Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
File:                     Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft (raw, json)
Hash identifier:          87WwAtPgtdJC2yAHBGfkWJ+PUkDtCvnUm3X/d7HvrbA=
Subject key identifier:   57:AE:39:32:D7:BC:94:0C:FF:E1:9F:E8:DA:D8:ED:9E:7D:FD:73:06
Authority key identifier: 2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC
Certificate issuer:       /CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
Certificate serial:       019641E8902279DC24496CE8F2478EF09721
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
Manifest number:          0DA9
Signing time:             Thu 17 Apr 2025 04:01:22 +0000
Manifest this update:     Thu 17 Apr 2025 04:01:22 +0000
Manifest next update:     Fri 18 Apr 2025 04:01:22 +0000
Files and hashes:         1: Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl (hash: SROKIbCX+YL6sVLXS2tZAiwhJDdwv+4uBxHWBQn5Mso=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 17 Apr 2025 21:57:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:41:e8:90:22:79:dc:24:49:6c:e8:f2:47:8e:f0:97:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
        Validity
            Not Before: Apr 17 04:01:22 2025 GMT
            Not After : Apr 18 04:01:22 2025 GMT
        Subject: CN=57ae3932d7bc940cffe19fe8dad8ed9e7dfd7306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:c1:f3:0b:14:7a:15:6c:cd:d3:8b:5c:19:cd:
                    89:fd:37:c2:d5:ed:50:a9:06:f8:6f:07:dc:91:a3:
                    ae:ad:3f:6e:3f:33:5c:0b:9b:8c:c1:9e:03:9a:ad:
                    fa:07:77:40:77:74:1c:3a:c9:c3:2a:0c:4d:13:df:
                    d1:64:91:9c:16:b1:81:80:4b:59:c0:d6:1b:8d:9b:
                    80:dd:c1:6d:1e:fb:de:8d:85:aa:38:9c:5b:58:7e:
                    e9:75:a8:22:d6:ad:e2:58:61:99:01:27:4d:ee:6d:
                    b4:1a:86:72:59:6d:0b:c2:a4:96:fd:37:72:3c:e4:
                    f2:21:6f:8f:c7:53:ce:79:81:bc:4e:51:d8:81:a3:
                    15:0f:db:4a:59:af:c4:23:76:7b:7e:83:e4:83:c6:
                    ae:2c:a1:70:21:0e:b8:f7:13:e0:4e:96:2b:75:de:
                    0a:e8:f6:b3:3e:76:ef:17:9d:05:13:df:ef:f6:10:
                    9d:36:93:72:0a:56:3a:05:8a:ae:45:2e:18:5d:c9:
                    3d:03:fa:fd:f6:5b:99:3b:62:27:6c:c7:1f:8e:14:
                    c8:b5:22:6e:54:8e:e8:80:b3:a2:38:3f:d2:aa:00:
                    f1:7e:c3:6c:a9:de:d3:1e:15:88:9b:41:5a:98:db:
                    66:b6:2d:09:28:13:69:59:69:0c:ad:f2:85:79:73:
                    dd:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:AE:39:32:D7:BC:94:0C:FF:E1:9F:E8:DA:D8:ED:9E:7D:FD:73:06
            X509v3 Authority Key Identifier:
                keyid:2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:2e:ff:cb:64:db:b5:25:d0:8f:c9:7e:6a:05:af:23:81:a5:
         90:ba:d3:92:5a:b5:2f:7e:64:fa:1d:78:e4:da:75:a7:d7:3c:
         70:61:ab:71:6b:e3:18:3f:ae:e8:aa:31:f8:c2:46:cb:cb:17:
         21:01:97:57:96:be:0c:e6:49:e0:09:a4:69:cf:86:fb:82:b0:
         da:ab:b8:a5:6a:da:e1:4f:ef:1d:cd:2b:4b:7b:5b:93:7a:9d:
         d4:5c:42:dc:1c:60:8e:e7:4a:2f:9a:7f:15:42:9d:09:d7:f8:
         15:1b:d7:27:d3:7b:47:09:e2:4b:81:0a:89:8a:fb:40:05:49:
         24:5d:60:97:2c:3f:21:de:99:92:9d:ce:68:2d:d0:28:04:e4:
         df:10:d6:2f:97:15:23:13:30:db:b8:9a:4d:e3:4e:a2:57:21:
         00:96:d9:68:00:31:fb:7e:99:4e:68:26:ec:ba:7b:ed:c8:57:
         71:6e:db:12:79:b4:b8:83:35:87:bf:3a:29:01:b9:f0:54:d3:
         a0:8e:af:cf:dd:7a:a3:d6:cd:af:d7:9b:5f:f7:0e:0b:f2:39:
         2b:8f:21:b4:75:d8:23:89:ce:70:ae:cd:d4:c2:34:ec:c4:be:
         27:a3:86:a6:5a:a4:cf:42:59:f1:2c:a1:0b:e4:83:62:6f:20:
         2b:3e:04:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZB6JAiedwkSWzo8keO8JchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGYyYWY4NDM3ZTcxOTNkNTc4ODVmYjYzYmRiMDNjMDNi
YTE5YmMwHhcNMjUwNDE3MDQwMTIyWhcNMjUwNDE4MDQwMTIyWjAzMTEwLwYDVQQD
Eyg1N2FlMzkzMmQ3YmM5NDBjZmZlMTlmZThkYWQ4ZWQ5ZTdkZmQ3MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cHzCxR6FWzN04tcGc2J/TfC1e1Q
qQb4bwfckaOurT9uPzNcC5uMwZ4Dmq36B3dAd3QcOsnDKgxNE9/RZJGcFrGBgEtZ
wNYbjZuA3cFtHvvejYWqOJxbWH7pdagi1q3iWGGZASdN7m20GoZyWW0LwqSW/Tdy
POTyIW+Px1POeYG8TlHYgaMVD9tKWa/EI3Z7foPkg8auLKFwIQ649xPgTpYrdd4K
6PazPnbvF50FE9/v9hCdNpNyClY6BYquRS4YXck9A/r99luZO2InbMcfjhTItSJu
VI7ogLOiOD/SqgDxfsNsqd7THhWIm0FamNtmti0JKBNpWWkMrfKFeXPdTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFeuOTLXvJQM/+Gf6NrY7Z59/XMGMB8GA1UdIwQY
MBaAFCpPKvhDfnGT1XiF+2O9sDwDuhm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2Yt
ZGZhNTM4NDI4ZThmLzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2YtZGZhNTM4NDI4ZThm
LzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEi7/y2Tb
tSXQj8l+agWvI4GlkLrTklq1L35k+h145Np1p9c8cGGrcWvjGD+u6Kox+MJGy8sX
IQGXV5a+DOZJ4Amkac+G+4Kw2qu4pWra4U/vHc0rS3tbk3qd1FxC3BxgjudKL5p/
FUKdCdf4FRvXJ9N7RwniS4EKiYr7QAVJJF1glyw/Id6Zkp3OaC3QKATk3xDWL5cV
IxMw27iaTeNOolchAJbZaAAx+36ZTmgm7Lp77chXcW7bEnm0uIM1h786KQG58FTT
oI6vz916o9bNr9ebX/cOC/I5K48htHXYI4nOcK7N1MI07MS+J6OGplqkz0JZ8Syh
C+SDYm8gKz4Egw==
-----END CERTIFICATE-----