Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
File:                     kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft (raw, json)
Hash identifier:          XWsOCwAVi/2zyU6qbCbcXIWYEw53EF36MLrxsyIQ7bM=
Subject key identifier:   A1:96:C2:20:DC:5D:52:3D:1F:98:5B:D4:34:A7:EA:73:0C:18:0F:B8
Authority key identifier: 90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D
Certificate issuer:       /CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
Certificate serial:       0197469E710F5A9AFF9269914864A31BDEB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
Manifest number:          06CB
Signing time:             Fri 06 Jun 2025 19:01:17 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:17 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:17 +0000
Files and hashes:         1: kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl (hash: 9rjqFFD5gBkaPmyMhOk7y1WY1y/Df0rD6zvksI4HIqY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:71:0f:5a:9a:ff:92:69:91:48:64:a3:1b:de:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
        Validity
            Not Before: Jun  6 19:01:17 2025 GMT
            Not After : Jun  7 19:01:17 2025 GMT
        Subject: CN=a196c220dc5d523d1f985bd434a7ea730c180fb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:db:99:ee:ad:cc:a3:d3:31:04:76:64:c3:f2:
                    22:a5:ad:74:50:9a:6c:c6:9c:5e:0f:84:63:8c:3e:
                    29:8f:ac:5f:27:5b:06:1d:f0:db:3d:76:a4:30:b5:
                    8f:47:a9:de:ea:e6:e9:a6:6b:81:d5:eb:16:53:73:
                    c9:66:0a:44:e7:83:e0:76:47:0a:ef:8b:b8:58:ff:
                    0c:ee:e3:7e:04:af:ec:65:98:ec:63:a8:be:d3:60:
                    3f:10:56:67:71:78:f9:9e:d9:0c:2c:11:8b:cf:f3:
                    57:54:05:17:56:58:87:94:6f:bc:ef:e4:83:f0:d4:
                    a1:21:c0:4d:7d:79:aa:b1:9a:82:e8:cb:e1:22:a5:
                    e0:8a:9f:a5:47:42:9c:6b:40:0b:4f:91:63:82:40:
                    f4:f0:8c:02:64:da:34:7c:68:d5:3d:c8:a9:e5:f9:
                    d8:51:d8:a8:56:a8:03:90:fc:c5:89:21:a1:82:9b:
                    0e:5a:8c:16:19:62:8b:61:b8:f0:32:f8:15:07:9d:
                    cd:c8:f2:fe:8b:1e:c4:83:05:e7:8b:54:ac:42:10:
                    02:98:93:b9:fc:34:94:95:d1:6b:1c:1e:ce:fd:eb:
                    82:dd:62:6b:8e:93:34:cf:53:67:94:78:d8:9f:19:
                    a0:bb:86:e0:3d:4b:53:73:72:2c:60:91:86:68:0c:
                    c0:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:96:C2:20:DC:5D:52:3D:1F:98:5B:D4:34:A7:EA:73:0C:18:0F:B8
            X509v3 Authority Key Identifier:
                keyid:90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:36:3c:5e:7e:e4:99:cf:3a:71:22:b6:bd:8d:4e:b6:94:43:
         6d:be:00:ba:60:fa:ad:16:a9:fa:7b:dc:a6:81:1d:44:83:80:
         0c:9a:86:4b:43:66:ca:c6:00:e1:3a:c1:7d:45:23:72:da:bf:
         9f:a5:11:ca:d2:d8:e8:cb:69:09:24:1d:54:1f:74:24:b2:31:
         3c:73:0d:f2:23:e9:c1:00:fd:b6:1d:34:90:38:26:34:dc:19:
         a9:2b:67:dc:e5:01:f6:c3:f8:8e:c3:e2:2d:8d:be:c9:30:87:
         bb:d2:e8:b2:c5:e6:cf:23:ae:69:4c:72:04:2e:73:74:0b:f3:
         e2:2b:0a:3b:35:ef:6a:11:45:4f:1c:4a:2a:9f:23:ee:2a:39:
         9d:6b:33:ec:ce:e2:04:b9:6f:ab:0f:fe:bb:62:9e:2a:86:60:
         a1:f6:f2:46:8b:b7:13:c8:22:d3:c1:08:e6:2c:55:d6:86:a7:
         32:11:36:39:49:77:51:a5:40:1b:ff:6b:65:68:b8:17:7a:34:
         2e:36:18:b4:a2:b7:36:6b:39:24:25:21:6c:aa:85:b1:75:43:
         6f:5f:98:4b:5e:50:4f:0c:15:60:65:1d:45:9b:49:45:36:d2:
         ff:62:03:12:85:04:39:92:c8:1b:b0:88:50:fc:34:ba:1d:af:
         06:0a:31:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnnEPWpr/kmmRSGSjG965MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjU5MjhjNzUyYWQ5YTA4Y2ZlYjFiODhmNDYzYzNjMGRk
MmU4NWQwHhcNMjUwNjA2MTkwMTE3WhcNMjUwNjA3MTkwMTE3WjAzMTEwLwYDVQQD
EyhhMTk2YzIyMGRjNWQ1MjNkMWY5ODViZDQzNGE3ZWE3MzBjMTgwZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09uZ7q3Mo9MxBHZkw/Iipa10UJps
xpxeD4RjjD4pj6xfJ1sGHfDbPXakMLWPR6ne6ubppmuB1esWU3PJZgpE54PgdkcK
74u4WP8M7uN+BK/sZZjsY6i+02A/EFZncXj5ntkMLBGLz/NXVAUXVliHlG+87+SD
8NShIcBNfXmqsZqC6MvhIqXgip+lR0Kca0ALT5FjgkD08IwCZNo0fGjVPcip5fnY
UdioVqgDkPzFiSGhgpsOWowWGWKLYbjwMvgVB53NyPL+ix7EgwXni1SsQhACmJO5
/DSUldFrHB7O/euC3WJrjpM0z1NnlHjYnxmgu4bgPUtTc3IsYJGGaAzACQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGWwiDcXVI9H5hb1DSn6nMMGA+4MB8GA1UdIwQY
MBaAFJD1kox1KtmgjP6xuI9GPDwN0uhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYt
MDRhNmNkODE2YTAzLzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYtMDRhNmNkODE2YTAz
LzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQjY8Xn7k
mc86cSK2vY1OtpRDbb4AumD6rRap+nvcpoEdRIOADJqGS0NmysYA4TrBfUUjctq/
n6URytLY6MtpCSQdVB90JLIxPHMN8iPpwQD9th00kDgmNNwZqStn3OUB9sP4jsPi
LY2+yTCHu9LossXmzyOuaUxyBC5zdAvz4isKOzXvahFFTxxKKp8j7io5nWsz7M7i
BLlvqw/+u2KeKoZgofbyRou3E8gi08EI5ixV1oanMhE2OUl3UaVAG/9rZWi4F3o0
LjYYtKK3Nms5JCUhbKqFsXVDb1+YS15QTwwVYGUdRZtJRTbS/2IDEoUEOZLIG7CI
UPw0uh2vBgoxWQ==
-----END CERTIFICATE-----