Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
File:                     WKNa-48AdsEVWKz_QGPy9YooF8o.mft (raw, json)
Hash identifier:          GrHl4iFHKpBods4TAw+IzoxSlmwkbp2ggTO35aC47PM=
Subject key identifier:   64:1B:71:10:FC:25:3F:30:11:82:BA:2A:FC:BA:AE:7D:84:80:71:F7
Authority key identifier: 58:A3:5A:FB:8F:00:76:C1:15:58:AC:FF:40:63:F2:F5:8A:28:17:CA
Certificate issuer:       /CN=58a35afb8f0076c11558acff4063f2f58a2817ca
Certificate serial:       01963EE670A6BF2A7415BF4A24B475546EB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
Manifest number:          02D9
Signing time:             Wed 16 Apr 2025 14:00:11 +0000
Manifest this update:     Wed 16 Apr 2025 14:00:11 +0000
Manifest next update:     Thu 17 Apr 2025 14:00:11 +0000
Files and hashes:         1: WKNa-48AdsEVWKz_QGPy9YooF8o.crl (hash: tkFzzPuWtrSPAe94TNSCoyO1Co86Oe9XYl8GWqb+Vvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 13:16:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:3e:e6:70:a6:bf:2a:74:15:bf:4a:24:b4:75:54:6e:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58a35afb8f0076c11558acff4063f2f58a2817ca
        Validity
            Not Before: Apr 16 14:00:11 2025 GMT
            Not After : Apr 17 14:00:11 2025 GMT
        Subject: CN=641b7110fc253f301182ba2afcbaae7d848071f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:bc:0b:8d:0f:da:00:00:76:81:10:b0:d9:1b:
                    ca:29:b5:bb:cf:42:c7:91:24:32:c3:db:06:07:f2:
                    f0:61:39:e8:14:10:b3:5c:03:24:d4:c1:cb:6f:18:
                    b0:26:ac:42:f8:cd:4c:72:fb:a7:7f:b3:89:e7:4a:
                    6a:82:4d:69:d5:f4:2f:2b:4b:58:bd:76:6b:3a:de:
                    fc:a9:c2:67:62:60:a4:7a:b7:79:e8:69:6d:aa:90:
                    3e:02:92:37:6f:95:c7:2e:d9:dd:41:67:2c:25:30:
                    36:5a:a2:32:ea:6e:0f:e4:5c:13:92:70:40:58:0c:
                    5c:a2:59:75:14:e8:2e:5b:85:b7:1d:dc:6d:1c:e2:
                    9c:a8:82:2a:54:3e:92:11:f6:63:5b:56:5d:12:2a:
                    b7:ea:e2:d1:e2:5d:98:98:63:80:89:73:70:eb:dc:
                    eb:b3:dc:60:0d:67:38:ba:0f:24:2d:6c:a1:6b:53:
                    aa:79:0e:2b:1c:d2:3f:8f:bf:e7:7c:09:50:1d:33:
                    63:11:ed:a5:62:43:53:7e:65:c8:7a:58:62:28:51:
                    60:dd:0b:59:f8:20:c7:25:40:68:59:ce:76:68:86:
                    60:d4:43:9b:40:38:a8:04:a5:dc:19:6a:9c:31:74:
                    9b:5c:3e:55:65:da:da:07:ed:79:b5:02:cd:db:49:
                    01:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:1B:71:10:FC:25:3F:30:11:82:BA:2A:FC:BA:AE:7D:84:80:71:F7
            X509v3 Authority Key Identifier:
