Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
File:                     Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft (raw, json)
Hash identifier:          vs9OQY2Jt0DWRZAPaO650OTXyTWkbUz50TzMQ8Y9tHM=
Subject key identifier:   06:98:22:AF:64:B1:48:50:EE:78:42:9B:3A:4B:57:6E:19:D2:C7:83
Authority key identifier: 2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC
Certificate issuer:       /CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
Certificate serial:       019510C6BFAA085914E44A5E1E648331A939
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
Manifest number:          0D0B
Signing time:             Sun 16 Feb 2025 22:00:15 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:15 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:15 +0000
Files and hashes:         1: Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl (hash: TiIPDKOA8LuFcuMlIhckTacJN1h/8WY2okXhh4bpDJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c6:bf:aa:08:59:14:e4:4a:5e:1e:64:83:31:a9:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
        Validity
            Not Before: Feb 16 22:00:15 2025 GMT
            Not After : Feb 17 22:00:15 2025 GMT
        Subject: CN=069822af64b14850ee78429b3a4b576e19d2c783
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:cb:c8:f7:ce:13:1f:fd:84:23:df:6c:38:b1:
                    99:4a:48:31:98:f3:6d:b7:13:b8:9c:3e:8a:b3:95:
                    c3:39:c5:ed:28:62:ef:39:ed:7b:04:95:20:b9:a8:
                    cf:65:42:4c:dc:bd:1d:85:c0:76:15:21:3c:8e:75:
                    7d:7c:7f:12:14:57:92:dd:8b:63:3c:41:79:8d:91:
                    00:a2:1f:13:8e:83:e2:67:18:73:d7:1b:46:58:58:
                    f4:78:04:53:76:bd:5a:63:85:f0:3c:b7:d7:f3:0c:
                    3b:72:b3:66:3a:94:ba:4a:76:24:79:85:cd:41:37:
                    25:7b:19:7e:53:14:9b:09:9b:1d:33:f7:a6:64:c4:
                    fe:4e:ff:2b:b8:da:ae:a1:24:50:4e:b5:10:2d:65:
                    94:8d:d2:ad:c2:04:f3:7f:e7:ce:59:33:51:e4:bc:
                    23:6c:03:8d:d6:8e:0b:90:5b:60:42:6d:d0:42:b3:
                    28:31:c0:04:0c:a7:9e:e0:0d:aa:74:68:0e:74:c8:
                    9a:68:ec:d9:ee:7c:f7:29:f3:35:00:69:41:15:9f:
                    74:59:37:8d:a6:64:29:32:1e:1c:8d:9b:34:4c:e8:
                    c0:5e:d4:b6:ce:d7:36:70:fe:d1:92:b4:8d:97:cd:
                    4f:3e:eb:54:6b:ad:e6:03:78:fc:97:66:77:32:02:
                    fc:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:98:22:AF:64:B1:48:50:EE:78:42:9B:3A:4B:57:6E:19:D2:C7:83
            X509v3 Authority Key Identifier:
                keyid:2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:fe:30:e0:a7:1a:b4:52:92:f3:19:96:fb:10:51:dd:b9:47:
         f1:b2:0c:66:a3:c8:9c:cf:3a:56:1b:ff:12:f9:a1:6d:6e:7f:
         01:46:9c:ab:87:52:b9:bf:bd:02:b0:dd:9b:3c:2b:10:17:76:
         74:88:38:54:48:94:e6:fe:29:4a:fe:a0:3c:e6:64:76:c8:2d:
         06:0b:25:8a:eb:43:27:27:62:a3:b2:c2:76:e3:40:1b:8c:fa:
         73:dc:e0:88:36:aa:8a:bc:8d:b1:9f:58:92:01:74:20:2a:9d:
         8e:72:94:8f:6b:04:45:89:9c:1c:4f:c1:ee:34:b7:53:91:77:
         8f:db:2f:59:cd:16:cf:02:86:18:dd:e6:e4:46:ca:e7:4c:c6:
         60:0f:0c:3a:4e:64:b0:b5:4e:c6:ba:ee:15:07:7b:07:52:fb:
         39:ea:86:00:59:35:c3:f1:3d:bf:25:72:1f:84:e2:28:89:59:
         75:0d:b8:c0:06:6a:4c:63:e9:c8:75:cd:f2:9d:e8:9c:a1:0e:
         d8:5f:18:49:71:15:e5:ef:14:6c:4c:9b:f2:2f:f8:97:3b:1d:
         cb:39:94:e6:82:d5:ca:8f:cb:5c:ad:ec:0a:97:9f:29:35:e4:
         92:e5:03:77:a5:55:be:bb:f4:18:c2:9d:86:0a:31:3c:99:f0:
         9e:73:01:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxr+qCFkU5EpeHmSDMak5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGYyYWY4NDM3ZTcxOTNkNTc4ODVmYjYzYmRiMDNjMDNi
YTE5YmMwHhcNMjUwMjE2MjIwMDE1WhcNMjUwMjE3MjIwMDE1WjAzMTEwLwYDVQQD
EygwNjk4MjJhZjY0YjE0ODUwZWU3ODQyOWIzYTRiNTc2ZTE5ZDJjNzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MvI984TH/2EI99sOLGZSkgxmPNt
txO4nD6Ks5XDOcXtKGLvOe17BJUguajPZUJM3L0dhcB2FSE8jnV9fH8SFFeS3Ytj
PEF5jZEAoh8TjoPiZxhz1xtGWFj0eARTdr1aY4XwPLfX8ww7crNmOpS6SnYkeYXN
QTclexl+UxSbCZsdM/emZMT+Tv8ruNquoSRQTrUQLWWUjdKtwgTzf+fOWTNR5Lwj
bAON1o4LkFtgQm3QQrMoMcAEDKee4A2qdGgOdMiaaOzZ7nz3KfM1AGlBFZ90WTeN
pmQpMh4cjZs0TOjAXtS2ztc2cP7RkrSNl81PPutUa63mA3j8l2Z3MgL8dQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAaYIq9ksUhQ7nhCmzpLV24Z0seDMB8GA1UdIwQY
MBaAFCpPKvhDfnGT1XiF+2O9sDwDuhm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2Yt
ZGZhNTM4NDI4ZThmLzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2YtZGZhNTM4NDI4ZThm
LzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADP4w4Kca
tFKS8xmW+xBR3blH8bIMZqPInM86Vhv/EvmhbW5/AUacq4dSub+9ArDdmzwrEBd2
dIg4VEiU5v4pSv6gPOZkdsgtBgsliutDJydio7LCduNAG4z6c9zgiDaqiryNsZ9Y
kgF0ICqdjnKUj2sERYmcHE/B7jS3U5F3j9svWc0WzwKGGN3m5EbK50zGYA8MOk5k
sLVOxrruFQd7B1L7OeqGAFk1w/E9vyVyH4TiKIlZdQ24wAZqTGPpyHXN8p3onKEO
2F8YSXEV5e8UbEyb8i/4lzsdyzmU5oLVyo/LXK3sCpefKTXkkuUDd6VVvrv0GMKd
hgoxPJnwnnMBVw==
-----END CERTIFICATE-----