Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
File:                     Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft (raw, json)
Hash identifier:          LEVpjyx4TxeurmhKn298JIgoMrThsFId0kVOj7Sr82U=
Subject key identifier:   F1:0C:30:B0:D4:F5:81:DE:BC:71:59:83:D5:0E:32:89:2A:66:E7:A5
Authority key identifier: 2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC
Certificate issuer:       /CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
Certificate serial:       01958C601A487200E02C7386E898D721812C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
Manifest number:          0D4B
Signing time:             Wed 12 Mar 2025 22:01:02 +0000
Manifest this update:     Wed 12 Mar 2025 22:01:02 +0000
Manifest next update:     Thu 13 Mar 2025 22:01:02 +0000
Files and hashes:         1: Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl (hash: 1Zeb523NqNKrzDZ/F7y01etfGUYS0EEMLvBBheH6wek=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:60:1a:48:72:00:e0:2c:73:86:e8:98:d7:21:81:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
        Validity
            Not Before: Mar 12 22:01:02 2025 GMT
            Not After : Mar 13 22:01:02 2025 GMT
        Subject: CN=f10c30b0d4f581debc715983d50e32892a66e7a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:81:3b:3e:87:c2:a2:2a:41:a5:f5:65:7c:4b:
                    ca:32:54:5b:e2:d6:2b:d1:86:7d:a5:d5:3d:0a:b0:
                    f2:55:73:25:90:9e:b6:b6:03:fb:e9:4d:4c:2d:9a:
                    de:c9:84:1f:44:2a:74:2e:76:88:82:e2:bb:0c:d4:
                    71:c0:06:17:ae:1b:b5:91:43:b2:5c:a0:ed:38:ee:
                    95:99:20:0e:bc:b5:9d:dd:08:de:56:42:a9:a6:f7:
                    b7:b3:fc:e8:85:76:53:83:f9:54:ad:52:55:78:7e:
                    5a:0f:78:5a:31:1e:62:d8:1d:ef:78:84:68:a0:eb:
                    05:92:83:45:de:f4:d7:5a:48:5a:f5:43:8e:d8:ca:
                    dc:6e:8c:26:04:a6:06:0d:10:3b:4d:7b:60:2c:da:
                    55:4d:fe:23:b9:e9:2d:96:58:af:e4:e7:89:1a:a3:
                    70:6d:23:c5:83:8c:65:a6:15:ab:e1:52:97:70:32:
                    73:0a:7e:f7:b1:0d:3d:a8:a7:dd:51:b1:56:a8:4b:
                    83:42:07:11:80:52:0b:23:6b:d4:c6:33:29:a7:3a:
                    f1:cc:d9:73:7b:d1:74:1e:0a:99:56:a4:6f:c4:53:
                    66:b3:51:4b:e1:f8:2c:ee:40:45:e5:f0:5e:ea:f2:
                    cf:cf:a8:be:ac:9c:ed:d0:a2:93:6b:e0:7a:0b:a4:
                    33:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:0C:30:B0:D4:F5:81:DE:BC:71:59:83:D5:0E:32:89:2A:66:E7:A5
            X509v3 Authority Key Identifier:
                keyid:2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:aa:c6:32:b0:35:b5:8a:ea:79:d7:d5:b4:60:89:1d:0a:f8:
         c2:c8:ec:a1:1a:c5:bd:2a:ce:fc:ce:41:e6:68:bf:7d:40:b3:
         80:3e:cb:0d:ac:7b:30:29:b2:5e:d6:3b:83:80:63:b6:f5:07:
         cb:ea:0d:36:7b:60:56:e5:ab:c7:da:72:7f:4e:d7:85:0e:8f:
         e1:bf:22:97:00:f1:46:9f:75:e7:62:13:2f:fa:e7:e3:ff:c7:
         89:76:ad:d9:dd:d4:fa:08:a6:da:c6:38:d5:cb:30:66:71:21:
         38:3b:de:e0:ed:77:30:f4:e5:ba:09:55:03:df:cd:17:83:e0:
         f6:0e:68:31:18:ca:7d:ef:ec:ef:05:1f:6d:a7:8f:37:e1:9b:
         b7:84:52:e0:b7:08:03:90:d3:ae:a6:28:73:71:42:7f:cf:ed:
         67:e8:c3:55:ca:5c:0e:e1:1d:46:d8:04:05:82:2d:6e:a9:ab:
         b2:8d:18:f3:f3:31:60:01:81:60:fc:eb:54:a0:33:71:29:91:
         42:ef:97:ef:4f:d8:a7:82:f4:b7:c4:c3:a3:c8:c9:34:ed:1c:
         b9:83:b3:2f:7f:ea:14:9d:30:0a:4d:7d:67:fb:9a:f4:e8:65:
         84:dd:9f:1d:11:13:81:80:21:e1:fe:59:a8:1e:ae:cd:4f:27:
         57:0b:ce:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMYBpIcgDgLHOG6JjXIYEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGYyYWY4NDM3ZTcxOTNkNTc4ODVmYjYzYmRiMDNjMDNi
YTE5YmMwHhcNMjUwMzEyMjIwMTAyWhcNMjUwMzEzMjIwMTAyWjAzMTEwLwYDVQQD
EyhmMTBjMzBiMGQ0ZjU4MWRlYmM3MTU5ODNkNTBlMzI4OTJhNjZlN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIE7PofCoipBpfVlfEvKMlRb4tYr
0YZ9pdU9CrDyVXMlkJ62tgP76U1MLZreyYQfRCp0LnaIguK7DNRxwAYXrhu1kUOy
XKDtOO6VmSAOvLWd3QjeVkKppve3s/zohXZTg/lUrVJVeH5aD3haMR5i2B3veIRo
oOsFkoNF3vTXWkha9UOO2MrcbowmBKYGDRA7TXtgLNpVTf4juektlliv5OeJGqNw
bSPFg4xlphWr4VKXcDJzCn73sQ09qKfdUbFWqEuDQgcRgFILI2vUxjMppzrxzNlz
e9F0HgqZVqRvxFNms1FL4fgs7kBF5fBe6vLPz6i+rJzt0KKTa+B6C6Qz1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPEMMLDU9YHevHFZg9UOMokqZuelMB8GA1UdIwQY
MBaAFCpPKvhDfnGT1XiF+2O9sDwDuhm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2Yt
ZGZhNTM4NDI4ZThmLzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2YtZGZhNTM4NDI4ZThm
LzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbarGMrA1
tYrqedfVtGCJHQr4wsjsoRrFvSrO/M5B5mi/fUCzgD7LDax7MCmyXtY7g4BjtvUH
y+oNNntgVuWrx9pyf07XhQ6P4b8ilwDxRp9152ITL/rn4//HiXat2d3U+gim2sY4
1cswZnEhODve4O13MPTluglVA9/NF4Pg9g5oMRjKfe/s7wUfbaePN+Gbt4RS4LcI
A5DTrqYoc3FCf8/tZ+jDVcpcDuEdRtgEBYItbqmrso0Y8/MxYAGBYPzrVKAzcSmR
Qu+X70/Yp4L0t8TDo8jJNO0cuYOzL3/qFJ0wCk19Z/ua9OhlhN2fHRETgYAh4f5Z
qB6uzU8nVwvOEA==
-----END CERTIFICATE-----