Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          kSBaQjhDxWUCZHNNYuzGHxE3Aycv7wBNGIuZA8zvDYo=
Subject key identifier:   39:15:82:5D:41:97:5F:09:31:01:AC:9A:0B:C0:D8:1B:DC:2C:F4:3B
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       01974A7B4D0E0F76D0AA7A11C98BC248E37B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          157B
Signing time:             Sat 07 Jun 2025 13:01:23 +0000
Manifest this update:     Sat 07 Jun 2025 13:01:23 +0000
Manifest next update:     Sun 08 Jun 2025 13:01:23 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: I6vfwIpuEdHNCL9go29wfM88gqR5AyLaOTdZ1sSrOuI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:7b:4d:0e:0f:76:d0:aa:7a:11:c9:8b:c2:48:e3:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Jun  7 13:01:23 2025 GMT
            Not After : Jun  8 13:01:23 2025 GMT
        Subject: CN=3915825d41975f093101ac9a0bc0d81bdc2cf43b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:94:5d:c9:df:30:67:8b:38:40:f1:4b:9d:32:
                    f3:49:ea:bf:42:f6:47:1e:f8:11:e4:6d:4f:e5:3d:
                    17:cb:bc:62:c3:93:bb:63:62:29:0b:a0:19:06:84:
                    f3:8b:2e:f8:af:96:6d:3e:44:01:09:f8:32:9a:dc:
                    ce:12:61:98:cf:21:41:4d:f1:54:ea:bd:58:b0:11:
                    28:a1:e2:10:e0:a9:37:98:a0:8f:f8:d7:bb:6e:80:
                    d5:4b:87:2d:cc:ab:e7:a1:48:71:e4:5d:23:e2:0b:
                    85:5e:c3:39:6d:b8:cd:96:fe:dd:e8:66:16:8e:21:
                    ae:f6:6b:0f:73:37:de:52:71:11:87:1e:02:66:f2:
                    c1:83:99:81:dd:68:6c:ba:88:3f:04:a9:2f:0d:21:
                    e4:cd:5a:b0:69:d3:88:43:1b:62:7c:7f:94:36:7b:
                    8f:31:7e:a9:54:80:f1:4d:99:c8:c7:2a:da:f5:d1:
                    7c:1e:22:44:57:56:b8:d0:7d:0f:df:a2:f7:92:f0:
                    e3:88:b3:51:35:8c:5d:76:bc:26:4c:3e:0d:98:23:
                    d0:01:ae:26:84:25:89:20:65:af:de:27:3d:70:74:
                    37:23:46:e2:0d:1c:6f:f8:28:69:4f:19:da:db:00:
                    26:9d:50:7d:2a:21:bc:a8:fb:49:2f:26:de:e3:90:
                    9f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:15:82:5D:41:97:5F:09:31:01:AC:9A:0B:C0:D8:1B:DC:2C:F4:3B
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:b4:62:f1:9f:65:07:f8:b2:62:fc:78:d6:9a:ac:1a:f6:bc:
         a0:1d:52:38:70:1d:4b:60:47:9e:f2:33:bf:d8:9f:ae:d1:ad:
         c2:d2:68:ab:d0:95:2a:68:fb:63:fc:6e:84:70:6a:0d:71:be:
         4a:b4:c4:69:72:52:5a:f6:f5:16:7f:b2:e0:b2:a5:fa:8d:5b:
         4e:c8:77:80:3b:7b:99:ce:82:68:5a:26:c1:68:54:2a:45:84:
         5e:e8:67:24:18:b4:56:a3:98:c6:99:db:ff:5d:bd:db:ae:32:
         03:d2:7d:6c:62:2e:fe:21:8c:1d:f3:7b:82:0b:69:76:f1:8e:
         8c:17:b7:f2:38:e5:58:90:f1:37:9c:26:f2:82:ec:b0:cd:41:
         41:49:af:e1:12:2b:69:43:b7:5a:41:12:c1:9d:18:aa:50:4d:
         80:24:e7:01:52:46:e2:68:a0:fa:af:c3:dd:7d:56:95:e2:ef:
         64:48:30:45:59:72:85:98:4a:94:99:6c:e5:bb:c1:26:5f:0b:
         30:ec:a5:8b:aa:af:a7:c5:06:08:38:2c:54:fa:b8:33:b4:e6:
         23:c5:82:f9:e7:2c:b4:da:76:cb:52:34:ec:13:b0:e6:98:b4:
         49:4f:ad:3d:81:6c:cd:a7:2f:32:ab:2a:d5:e8:5f:23:a3:40:
         bb:d8:29:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdKe00OD3bQqnoRyYvCSON7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjUwNjA3MTMwMTIzWhcNMjUwNjA4MTMwMTIzWjAzMTEwLwYDVQQD
EygzOTE1ODI1ZDQxOTc1ZjA5MzEwMWFjOWEwYmMwZDgxYmRjMmNmNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJRdyd8wZ4s4QPFLnTLzSeq/QvZH
HvgR5G1P5T0Xy7xiw5O7Y2IpC6AZBoTziy74r5ZtPkQBCfgymtzOEmGYzyFBTfFU
6r1YsBEooeIQ4Kk3mKCP+Ne7boDVS4ctzKvnoUhx5F0j4guFXsM5bbjNlv7d6GYW
jiGu9msPczfeUnERhx4CZvLBg5mB3Whsuog/BKkvDSHkzVqwadOIQxtifH+UNnuP
MX6pVIDxTZnIxyra9dF8HiJEV1a40H0P36L3kvDjiLNRNYxddrwmTD4NmCPQAa4m
hCWJIGWv3ic9cHQ3I0biDRxv+ChpTxna2wAmnVB9KiG8qPtJLybe45CfXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkVgl1Bl18JMQGsmgvA2BvcLPQ7MB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZbRi8Z9l
B/iyYvx41pqsGva8oB1SOHAdS2BHnvIzv9ifrtGtwtJoq9CVKmj7Y/xuhHBqDXG+
SrTEaXJSWvb1Fn+y4LKl+o1bTsh3gDt7mc6CaFomwWhUKkWEXuhnJBi0VqOYxpnb
/129264yA9J9bGIu/iGMHfN7ggtpdvGOjBe38jjlWJDxN5wm8oLssM1BQUmv4RIr
aUO3WkESwZ0YqlBNgCTnAVJG4mig+q/D3X1WleLvZEgwRVlyhZhKlJls5bvBJl8L
MOyli6qvp8UGCDgsVPq4M7TmI8WC+ecstNp2y1I07BOw5pi0SU+tPYFszacvMqsq
1ehfI6NAu9gpGw==
-----END CERTIFICATE-----