                keyid:58:A3:5A:FB:8F:00:76:C1:15:58:AC:FF:40:63:F2:F5:8A:28:17:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WKNa-48AdsEVWKz_QGPy9YooF8o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/d27b3a-3cec-4139-87e8-3518d806ffc3/1/WKNa-48AdsEVWKz_QGPy9YooF8o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:07:b8:7c:b0:cf:6e:9b:47:75:10:b1:82:c5:b5:bc:76:45:
         cf:35:9e:6f:6d:3e:59:91:bb:bd:3a:76:a2:c2:7b:06:ca:2f:
         fc:a0:dc:1e:df:90:04:1f:1d:45:fa:36:1f:59:93:63:aa:1c:
         a1:be:68:d0:3c:81:b3:8c:01:b1:0e:10:01:66:6e:8a:84:83:
         b8:bc:5c:ee:48:db:90:e8:2b:f4:18:d5:06:68:0f:c1:3a:89:
         73:55:c2:aa:a3:2d:50:13:83:66:1c:b0:58:51:50:45:19:0c:
         00:1b:96:44:50:31:14:65:a4:74:ea:b0:a5:ff:ce:a1:a3:3a:
         86:5e:75:52:08:93:c0:2d:64:d1:4f:51:a6:c5:5d:50:d2:15:
         19:3c:2b:37:fe:b1:5b:9b:e9:fa:1c:f2:35:7c:47:97:da:f3:
         b5:66:91:2d:d5:88:27:83:b7:42:7f:de:24:68:aa:62:e1:3d:
         7f:48:34:bc:e7:a1:b5:43:8a:fa:9d:bb:72:2a:ac:c5:a6:56:
         60:7b:09:1d:63:23:54:4b:ef:2b:13:8e:d6:45:ca:46:99:9f:
         71:fe:79:58:cd:7e:9d:8c:c4:75:97:aa:b6:fc:be:7d:30:5c:
         6c:b8:a9:22:93:4b:7d:8f:fb:2e:a4:e7:c4:85:4c:f7:9b:03:
         39:2f:2e:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZY+5nCmvyp0Fb9KJLR1VG6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YTM1YWZiOGYwMDc2YzExNTU4YWNmZjQwNjNmMmY1OGEy
ODE3Y2EwHhcNMjUwNDE2MTQwMDExWhcNMjUwNDE3MTQwMDExWjAzMTEwLwYDVQQD
Eyg2NDFiNzExMGZjMjUzZjMwMTE4MmJhMmFmY2JhYWU3ZDg0ODA3MWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7wLjQ/aAAB2gRCw2RvKKbW7z0LH
kSQyw9sGB/LwYTnoFBCzXAMk1MHLbxiwJqxC+M1Mcvunf7OJ50pqgk1p1fQvK0tY
vXZrOt78qcJnYmCkerd56GltqpA+ApI3b5XHLtndQWcsJTA2WqIy6m4P5FwTknBA
WAxcoll1FOguW4W3HdxtHOKcqIIqVD6SEfZjW1ZdEiq36uLR4l2YmGOAiXNw69zr
s9xgDWc4ug8kLWyha1OqeQ4rHNI/j7/nfAlQHTNjEe2lYkNTfmXIelhiKFFg3QtZ
+CDHJUBoWc52aIZg1EObQDioBKXcGWqcMXSbXD5VZdraB+15tQLN20kBwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQbcRD8JT8wEYK6Kvy6rn2EgHH3MB8GA1UdIwQY
MBaAFFijWvuPAHbBFVis/0Bj8vWKKBfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9kMjdiM2EtM2NlYy00MTM5LTg3ZTgt
MzUxOGQ4MDZmZmMzLzEvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9kMjdiM2EtM2NlYy00MTM5LTg3ZTgtMzUxOGQ4MDZmZmMz
LzEvV0tOYS00OEFkc0VWV0t6X1FHUHk5WW9vRjhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGAe4fLDP
bptHdRCxgsW1vHZFzzWeb20+WZG7vTp2osJ7Bsov/KDcHt+QBB8dRfo2H1mTY6oc
ob5o0DyBs4wBsQ4QAWZuioSDuLxc7kjbkOgr9BjVBmgPwTqJc1XCqqMtUBODZhyw
WFFQRRkMABuWRFAxFGWkdOqwpf/OoaM6hl51UgiTwC1k0U9RpsVdUNIVGTwrN/6x
W5vp+hzyNXxHl9rztWaRLdWIJ4O3Qn/eJGiqYuE9f0g0vOehtUOK+p27ciqsxaZW
YHsJHWMjVEvvKxOO1kXKRpmfcf55WM1+nYzEdZeqtvy+fTBcbLipIpNLfY/7LqTn
xIVM95sDOS8uTg==
-----END CERTIFICATE-----