Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
File:                     kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft (raw, json)
Hash identifier:          HOyiPLT/hcH+EipXx5B+kiJ9tQ9KqrPL+THA1wK9CdQ=
Subject key identifier:   80:2C:06:64:9A:43:03:36:62:2D:57:2F:E3:B0:6A:13:F3:BA:E4:24
Authority key identifier: 93:09:37:24:64:C5:9A:3D:D8:EC:D6:32:15:B0:18:19:70:65:58:A6
Certificate issuer:       /CN=9309372464c59a3dd8ecd63215b01819706558a6
Certificate serial:       01964FDB1537A582D82D8CBCA0AC8A2D1E8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
Manifest number:          0525
Signing time:             Sat 19 Apr 2025 21:01:19 +0000
Manifest this update:     Sat 19 Apr 2025 21:01:19 +0000
Manifest next update:     Sun 20 Apr 2025 21:01:19 +0000
Files and hashes:         1: kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl (hash: 6Qo+mWHd0x7tz6knWGqg8H1iycpJRxxS4WoAeDd8zxE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 21:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:db:15:37:a5:82:d8:2d:8c:bc:a0:ac:8a:2d:1e:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9309372464c59a3dd8ecd63215b01819706558a6
        Validity
            Not Before: Apr 19 21:01:19 2025 GMT
            Not After : Apr 20 21:01:19 2025 GMT
        Subject: CN=802c06649a430336622d572fe3b06a13f3bae424
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:8d:0c:0f:83:ad:fe:1c:e5:59:0a:bc:8d:06:
                    56:14:46:0d:39:6f:42:1f:46:17:ba:15:70:52:17:
                    5d:a2:c9:b4:c7:10:7e:c1:b5:ee:79:19:8f:9f:5c:
                    f4:81:24:00:d7:eb:19:4b:68:fc:8e:15:02:3d:82:
                    1d:92:63:64:c7:34:58:68:f3:08:4b:cd:0f:06:90:
                    fa:39:d8:09:3d:00:5f:d3:40:83:89:66:6a:21:e6:
                    3b:3e:76:37:3d:f1:fc:e1:54:f9:51:43:d5:1a:ba:
                    8a:75:a7:fc:d3:72:85:b3:24:55:b5:c7:f6:92:a3:
                    f5:38:06:32:aa:6b:12:7b:c7:4a:ad:df:43:dc:fc:
                    c0:77:53:5b:10:91:60:f3:5f:52:3b:c6:c8:02:71:
                    c8:02:9a:27:6c:a3:7e:a1:ba:9d:3e:13:73:0e:68:
                    0d:55:1f:44:e1:74:fa:8a:2a:ed:2f:f5:fb:e8:1f:
                    d9:df:2b:eb:74:d9:ab:2a:c2:b0:d2:8e:02:1b:bc:
                    46:dd:d8:e2:5f:1d:f6:8d:9a:fb:db:e8:77:0d:a4:
                    73:23:46:5f:8d:bf:46:11:70:bf:d6:12:a7:82:c9:
                    f4:3d:b3:d2:b8:23:94:81:72:9a:4b:9d:dd:42:52:
                    a0:0f:7b:cd:42:16:41:b2:50:7b:a1:04:05:57:ba:
                    b1:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:2C:06:64:9A:43:03:36:62:2D:57:2F:E3:B0:6A:13:F3:BA:E4:24
            X509v3 Authority Key Identifier:
