Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File:                     MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier:          lptvaTl6pYn9BSnlBVle+N7A2jRs1fdI30ekIr2S4wk=
Subject key identifier:   14:4B:41:58:5D:58:71:0E:CD:4B:E4:0C:A7:12:64:09:0A:6A:81:78
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer:       /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial:       019747426588AAD623603D83D2B6D83229C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number:          03DD
Signing time:             Fri 06 Jun 2025 22:00:23 +0000
Manifest this update:     Fri 06 Jun 2025 22:00:23 +0000
Manifest next update:     Sat 07 Jun 2025 22:00:23 +0000
Files and hashes:         1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: JXs18ZabTz/Xofc6PSHXzOLPsbmITD30vuL/q1RUKGU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:42:65:88:aa:d6:23:60:3d:83:d2:b6:d8:32:29:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
        Validity
            Not Before: Jun  6 22:00:23 2025 GMT
            Not After : Jun  7 22:00:23 2025 GMT
        Subject: CN=144b41585d58710ecd4be40ca71264090a6a8178
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:77:54:11:26:54:91:b4:47:53:95:3a:1a:20:
                    89:16:26:13:96:c7:fa:06:02:2e:54:71:34:d4:0e:
                    07:b5:11:93:7d:b4:59:3f:85:19:be:6a:9e:a4:0c:
                    41:a1:d7:a9:08:f5:16:75:c3:9d:c4:b2:fa:57:ad:
                    f1:92:bc:36:7a:ae:7b:cc:4b:a5:68:c2:03:f4:85:
                    18:ad:1e:ae:fe:16:40:62:ac:ee:16:d8:b9:35:d4:
                    a9:6a:69:60:e8:a7:fa:b0:bc:3a:8c:ac:f3:b9:e8:
                    4e:26:f3:2e:06:66:02:dd:07:19:a4:6c:44:4b:57:
                    9d:b7:98:c0:67:29:ab:00:ff:29:8c:10:db:29:d5:
                    9f:22:97:a5:b9:a0:fa:91:af:61:6f:b7:6b:fb:d0:
                    e1:0a:f9:7d:df:eb:1d:3f:8a:47:9a:1f:28:3d:de:
                    c2:6f:18:61:db:76:aa:10:26:27:26:c4:36:e4:9f:
                    b8:06:d4:44:9d:6a:b1:16:93:5c:52:78:17:55:21:
                    29:4f:95:ea:4a:6a:75:64:fc:c4:95:c5:30:64:54:
                    b8:8a:c7:8d:80:40:c6:b7:ab:98:3a:2a:8d:12:d0:
                    7e:03:0c:57:c0:25:58:be:ae:f2:a0:ff:19:d9:c7:
                    3b:99:69:74:27:39:42:79:95:b1:d1:3f:bf:e0:99:
                    c7:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:4B:41:58:5D:58:71:0E:CD:4B:E4:0C:A7:12:64:09:0A:6A:81:78
            X509v3 Authority Key Identifier:
                keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:20:1f:a8:a5:d9:69:bb:81:6a:12:b9:1c:b6:8c:99:1c:aa:
         99:8e:d9:31:b0:15:df:a5:30:8c:68:6b:48:70:ac:12:f9:60:
         99:70:21:57:ea:78:26:40:8a:30:59:d1:a1:1e:74:69:83:52:
         ca:33:88:60:f8:13:35:5a:d2:67:a0:2b:d5:cb:56:e5:61:7f:
         b5:7d:d0:ad:36:0f:f2:03:3a:43:ed:9d:1e:44:2b:fa:1e:a9:
         47:ea:7b:3a:33:36:c0:00:de:bb:70:f0:cb:ac:a6:75:59:fb:
         04:1d:90:48:ee:30:ec:be:5f:6d:2c:f7:52:b3:5d:48:03:76:
         f4:e4:7c:4b:f7:c6:c4:b5:00:c8:fe:91:79:ba:d8:2e:77:6d:
         b6:4d:81:48:8b:bd:59:25:8d:53:4c:9b:c8:bd:a0:6e:6f:a6:
         60:30:64:f5:f1:47:70:65:d4:8e:84:59:7b:e5:c1:14:b3:b6:
         c3:4c:14:b2:ca:0a:0c:f1:e9:05:bd:e3:79:97:4f:bd:ef:bb:
         10:17:e3:7b:c2:e1:39:d5:71:c4:18:81:47:00:85:44:9c:4c:
         30:2c:23:55:bb:27:bf:31:f9:d3:83:90:35:16:2f:ff:73:e0:
         11:a6:e4:d9:54:2c:15:9a:79:fe:e3:2a:97:52:48:cd:1e:4c:
         d1:59:fd:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHQmWIqtYjYD2D0rbYMinAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjUwNjA2MjIwMDIzWhcNMjUwNjA3MjIwMDIzWjAzMTEwLwYDVQQD
EygxNDRiNDE1ODVkNTg3MTBlY2Q0YmU0MGNhNzEyNjQwOTBhNmE4MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXdUESZUkbRHU5U6GiCJFiYTlsf6
BgIuVHE01A4HtRGTfbRZP4UZvmqepAxBodepCPUWdcOdxLL6V63xkrw2eq57zEul
aMID9IUYrR6u/hZAYqzuFti5NdSpamlg6Kf6sLw6jKzzuehOJvMuBmYC3QcZpGxE
S1edt5jAZymrAP8pjBDbKdWfIpeluaD6ka9hb7dr+9DhCvl93+sdP4pHmh8oPd7C
bxhh23aqECYnJsQ25J+4BtREnWqxFpNcUngXVSEpT5XqSmp1ZPzElcUwZFS4iseN
gEDGt6uYOiqNEtB+AwxXwCVYvq7yoP8Z2cc7mWl0JzlCeZWx0T+/4JnHjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBRLQVhdWHEOzUvkDKcSZAkKaoF4MB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFiAfqKXZ
abuBahK5HLaMmRyqmY7ZMbAV36UwjGhrSHCsEvlgmXAhV+p4JkCKMFnRoR50aYNS
yjOIYPgTNVrSZ6Ar1ctW5WF/tX3QrTYP8gM6Q+2dHkQr+h6pR+p7OjM2wADeu3Dw
y6ymdVn7BB2QSO4w7L5fbSz3UrNdSAN29OR8S/fGxLUAyP6RebrYLndttk2BSIu9
WSWNU0ybyL2gbm+mYDBk9fFHcGXUjoRZe+XBFLO2w0wUssoKDPHpBb3jeZdPve+7
EBfje8LhOdVxxBiBRwCFRJxMMCwjVbsnvzH504OQNRYv/3PgEabk2VQsFZp5/uMq
l1JIzR5M0Vn9ag==
-----END CERTIFICATE-----