Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
File:                     kyIxLx0huzs4bKOqlzrGzSVLcDk.mft (raw, json)
Hash identifier:          LtOMXxP80YjEwTTuv41hWiP7XvqgUFyIzYpmT4A432I=
Subject key identifier:   D3:17:37:20:99:04:D1:BD:F9:6A:46:A3:E4:8D:DA:E6:60:F5:8D:8B
Authority key identifier: 93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39
Certificate issuer:       /CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
Certificate serial:       01974930FAB79F1FA33F0286E69E17AF9D25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 07:00:36 +0000
Manifest this update:     Sat 07 Jun 2025 07:00:36 +0000
Manifest next update:     Sun 08 Jun 2025 07:00:36 +0000
Files and hashes:         1: kyIxLx0huzs4bKOqlzrGzSVLcDk.crl (hash: h5FLI5WHP97I065tXlGfbqiZNrG6szOu0Ln104UGMks=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 07:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:30:fa:b7:9f:1f:a3:3f:02:86:e6:9e:17:af:9d:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
        Validity
            Not Before: Jun  7 07:00:36 2025 GMT
            Not After : Jun  8 07:00:36 2025 GMT
        Subject: CN=d31737209904d1bdf96a46a3e48ddae660f58d8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8f:a9:1e:60:52:a5:b1:03:ad:a2:8a:35:5e:
                    a4:44:f8:04:c6:0a:ca:4f:7f:12:2c:90:8f:4e:48:
                    5d:83:ca:50:90:38:f7:30:44:cb:44:3c:38:fb:2b:
                    d6:67:5d:91:b6:32:ed:63:96:f7:5d:0d:fd:90:89:
                    65:c1:7f:58:e2:fd:42:19:d1:2a:c9:48:26:da:77:
                    e2:5d:5c:5f:3a:ea:0e:fe:cc:91:78:c8:f7:2e:37:
                    c2:05:0e:67:c1:93:2a:21:71:23:1d:b9:58:af:86:
                    9b:c0:9a:31:0e:8a:66:2f:0d:86:ba:68:ae:ea:88:
                    c3:03:ec:65:c6:46:77:e0:24:30:42:7d:65:d7:04:
                    aa:45:b9:08:fd:b2:bf:3b:95:3c:5d:13:a2:52:5e:
                    94:2f:e7:01:99:8d:c2:b0:d3:f6:e7:5a:3a:80:28:
                    ca:f7:90:09:19:10:b9:0e:29:e8:98:69:7e:7d:81:
                    71:b8:59:e9:46:c5:d5:f6:4c:3c:2f:fd:fc:af:51:
                    dc:32:12:6e:bf:d3:f2:3d:aa:bb:2b:2c:91:03:25:
                    a9:f0:6f:05:0e:e1:03:12:3f:29:68:e5:d0:63:29:
                    09:29:d5:46:83:ec:19:b1:b1:8f:c7:16:ad:16:b4:
                    03:9a:8d:3c:c3:a8:3f:39:34:7f:c8:6a:6c:3e:7f:
                    35:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:17:37:20:99:04:D1:BD:F9:6A:46:A3:E4:8D:DA:E6:60:F5:8D:8B
            X509v3 Authority Key Identifier:
                keyid:93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:02:5d:f6:bc:ec:1e:66:c3:e2:21:d9:9d:70:0c:6b:54:c0:
         8f:5c:86:31:e4:8f:6f:da:ae:e7:94:22:07:71:cf:05:22:20:
         7c:42:4e:c8:79:be:57:3d:60:24:f2:be:68:e5:40:69:68:f9:
         47:e7:84:dc:e3:6c:82:4c:07:5a:ae:79:1f:1e:17:f1:dd:b1:
         25:1f:37:d6:fe:1d:92:b1:75:71:ef:ab:94:81:4d:15:e0:cf:
         6a:bb:ea:2c:80:b5:aa:ac:aa:dd:f6:59:9e:1d:f2:d4:af:9b:
         0f:2c:a1:9f:b6:35:68:36:3f:1d:8b:ac:ce:87:26:56:fb:20:
         0e:c7:d4:15:fb:a0:34:fc:72:2c:c5:cb:52:c2:2a:3a:ff:d5:
         46:d0:1f:52:42:fa:74:e3:03:43:6f:6d:24:3f:e0:21:e7:b4:
         fc:7b:05:3c:3b:3a:6b:54:41:2e:d6:84:89:77:70:0c:c0:0c:
         5e:c9:0a:23:03:ad:40:35:58:e6:4e:52:f5:67:33:ad:83:ea:
         41:96:e5:4a:aa:f5:93:f8:c6:ec:da:94:97:02:6d:dc:c8:93:
         99:4b:2b:eb:a9:90:1d:68:b0:4e:a8:d8:9e:0e:ac:24:87:9a:
         11:bc:7a:cc:34:a0:bf:9a:6a:53:c7:bc:28:65:04:fd:fd:20:
         d6:14:a2:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJMPq3nx+jPwKG5p4Xr50lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjIzMTJmMWQyMWJiM2IzODZjYTNhYTk3M2FjNmNkMjU0
YjcwMzkwHhcNMjUwNjA3MDcwMDM2WhcNMjUwNjA4MDcwMDM2WjAzMTEwLwYDVQQD
EyhkMzE3MzcyMDk5MDRkMWJkZjk2YTQ2YTNlNDhkZGFlNjYwZjU4ZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4+pHmBSpbEDraKKNV6kRPgExgrK
T38SLJCPTkhdg8pQkDj3METLRDw4+yvWZ12RtjLtY5b3XQ39kIllwX9Y4v1CGdEq
yUgm2nfiXVxfOuoO/syReMj3LjfCBQ5nwZMqIXEjHblYr4abwJoxDopmLw2Gumiu
6ojDA+xlxkZ34CQwQn1l1wSqRbkI/bK/O5U8XROiUl6UL+cBmY3CsNP251o6gCjK
95AJGRC5DinomGl+fYFxuFnpRsXV9kw8L/38r1HcMhJuv9PyPaq7KyyRAyWp8G8F
DuEDEj8paOXQYykJKdVGg+wZsbGPxxatFrQDmo08w6g/OTR/yGpsPn811wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMXNyCZBNG9+WpGo+SN2uZg9Y2LMB8GA1UdIwQY
MBaAFJMiMS8dIbs7OGyjqpc6xs0lS3A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMt
YzI2Nzc4MDliNGE3LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMtYzI2Nzc4MDliNGE3
LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOgJd9rzs
HmbD4iHZnXAMa1TAj1yGMeSPb9qu55QiB3HPBSIgfEJOyHm+Vz1gJPK+aOVAaWj5
R+eE3ONsgkwHWq55Hx4X8d2xJR831v4dkrF1ce+rlIFNFeDParvqLIC1qqyq3fZZ
nh3y1K+bDyyhn7Y1aDY/HYuszocmVvsgDsfUFfugNPxyLMXLUsIqOv/VRtAfUkL6
dOMDQ29tJD/gIee0/HsFPDs6a1RBLtaEiXdwDMAMXskKIwOtQDVY5k5S9WczrYPq
QZblSqr1k/jG7NqUlwJt3MiTmUsr66mQHWiwTqjYng6sJIeaEbx6zDSgv5pqU8e8
KGUE/f0g1hSiSA==
-----END CERTIFICATE-----