Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
File:                     kdTzrA50tq60hL0U9ocdmjBCK30.mft (raw, json)
Hash identifier:          KCn2Bvn5l3QdpIFCJBSfLWpEbNRikX82FmqA1FZH0Ho=
Subject key identifier:   A2:D3:3A:00:24:91:8D:DD:19:88:C0:9A:54:DC:C6:CF:34:F1:E5:7E
Authority key identifier: 91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D
Certificate issuer:       /CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
Certificate serial:       0197C9F08390BA61103A9609D6FBB144048C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
Manifest number:          36
Signing time:             Wed 02 Jul 2025 07:01:11 +0000
Manifest this update:     Wed 02 Jul 2025 07:01:11 +0000
Manifest next update:     Thu 03 Jul 2025 07:01:11 +0000
Files and hashes:         1: kdTzrA50tq60hL0U9ocdmjBCK30.crl (hash: z6meM1yQP4rkdfET/ufVMS03elmhveWSFWye/G2sWkc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 07:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:f0:83:90:ba:61:10:3a:96:09:d6:fb:b1:44:04:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
        Validity
            Not Before: Jul  2 07:01:11 2025 GMT
            Not After : Jul  3 07:01:11 2025 GMT
        Subject: CN=a2d33a0024918ddd1988c09a54dcc6cf34f1e57e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:9f:25:a0:8c:49:69:c5:7f:2f:9e:8d:79:68:
                    3b:0a:6e:07:5c:c3:87:33:c4:b1:f8:78:80:0f:c4:
                    4c:69:2f:94:55:f3:4b:f1:5e:4f:ca:4b:e0:43:1a:
                    18:34:85:23:95:dc:a6:72:18:b9:99:48:2d:65:23:
                    22:99:14:c6:e4:37:83:8f:d9:13:3e:4c:14:63:86:
                    94:8e:92:1f:4e:13:06:91:51:5d:82:c1:c9:ba:bf:
                    78:cb:c6:70:bc:9c:c0:70:5e:2f:2d:71:e8:d1:dc:
                    dd:ae:ea:da:e3:2a:d7:44:5f:2d:5e:6a:2c:61:ce:
                    70:f8:21:06:db:f2:f3:9f:dc:bf:a6:18:d8:c4:99:
                    2b:eb:b9:69:a4:43:11:f8:5f:c8:c9:9e:c9:05:0a:
                    2e:45:e9:7a:9d:04:b7:9c:9a:ac:a8:5a:77:a1:ba:
                    15:cc:9b:d0:6d:c0:0a:46:3a:db:5d:5f:f5:cc:3d:
                    43:a3:26:ad:e4:e0:0d:09:d9:77:6c:6f:69:61:18:
                    02:3c:28:6a:98:a5:14:76:ca:57:c6:bb:4b:64:7c:
                    94:94:43:77:53:28:4e:93:0e:e5:d3:3f:23:71:9c:
                    8b:19:11:15:3c:82:17:ee:8f:4e:30:dc:84:92:6d:
                    a2:dd:f1:49:55:1a:0e:54:4e:32:64:3c:f7:76:e3:
                    1d:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:D3:3A:00:24:91:8D:DD:19:88:C0:9A:54:DC:C6:CF:34:F1:E5:7E
            X509v3 Authority Key Identifier:
                keyid:91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:c6:3e:36:f6:de:f0:fa:9e:e0:ee:ab:2e:3b:ac:89:81:d9:
         2b:ef:b4:6f:09:84:2b:15:51:54:b1:f9:f0:a3:93:81:84:84:
         01:3c:b8:64:53:f2:2e:fa:42:a7:7a:96:c4:d6:1e:54:a8:3c:
         00:50:b7:2c:76:a9:ef:c8:b8:8a:66:23:b9:82:ac:e4:d2:a0:
         c9:63:4f:97:8c:3e:fe:4a:7f:b1:f5:06:86:d9:08:e1:f2:65:
         ba:a2:d1:45:e9:96:33:3b:01:52:b3:d8:e2:27:9b:9a:6e:1e:
         43:be:f6:59:eb:80:93:54:57:e5:be:ed:62:3b:80:d0:ed:05:
         b9:83:00:f1:2e:be:a9:f1:eb:99:82:49:20:65:b0:0f:36:30:
         81:4c:e9:43:6d:06:4f:68:43:a6:4c:89:d1:cd:bb:3d:93:ec:
         7d:40:3e:93:3f:7b:d5:8d:18:d7:56:35:db:31:4b:49:d3:d6:
         7f:d3:da:81:8e:fd:ce:6b:eb:85:2b:93:1e:57:21:35:95:12:
         43:44:ea:51:c3:d5:f7:22:12:18:25:ab:1d:3a:5a:e3:92:fa:
         59:6f:b0:c8:67:6c:8f:96:af:1a:7c:ef:ce:85:57:7f:e7:d7:
         f1:c5:94:db:e3:a6:d6:9c:8e:8e:9a:52:3b:4c:46:c6:fe:f1:
         b1:4b:57:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJ8IOQumEQOpYJ1vuxRASMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDRmM2FjMGU3NGI2YWViNDg0YmQxNGY2ODcxZDlhMzA0
MjJiN2QwHhcNMjUwNzAyMDcwMTExWhcNMjUwNzAzMDcwMTExWjAzMTEwLwYDVQQD
EyhhMmQzM2EwMDI0OTE4ZGRkMTk4OGMwOWE1NGRjYzZjZjM0ZjFlNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z8loIxJacV/L56NeWg7Cm4HXMOH
M8Sx+HiAD8RMaS+UVfNL8V5PykvgQxoYNIUjldymchi5mUgtZSMimRTG5DeDj9kT
PkwUY4aUjpIfThMGkVFdgsHJur94y8ZwvJzAcF4vLXHo0dzdrura4yrXRF8tXmos
Yc5w+CEG2/Lzn9y/phjYxJkr67lppEMR+F/IyZ7JBQouRel6nQS3nJqsqFp3oboV
zJvQbcAKRjrbXV/1zD1Doyat5OANCdl3bG9pYRgCPChqmKUUdspXxrtLZHyUlEN3
UyhOkw7l0z8jcZyLGREVPIIX7o9OMNyEkm2i3fFJVRoOVE4yZDz3duMdcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLTOgAkkY3dGYjAmlTcxs808eV+MB8GA1UdIwQY
MBaAFJHU86wOdLautIS9FPaHHZowQit9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEt
YWExMDQ3MzJmNTczLzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEtYWExMDQ3MzJmNTcz
LzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASMY+Nvbe
8Pqe4O6rLjusiYHZK++0bwmEKxVRVLH58KOTgYSEATy4ZFPyLvpCp3qWxNYeVKg8
AFC3LHap78i4imYjuYKs5NKgyWNPl4w+/kp/sfUGhtkI4fJluqLRRemWMzsBUrPY
4iebmm4eQ772WeuAk1RX5b7tYjuA0O0FuYMA8S6+qfHrmYJJIGWwDzYwgUzpQ20G
T2hDpkyJ0c27PZPsfUA+kz971Y0Y11Y12zFLSdPWf9PagY79zmvrhSuTHlchNZUS
Q0TqUcPV9yISGCWrHTpa45L6WW+wyGdsj5avGnzvzoVXf+fX8cWU2+Om1pyOjppS
O0xGxv7xsUtXoQ==
-----END CERTIFICATE-----