Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
File:                     Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft (raw, json)
Hash identifier:          kTwtTSevR2p9+3XkmIFlPNPpqtML2TRGxZ9uPWiKVWw=
Subject key identifier:   80:57:F6:A3:03:61:38:43:2A:7A:40:05:DA:EC:BF:52:C7:CE:DE:10
Authority key identifier: 2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC
Certificate issuer:       /CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
Certificate serial:       01974A7B60EFEDD2F4134D01409EEE1DF741
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
Manifest number:          0E32
Signing time:             Sat 07 Jun 2025 13:01:29 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:29 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:29 +0000
Files and hashes:         1: Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl (hash: Cw16dzL7mONKCqdFPMmljTeY+0F9ShejTDksY7pPZ+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:60:ef:ed:d2:f4:13:4d:01:40:9e:ee:1d:f7:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
        Validity
            Not Before: Jun  7 13:01:29 2025 GMT
            Not After : Jun  8 13:01:29 2025 GMT
        Subject: CN=8057f6a3036138432a7a4005daecbf52c7cede10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:31:cd:32:16:94:6f:4d:c1:9d:ad:85:7b:33:
                    dc:0e:e2:74:18:d0:14:89:6e:19:c0:c5:6c:3c:62:
                    d8:c8:12:7c:be:37:1d:4b:15:ef:0f:b6:95:aa:56:
                    e4:70:d2:e0:31:4d:c8:cf:e7:6c:f9:70:0e:85:65:
                    0a:c5:86:40:ed:24:74:2a:6d:3d:a1:5b:71:e5:ba:
                    b1:59:39:f9:dd:c1:66:84:3b:cd:37:65:41:3c:be:
                    3a:55:98:a3:5e:ba:9e:45:4a:5e:95:d9:2b:07:da:
                    93:dd:8e:ed:64:e6:1b:bf:36:8d:e9:0c:d6:2d:c3:
                    bc:83:55:a7:47:8f:b5:1d:57:87:79:3a:71:09:e5:
                    49:40:5d:d2:7a:af:ef:25:ac:5e:7d:42:d1:e8:39:
                    00:da:e6:d5:14:f5:b2:66:5d:c4:2f:96:84:72:94:
                    91:a8:76:48:e0:d6:67:44:fe:59:fa:ab:9d:4d:45:
                    41:57:7e:8a:93:b0:8e:18:a2:b5:18:59:bc:f7:25:
                    76:d2:0e:dc:52:f3:07:ff:4e:8e:31:19:01:5d:ed:
                    e7:ac:8d:e3:26:35:5a:bf:62:52:2f:85:9a:93:8f:
                    5d:c2:05:e2:f0:85:cc:47:98:d9:f2:3b:e0:c7:44:
                    c8:93:15:08:ef:74:49:48:9e:6b:9d:b9:31:3d:a6:
                    eb:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:57:F6:A3:03:61:38:43:2A:7A:40:05:DA:EC:BF:52:C7:CE:DE:10
            X509v3 Authority Key Identifier:
                keyid:2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:09:e8:77:05:1f:8e:ab:80:a8:90:03:9f:fc:35:85:ab:10:
         37:64:e7:98:78:f1:83:ef:50:2c:e4:6e:1f:50:94:34:6e:c8:
         72:e4:06:59:d7:72:33:4c:f0:9d:dc:94:27:fe:5e:a6:5d:9f:
         d9:c2:75:45:84:e9:65:c6:93:97:50:c9:e5:c9:bf:d1:85:32:
         b9:a0:32:13:7f:07:90:2f:ae:a5:e3:c3:60:50:82:ba:66:68:
         1b:6d:78:b4:a3:5a:5a:ad:cb:ae:a6:f2:13:32:cd:79:3a:82:
         75:d2:2e:8e:c3:df:82:2c:a4:4f:c5:e6:a4:a5:c9:00:80:e1:
         de:c9:0e:16:14:80:79:c2:c3:cd:91:58:5b:30:8d:e9:43:d7:
         6f:5a:c2:2a:0d:6f:51:79:ff:14:b6:fa:b8:ff:05:3e:3f:4f:
         1f:d7:8b:8e:df:2c:cd:a0:7e:73:88:7e:02:3e:62:81:39:f3:
         97:80:79:91:2a:5f:86:35:df:c6:de:3d:05:6a:c2:9d:a9:54:
         b2:96:20:ec:9c:0e:c4:3f:2a:95:0b:0c:e1:89:52:5f:81:fe:
         b5:86:78:24:b3:97:ff:25:8e:18:1b:0d:a7:49:29:25:ed:11:
         ba:25:e6:1b:d2:09:b8:34:4c:be:bd:09:78:ec:c4:3e:a4:39:
         8c:9c:5e:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe2Dv7dL0E00BQJ7uHfdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGYyYWY4NDM3ZTcxOTNkNTc4ODVmYjYzYmRiMDNjMDNi
YTE5YmMwHhcNMjUwNjA3MTMwMTI5WhcNMjUwNjA4MTMwMTI5WjAzMTEwLwYDVQQD
Eyg4MDU3ZjZhMzAzNjEzODQzMmE3YTQwMDVkYWVjYmY1MmM3Y2VkZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDHNMhaUb03Bna2FezPcDuJ0GNAU
iW4ZwMVsPGLYyBJ8vjcdSxXvD7aVqlbkcNLgMU3Iz+ds+XAOhWUKxYZA7SR0Km09
oVtx5bqxWTn53cFmhDvNN2VBPL46VZijXrqeRUpeldkrB9qT3Y7tZOYbvzaN6QzW
LcO8g1WnR4+1HVeHeTpxCeVJQF3Seq/vJaxefULR6DkA2ubVFPWyZl3EL5aEcpSR
qHZI4NZnRP5Z+qudTUVBV36Kk7COGKK1GFm89yV20g7cUvMH/06OMRkBXe3nrI3j
JjVav2JSL4Wak49dwgXi8IXMR5jZ8jvgx0TIkxUI73RJSJ5rnbkxPabrhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIBX9qMDYThDKnpABdrsv1LHzt4QMB8GA1UdIwQY
MBaAFCpPKvhDfnGT1XiF+2O9sDwDuhm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2Yt
ZGZhNTM4NDI4ZThmLzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2YtZGZhNTM4NDI4ZThm
LzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgAnodwUf
jquAqJADn/w1hasQN2TnmHjxg+9QLORuH1CUNG7IcuQGWddyM0zwndyUJ/5epl2f
2cJ1RYTpZcaTl1DJ5cm/0YUyuaAyE38HkC+upePDYFCCumZoG214tKNaWq3Lrqby
EzLNeTqCddIujsPfgiykT8XmpKXJAIDh3skOFhSAecLDzZFYWzCN6UPXb1rCKg1v
UXn/FLb6uP8FPj9PH9eLjt8szaB+c4h+Aj5igTnzl4B5kSpfhjXfxt49BWrCnalU
spYg7JwOxD8qlQsM4YlSX4H+tYZ4JLOX/yWOGBsNp0kpJe0RuiXmG9IJuDRMvr0J
eOzEPqQ5jJxeUQ==
-----END CERTIFICATE-----