Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          XI90NGEUOhyA970TXL/Rwt+H3wWkkOMRj4DRSSvwaBY=
Subject key identifier:   7A:68:E7:F5:E7:47:33:E1:55:98:09:05:28:21:B7:1D:62:F0:53:04
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       01974C68DFB0AE274FB11BE512F614846084
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          084B
Signing time:             Sat 07 Jun 2025 22:00:30 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:30 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:30 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: 7CSsdS2aJbJUtjxOAyJUqAE8C7pL29Fq7mOFCWipO2k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:68:df:b0:ae:27:4f:b1:1b:e5:12:f6:14:84:60:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: Jun  7 22:00:30 2025 GMT
            Not After : Jun  8 22:00:30 2025 GMT
        Subject: CN=7a68e7f5e74733e1559809052821b71d62f05304
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:c4:e8:4f:dc:bb:9b:69:62:de:32:55:d7:d6:
                    4d:64:2d:d6:52:79:77:a9:46:03:1b:ce:8a:21:ed:
                    60:44:77:bb:47:15:01:79:e0:3f:36:da:80:a4:99:
                    63:33:fe:d7:7c:86:6b:e5:3a:5d:03:64:d7:c3:82:
                    28:07:49:1d:75:1e:da:75:72:3a:0c:93:ef:43:e7:
                    92:a2:97:c9:8b:5f:45:ea:9c:22:53:00:c0:0f:4f:
                    d3:d0:0e:0c:4b:3c:81:1a:3d:5a:2f:2e:85:38:77:
                    f8:57:f5:73:3e:67:16:9b:4f:5e:57:e8:74:63:de:
                    7c:22:c1:7c:1d:36:0f:dc:bf:18:8b:3e:e0:00:4e:
                    ba:ec:8c:a1:46:89:26:58:59:2e:19:dd:9b:dc:01:
                    73:a7:c4:3b:06:94:3a:f0:25:bc:bc:e8:d8:f9:dc:
                    6d:39:fe:f0:b5:1f:a4:5d:f7:57:8e:61:8c:39:64:
                    79:12:b5:f3:ee:1d:69:b4:ce:60:98:66:1d:90:33:
                    7d:38:18:e2:28:19:a3:7b:af:3b:28:95:d1:83:27:
                    6c:cd:cb:d4:84:29:39:1c:80:dc:f8:7b:ce:df:31:
                    71:a7:b4:b8:93:02:a7:6a:39:36:4e:7e:5e:21:79:
                    de:f6:ba:b7:dc:c9:0a:71:c6:c1:14:27:0a:ed:c6:
                    a8:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:68:E7:F5:E7:47:33:E1:55:98:09:05:28:21:B7:1D:62:F0:53:04
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:39:ff:6d:4c:96:d6:cf:e7:0a:df:71:2e:d3:4c:07:96:d9:
         02:b3:df:b4:b5:ec:42:c1:fc:e4:7e:4c:50:f9:a8:4b:5b:7a:
         fd:7b:4b:2e:43:86:fe:7c:cf:f6:d7:1d:e7:82:7e:89:99:fe:
         31:83:af:8f:7a:18:d9:ae:a8:11:2d:03:0d:84:07:04:61:52:
         db:6e:e4:aa:4f:2c:79:d3:35:01:1c:70:bd:a0:05:4c:a4:7a:
         66:2e:78:ae:cd:2d:5e:29:8c:ff:8c:64:34:02:43:41:df:b7:
         8f:99:06:1e:81:f8:6d:b5:1c:a6:f2:28:5d:d7:aa:d9:08:ae:
         6a:3b:a5:7c:1c:46:6b:1d:9c:b0:2e:f2:f7:17:f9:b6:1b:ec:
         f7:b0:5b:2a:c5:0b:58:40:f4:6a:33:10:cb:9a:d8:cf:dc:a7:
         83:ef:54:a5:fd:ba:34:10:7c:bb:15:8c:b4:9c:b9:de:dd:68:
         75:21:69:e2:ed:c9:fc:52:38:1a:3f:46:48:13:e4:ca:51:5b:
         64:e7:fa:a3:fd:98:b2:2e:46:6b:f9:b9:09:57:00:a0:35:3d:
         57:35:71:67:02:41:df:fe:13:42:eb:2c:93:18:67:fa:5f:0b:
         c9:b1:cd:fc:f2:74:cb:62:32:54:a8:6b:00:72:78:11:f4:02:
         fa:c2:8b:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaN+wridPsRvlEvYUhGCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjUwNjA3MjIwMDMwWhcNMjUwNjA4MjIwMDMwWjAzMTEwLwYDVQQD
Eyg3YTY4ZTdmNWU3NDczM2UxNTU5ODA5MDUyODIxYjcxZDYyZjA1MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8ToT9y7m2li3jJV19ZNZC3WUnl3
qUYDG86KIe1gRHe7RxUBeeA/NtqApJljM/7XfIZr5TpdA2TXw4IoB0kddR7adXI6
DJPvQ+eSopfJi19F6pwiUwDAD0/T0A4MSzyBGj1aLy6FOHf4V/VzPmcWm09eV+h0
Y958IsF8HTYP3L8Yiz7gAE667IyhRokmWFkuGd2b3AFzp8Q7BpQ68CW8vOjY+dxt
Of7wtR+kXfdXjmGMOWR5ErXz7h1ptM5gmGYdkDN9OBjiKBmje687KJXRgydszcvU
hCk5HIDc+HvO3zFxp7S4kwKnajk2Tn5eIXne9rq33MkKccbBFCcK7caoRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHpo5/XnRzPhVZgJBSghtx1i8FMEMB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkTn/bUyW
1s/nCt9xLtNMB5bZArPftLXsQsH85H5MUPmoS1t6/XtLLkOG/nzP9tcd54J+iZn+
MYOvj3oY2a6oES0DDYQHBGFS227kqk8sedM1ARxwvaAFTKR6Zi54rs0tXimM/4xk
NAJDQd+3j5kGHoH4bbUcpvIoXdeq2QiuajulfBxGax2csC7y9xf5thvs97BbKsUL
WED0ajMQy5rYz9yng+9Upf26NBB8uxWMtJy53t1odSFp4u3J/FI4Gj9GSBPkylFb
ZOf6o/2Ysi5Ga/m5CVcAoDU9VzVxZwJB3/4TQusskxhn+l8LybHN/PJ0y2IyVKhr
AHJ4EfQC+sKLJA==
-----END CERTIFICATE-----