Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          pP+94htl+DaGbR2Unw3tsQlGRNS+CVCjZc7MOMyiq24=
Subject key identifier:   09:7E:AE:74:23:FB:DD:5D:3E:53:6E:DF:64:09:1D:2C:11:BF:95:4F
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       019510C7B1C79D7816C693C34F99BF725347
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          0723
Signing time:             Sun 16 Feb 2025 22:01:17 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:17 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:17 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: OFTgKHweVEahu8Zsu/A+O2m7CoHEgSsOfGg5KL+Dg2Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:b1:c7:9d:78:16:c6:93:c3:4f:99:bf:72:53:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: Feb 16 22:01:17 2025 GMT
            Not After : Feb 17 22:01:17 2025 GMT
        Subject: CN=097eae7423fbdd5d3e536edf64091d2c11bf954f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:81:b9:e9:25:e0:e5:a1:a8:5b:0a:8e:b3:fc:
                    94:e4:08:b6:d7:a5:e9:05:77:e2:1d:78:2d:e8:5f:
                    6d:49:8f:91:d9:d0:56:65:1f:89:b1:40:7d:77:c3:
                    63:ae:3a:a7:aa:38:59:ba:19:28:92:50:25:da:31:
                    1d:6f:e5:c7:81:ac:eb:d5:f5:fb:33:3c:a6:8f:ab:
                    21:1d:4d:6f:a5:40:a2:2b:69:d2:3d:28:da:e3:bc:
                    5d:d9:64:54:9f:55:07:e4:8b:f3:27:34:22:7e:67:
                    6d:38:45:10:97:06:aa:48:95:e9:32:b3:58:04:83:
                    9d:0b:f5:55:d6:1a:22:1a:d8:27:a7:bc:e0:b6:d8:
                    6a:74:dd:7c:d5:45:aa:cf:ba:cf:78:5a:49:b3:1b:
                    6b:03:a0:8c:10:37:1a:d6:0b:ae:d0:a2:1d:f7:33:
                    28:86:81:81:56:fc:5b:28:24:90:62:7f:8a:bf:e5:
                    6e:ce:e0:55:a7:5f:eb:fd:15:49:a2:2a:3f:b6:9d:
                    f8:aa:38:8b:e8:ed:c4:26:5b:a9:27:8a:b0:23:73:
                    d5:5f:2e:74:78:b8:a4:44:85:06:7c:35:b5:b1:09:
                    c7:d5:fc:8b:83:e8:bd:54:2d:98:64:31:5a:3e:09:
                    be:31:b9:86:f9:8a:cf:05:79:db:3d:22:48:6c:f6:
                    cb:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:7E:AE:74:23:FB:DD:5D:3E:53:6E:DF:64:09:1D:2C:11:BF:95:4F
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:e3:94:56:32:52:1f:0b:27:03:49:64:ca:84:3a:ac:bd:77:
         a1:7a:35:d1:b2:51:8d:67:e9:ec:ce:47:23:2a:cb:e5:59:c1:
         ac:0c:2a:7b:e9:6d:aa:c1:09:48:62:6a:f7:3e:9f:13:90:ff:
         bf:03:f6:a9:47:ef:e7:d3:be:9b:0c:67:c7:99:4f:ea:6a:05:
         56:56:d9:a2:18:c4:07:67:71:48:7f:ce:6e:3a:32:20:49:c9:
         b7:54:04:f7:f3:dc:c2:18:1d:e0:54:26:a5:41:2c:fb:12:86:
         f4:b3:b6:e5:25:c6:df:66:4f:79:fe:84:44:d6:b4:d4:5a:97:
         76:da:63:2c:c9:71:a9:60:32:82:85:8e:1e:8c:cf:f5:6b:8c:
         6d:bd:25:fe:9c:bb:20:23:4a:11:22:b7:01:70:47:ea:1f:77:
         4e:bc:b4:98:38:0e:56:98:58:06:c0:68:e9:57:69:fc:5d:04:
         59:87:0d:8c:fb:f7:ef:cd:a5:55:d4:1f:c7:6d:b1:09:a4:7f:
         5a:f2:20:d1:8b:c5:04:de:88:5a:c0:13:2a:96:4e:ef:78:7f:
         2a:28:ff:be:41:0e:07:af:22:28:44:56:13:ce:3f:ff:7e:0e:
         62:35:27:6d:02:47:08:38:ad:ac:7b:66:21:3c:79:dc:2e:2c:
         a6:1c:7d:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx7HHnXgWxpPDT5m/clNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjUwMjE2MjIwMTE3WhcNMjUwMjE3MjIwMTE3WjAzMTEwLwYDVQQD
EygwOTdlYWU3NDIzZmJkZDVkM2U1MzZlZGY2NDA5MWQyYzExYmY5NTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4G56SXg5aGoWwqOs/yU5Ai216Xp
BXfiHXgt6F9tSY+R2dBWZR+JsUB9d8NjrjqnqjhZuhkoklAl2jEdb+XHgazr1fX7
Mzymj6shHU1vpUCiK2nSPSja47xd2WRUn1UH5IvzJzQifmdtOEUQlwaqSJXpMrNY
BIOdC/VV1hoiGtgnp7zgtthqdN181UWqz7rPeFpJsxtrA6CMEDca1guu0KId9zMo
hoGBVvxbKCSQYn+Kv+VuzuBVp1/r/RVJoio/tp34qjiL6O3EJlupJ4qwI3PVXy50
eLikRIUGfDW1sQnH1fyLg+i9VC2YZDFaPgm+MbmG+YrPBXnbPSJIbPbLWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAl+rnQj+91dPlNu32QJHSwRv5VPMB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM+OUVjJS
HwsnA0lkyoQ6rL13oXo10bJRjWfp7M5HIyrL5VnBrAwqe+ltqsEJSGJq9z6fE5D/
vwP2qUfv59O+mwxnx5lP6moFVlbZohjEB2dxSH/ObjoyIEnJt1QE9/Pcwhgd4FQm
pUEs+xKG9LO25SXG32ZPef6ERNa01FqXdtpjLMlxqWAygoWOHozP9WuMbb0l/py7
ICNKESK3AXBH6h93Try0mDgOVphYBsBo6Vdp/F0EWYcNjPv3782lVdQfx22xCaR/
WvIg0YvFBN6IWsATKpZO73h/Kij/vkEOB68iKERWE84//34OYjUnbQJHCDitrHtm
ITx53C4sphx9Vw==
-----END CERTIFICATE-----