                keyid:93:09:37:24:64:C5:9A:3D:D8:EC:D6:32:15:B0:18:19:70:65:58:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/ecfafc-9115-4ec2-ae11-07f1259feb13/1/kwk3JGTFmj3Y7NYyFbAYGXBlWKY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:49:4f:cc:c2:f1:fb:1f:9d:43:d1:86:6a:db:ee:72:05:fc:
         69:7c:6f:8c:f1:07:9f:8a:4f:a2:81:72:b1:4a:d8:25:4d:23:
         45:fd:37:70:f4:19:8f:85:c3:e0:7b:3c:5f:8c:9d:d3:8b:4e:
         80:e8:6b:8f:70:b9:d2:c1:9a:c7:36:6e:bf:29:00:94:a5:a7:
         5b:5f:cc:da:95:ab:dc:54:fc:a1:6c:5a:d9:e2:c3:73:1c:2e:
         74:8a:9b:b8:57:49:54:95:d8:92:9f:46:2c:85:91:59:d9:6f:
         eb:a1:be:3d:26:2a:7d:15:4d:b8:cc:76:40:b0:89:10:0a:ee:
         f2:ff:f1:43:33:70:fe:7c:79:8c:15:d5:9b:c9:7b:37:66:9b:
         ec:f0:f0:9f:ba:74:4c:2f:67:e4:98:8e:70:dd:50:c3:81:5a:
         14:51:f6:6b:32:07:64:ee:48:39:0c:a2:c8:23:fc:7a:d6:8e:
         2d:c1:52:17:3b:90:aa:e4:90:48:28:35:bf:12:a2:5b:97:a9:
         8c:57:32:67:ef:b4:de:bc:4f:ab:20:09:8a:14:a9:34:80:7a:
         cc:28:48:72:05:0d:be:ad:a2:39:80:e7:b7:0b:6f:5f:26:5a:
         6c:c1:5a:e8:61:05:af:60:2b:b5:7c:5f:f4:07:a0:7e:1f:56:
         87:8a:b8:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2xU3pYLYLYy8oKyKLR6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDkzNzI0NjRjNTlhM2RkOGVjZDYzMjE1YjAxODE5NzA2
NTU4YTYwHhcNMjUwNDE5MjEwMTE5WhcNMjUwNDIwMjEwMTE5WjAzMTEwLwYDVQQD
Eyg4MDJjMDY2NDlhNDMwMzM2NjIyZDU3MmZlM2IwNmExM2YzYmFlNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7o0MD4Ot/hzlWQq8jQZWFEYNOW9C
H0YXuhVwUhddosm0xxB+wbXueRmPn1z0gSQA1+sZS2j8jhUCPYIdkmNkxzRYaPMI
S80PBpD6OdgJPQBf00CDiWZqIeY7PnY3PfH84VT5UUPVGrqKdaf803KFsyRVtcf2
kqP1OAYyqmsSe8dKrd9D3PzAd1NbEJFg819SO8bIAnHIAponbKN+obqdPhNzDmgN
VR9E4XT6iirtL/X76B/Z3yvrdNmrKsKw0o4CG7xG3djiXx32jZr72+h3DaRzI0Zf
jb9GEXC/1hKngsn0PbPSuCOUgXKaS53dQlKgD3vNQhZBslB7oQQFV7qx0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAsBmSaQwM2Yi1XL+OwahPzuuQkMB8GA1UdIwQY
MBaAFJMJNyRkxZo92OzWMhWwGBlwZVimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lY2ZhZmMtOTExNS00ZWMyLWFlMTEt
MDdmMTI1OWZlYjEzLzEva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lY2ZhZmMtOTExNS00ZWMyLWFlMTEtMDdmMTI1OWZlYjEz
LzEva3drM0pHVEZtajNZN05ZeUZiQVlHWEJsV0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACElPzMLx
+x+dQ9GGatvucgX8aXxvjPEHn4pPooFysUrYJU0jRf03cPQZj4XD4Hs8X4yd04tO
gOhrj3C50sGaxzZuvykAlKWnW1/M2pWr3FT8oWxa2eLDcxwudIqbuFdJVJXYkp9G
LIWRWdlv66G+PSYqfRVNuMx2QLCJEAru8v/xQzNw/nx5jBXVm8l7N2ab7PDwn7p0
TC9n5JiOcN1Qw4FaFFH2azIHZO5IOQyiyCP8etaOLcFSFzuQquSQSCg1vxKiW5ep
jFcyZ++03rxPqyAJihSpNIB6zChIcgUNvq2iOYDntwtvXyZabMFa6GEFr2ArtXxf
9Aegfh9Wh4q4uA==
-----END CERTIFICATE-----