c:6c:eb:0e:82:c3:9c:94:8c:3c:de:50:19:
         f6:36:d6:df:86:a3:84:dc:20:3a:87:fb:91:8d:90:14:0c:6f:
         9e:5d:bd:18:be:e7:15:1a:fc:c5:f0:8b:11:76:1a:f3:2f:88:
         45:c7:8a:b5:34:7c:60:8e:67:61:2c:4c:e1:99:6b:21:a0:cd:
         ca:c5:73:70:e4:db:5e:fa:82:c8:a4:ac:c7:6e:7b:96:aa:52:
         71:27:78:08:cc:b1:35:2d:d9:22:c5:96:af:e9:aa:af:0c:aa:
         b8:b2:93:0b:6a:a8:69:d2:25:d5:b6:fa:60:0d:3d:94:0c:b8:
         1e:f1:32:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdhqBa3qG36mVloHFjNiutVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNjEyMDEwMTM0WhcNMjUwNjEzMDEwMTM0WjAzMTEwLwYDVQQD
EygwYTc3NWIxMjVhZGRhMTVkMzE5M2RmYjYwZjU5NGNiNGE5NjdlNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwNbeSd9DdWqzoyINoIDSpCfCi4B
689EolHbcC6PgG84N46uMtznpx1WZWK6ShdtSRC8yuBV9atOh4AsaeBpidqb45OM
9LsaE0j8xBdUil4ye8zmdEZ/hrJpP0hOHt33eavCnN3QbvAgCYCNbtDi8hkSubHC
MENff5XFmhZvU1MPLwCSkA63IWTkf2dZZMnmoqDuNNM97wSNuqRVgNcl4z34QvcU
kIYq3BYY7Mz+qbSQoyVAc/v+fyPu4U3Ve/UulBfz2dsFSKTSe2KfSlxYNLapCOVc
dh2p5nWsPlLv1xrNrhziVglsoDpk4tN3Vr3o9QLtA3XWxJ4LlD9vHTKgywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAp3WxJa3aFdMZPftg9ZTLSpZ+YnMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHqs8OMaH
kq0eoBPKmnpiK2ob3eVwByLjESTdznkx7t68xNdA+Z5KecmC00NIVGwQPHchTiwt
bLDzxL8G5HWR4fagMELv8b7EPyN32hSjI/mxEQ7OoBcEWNwbkoS1wa4b/E8pNx9b
5IHdlUJYaMBIx8LFqIEIUTL7IbTx3QIrkh3GusUMbOsOgsOclIw83lAZ9jbW34aj
hNwgOof7kY2QFAxvnl29GL7nFRr8xfCLEXYa8y+IRceKtTR8YI5nYSxM4ZlrIaDN
ysVzcOTbXvqCyKSsx257lqpScSd4CMyxNS3ZIsWWr+mqrwyquLKTC2qoadIl1bb6
YA09lAy4HvEyyA==
-----END CERTIFICATE-----