Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
File:                     kWV5napb3fL1Nt2BtybPrtDmCFs.mft (raw, json)
Hash identifier:          2iaXcp5KlE6DpZeP530YsFUb6MUqpYE+FyqqdgoHtUs=
Subject key identifier:   3B:F4:F9:A2:9D:D7:E9:E4:3B:2B:9F:54:4D:C3:7F:B2:77:B9:7D:C9
Authority key identifier: 91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B
Certificate issuer:       /CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
Certificate serial:       0197C9F16B8865A18F08D4F48B6C252DBBB2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
Manifest number:          38
Signing time:             Wed 02 Jul 2025 07:02:11 +0000
Manifest this update:     Wed 02 Jul 2025 07:02:11 +0000
Manifest next update:     Thu 03 Jul 2025 07:02:11 +0000
Files and hashes:         1: kWV5napb3fL1Nt2BtybPrtDmCFs.crl (hash: gZG3bUETrFRgB1gJbNW92s57OaAVpOtKiHE+DZOpSZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 03 Jul 2025 02:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c9:f1:6b:88:65:a1:8f:08:d4:f4:8b:6c:25:2d:bb:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
        Validity
            Not Before: Jul  2 07:02:11 2025 GMT
            Not After : Jul  3 07:02:11 2025 GMT
        Subject: CN=3bf4f9a29dd7e9e43b2b9f544dc37fb277b97dc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:5f:21:0b:7b:0f:ca:93:fc:a0:5a:d7:7d:ae:
                    c6:17:8e:2a:dd:da:32:04:f0:fd:5f:2f:38:8e:24:
                    88:84:a1:d1:51:26:bc:ad:fd:ce:da:11:01:e6:c7:
                    db:2c:00:87:70:1d:46:c1:26:ea:4c:0d:23:bb:e5:
                    8b:a9:95:72:63:cd:a6:d7:bc:21:9c:bf:1f:e1:42:
                    eb:26:e7:04:46:a3:f6:78:df:a9:71:ae:91:3c:96:
                    e7:1c:05:dd:32:8c:eb:ac:29:b2:6b:4f:46:a6:ae:
                    97:43:b0:5e:2a:aa:ca:4c:7f:e7:a7:85:25:93:85:
                    32:79:d8:ee:09:f5:e5:c5:92:de:f8:12:0f:d5:8e:
                    15:89:51:bc:5d:a9:41:42:b8:c7:9f:82:79:c6:2f:
                    6f:29:75:8b:dc:04:5a:d2:ec:3f:56:15:57:03:f6:
                    7d:bf:fd:8e:cc:38:cc:e7:63:ce:86:3e:8b:e8:dd:
                    b8:5b:4b:6b:c4:0c:57:6e:b8:de:4f:69:b0:6e:5e:
                    5f:ac:80:c1:a4:31:be:a0:32:0e:a7:34:5f:7f:b0:
                    99:f4:54:98:23:8c:b5:aa:da:26:f2:4f:43:d8:db:
                    e8:6e:0a:8a:a1:09:82:fc:ad:62:ca:4c:7a:c4:b8:
                    70:0b:ee:db:ee:dd:25:1f:47:71:9a:bf:d7:42:09:
                    4f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:F4:F9:A2:9D:D7:E9:E4:3B:2B:9F:54:4D:C3:7F:B2:77:B9:7D:C9
            X509v3 Authority Key Identifier:
                keyid:91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d9:e4:34:39:f9:7e:92:cd:b8:e8:a3:be:5f:47:a5:5a:3e:90:
         68:33:f7:3e:6c:1d:0b:93:79:eb:3a:56:57:22:05:0e:b7:cc:
         a4:b0:94:47:fb:23:a6:c5:22:22:5a:83:43:06:44:ca:de:d7:
         4d:c7:42:e2:d6:90:aa:80:7d:79:b1:d9:32:a5:e2:29:01:52:
         f0:a6:25:83:f0:78:21:f6:6b:05:9f:1a:0a:6b:aa:0a:32:20:
         cc:0b:3f:6f:4b:cb:05:3e:06:74:70:10:57:ac:df:51:e2:70:
         e1:66:f7:e7:7c:e1:11:b5:31:be:65:95:6e:c1:d0:fb:6d:38:
         db:aa:53:5a:6e:21:fd:8b:53:6c:af:71:7e:77:e9:5e:62:a9:
         6a:1c:60:c5:ba:9d:5f:c6:0b:dd:a1:23:0f:c5:68:23:a2:7e:
         f9:46:da:12:bb:27:f0:18:ad:c1:02:05:aa:03:f6:dc:9d:b7:
         e9:62:ec:73:31:8d:24:8d:c4:44:e5:ff:11:ae:68:89:01:08:
         b9:39:1a:7b:93:0d:94:5c:bf:8c:69:44:61:98:46:47:71:66:
         7a:95:c8:10:48:28:ee:86:20:f1:9f:d4:8e:c9:5d:9c:7a:67:
         38:95:cb:b1:20:83:d3:e6:66:ec:bc:72:6e:69:97:b9:83:27:
         42:5a:66:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfJ8WuIZaGPCNT0i2wlLbuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNjU3OTlkYWE1YmRkZjJmNTM2ZGQ4MWI3MjZjZmFlZDBl
NjA4NWIwHhcNMjUwNzAyMDcwMjExWhcNMjUwNzAzMDcwMjExWjAzMTEwLwYDVQQD
EygzYmY0ZjlhMjlkZDdlOWU0M2IyYjlmNTQ0ZGMzN2ZiMjc3Yjk3ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+V8hC3sPypP8oFrXfa7GF44q3doy
BPD9Xy84jiSIhKHRUSa8rf3O2hEB5sfbLACHcB1GwSbqTA0ju+WLqZVyY82m17wh
nL8f4ULrJucERqP2eN+pca6RPJbnHAXdMozrrCmya09Gpq6XQ7BeKqrKTH/np4Ul
k4UyedjuCfXlxZLe+BIP1Y4ViVG8XalBQrjHn4J5xi9vKXWL3ARa0uw/VhVXA/Z9
v/2OzDjM52POhj6L6N24W0trxAxXbrjeT2mwbl5frIDBpDG+oDIOpzRff7CZ9FSY
I4y1qtom8k9D2NvobgqKoQmC/K1iykx6xLhwC+7b7t0lH0dxmr/XQglPqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDv0+aKd1+nkOyufVE3Df7J3uX3JMB8GA1UdIwQY
MBaAFJFleZ2qW93y9Tbdgbcmz67Q5ghbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEt
ZWExN2RhMjI4NGZmLzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEtZWExN2RhMjI4NGZm
LzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2eQ0Ofl+
ks246KO+X0elWj6QaDP3PmwdC5N56zpWVyIFDrfMpLCUR/sjpsUiIlqDQwZEyt7X
TcdC4taQqoB9ebHZMqXiKQFS8KYlg/B4IfZrBZ8aCmuqCjIgzAs/b0vLBT4GdHAQ
V6zfUeJw4Wb353zhEbUxvmWVbsHQ+20426pTWm4h/YtTbK9xfnfpXmKpahxgxbqd
X8YL3aEjD8VoI6J++UbaErsn8BitwQIFqgP23J236WLsczGNJI3EROX/Ea5oiQEI
uTkae5MNlFy/jGlEYZhGR3FmepXIEEgo7oYg8Z/UjsldnHpnOJXLsSCD0+Zm7Lxy
bmmXuYMnQlpm8Q==
-----END CERTIFICATE-----