Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
File:                     kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json)
Hash identifier:          PymCbQ4JGDE06arLKrlF3UMoLQFYGhd0kgVT88MtgY0=
Subject key identifier:   99:6B:1B:6A:34:01:5B:AA:42:D5:84:BA:9F:63:FE:99:15:8C:F9:65
Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD
Certificate issuer:       /CN=917830d941ee090a8e32348f97b8308fd1ce09fd
Certificate serial:       0196A8AFC126E2C477410BDE9AD5770EF8CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
Manifest number:          0BA5
Signing time:             Wed 07 May 2025 03:00:12 +0000
Manifest this update:     Wed 07 May 2025 03:00:12 +0000
Manifest next update:     Thu 08 May 2025 03:00:12 +0000
Files and hashes:         1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: eNemwnzs2f9YWwcB6JymqxYc9LmKEufLkMtwA3zr74w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:af:c1:26:e2:c4:77:41:0b:de:9a:d5:77:0e:f8:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd
        Validity
            Not Before: May  7 03:00:12 2025 GMT
            Not After : May  8 03:00:12 2025 GMT
        Subject: CN=996b1b6a34015baa42d584ba9f63fe99158cf965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:90:d2:83:d9:9c:66:0f:d0:d6:73:b3:e2:65:
                    0f:09:94:85:a3:0c:dc:a0:c5:1a:e9:1e:84:8f:fd:
                    87:6b:bf:6b:39:15:42:cb:b4:67:65:77:90:4c:d8:
                    17:88:29:b0:a7:da:41:ad:75:da:7a:ca:15:53:68:
                    a0:14:32:1a:60:81:03:5a:6c:15:c0:8d:d3:09:69:
                    15:b7:89:d2:61:62:5a:b3:fd:5a:04:29:db:64:c4:
                    d3:74:7d:2e:23:73:d7:4c:f8:89:e7:c5:c1:d9:87:
                    d6:1c:6b:31:5b:e7:d5:de:b3:14:95:5c:91:12:f5:
                    6f:a8:92:f8:4d:ab:22:7d:85:75:d1:28:c3:3d:84:
                    00:33:33:d4:88:60:8b:69:51:64:84:b3:3b:ff:51:
                    20:71:b1:b6:ce:b9:c0:42:f8:74:8c:d2:41:45:c5:
                    88:33:d5:bc:84:5e:40:c7:8c:7d:de:0c:c9:b8:20:
                    43:b4:63:2c:76:1e:ee:3b:de:8f:87:b8:42:ed:5e:
                    95:ec:b9:63:2b:c3:db:21:0b:67:df:31:e2:e0:72:
                    43:f1:6a:9a:5d:7e:8b:ea:ff:95:59:8d:88:e0:18:
                    c2:1f:95:bd:79:54:10:f7:8d:3c:53:a8:a0:89:3b:
                    4b:77:cb:eb:4a:fd:7b:55:e2:cb:d7:ea:be:35:e5:
                    01:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:6B:1B:6A:34:01:5B:AA:42:D5:84:BA:9F:63:FE:99:15:8C:F9:65
            X509v3 Authority Key Identifier:
                keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:3d:9b:eb:0f:37:0a:59:30:50:64:7d:54:16:1f:e6:8c:1c:
         47:56:7c:6b:36:a3:c1:fb:aa:49:a7:ae:e5:18:80:dd:b7:3b:
         06:5b:94:28:08:d7:78:6f:99:d1:43:12:c1:af:7e:2c:10:82:
         7a:a5:b7:c0:8a:8f:ae:53:e2:71:3d:57:5c:df:a6:46:69:0c:
         54:26:c8:7b:70:f5:ff:b4:e1:b9:1e:8a:8e:c9:55:cd:ed:8d:
         a8:a3:9d:4b:4f:62:dc:98:de:0a:28:46:6d:9c:09:87:9c:bf:
         9d:df:ca:fd:9b:20:b4:be:a1:d1:15:87:ad:35:1a:f1:0a:75:
         b6:5b:e1:25:4d:af:d4:a9:51:90:50:61:c7:a0:16:4f:8a:d5:
         4c:13:cd:1d:4f:a0:ac:a7:52:19:e1:95:18:08:05:12:34:db:
         e8:55:39:67:c1:44:c2:2f:88:55:72:c1:e2:43:3a:23:5f:24:
         df:94:da:d4:92:b6:5f:c9:e3:a1:fc:51:50:49:fe:06:db:9b:
         04:61:ae:ab:29:22:b4:64:32:9b:d9:3e:ae:d9:ac:03:71:bf:
         14:56:28:95:a8:bd:7f:44:60:41:0e:61:32:fa:5d:75:9f:a8:
         3b:93:9d:c7:b9:f5:ed:6f:3f:c4:18:62:5f:21:bf:f0:3e:ea:
         d9:ad:ba:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaor8Em4sR3QQvemtV3DvjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj
ZTA5ZmQwHhcNMjUwNTA3MDMwMDEyWhcNMjUwNTA4MDMwMDEyWjAzMTEwLwYDVQQD
Eyg5OTZiMWI2YTM0MDE1YmFhNDJkNTg0YmE5ZjYzZmU5OTE1OGNmOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpDSg9mcZg/Q1nOz4mUPCZSFowzc
oMUa6R6Ej/2Ha79rORVCy7RnZXeQTNgXiCmwp9pBrXXaesoVU2igFDIaYIEDWmwV
wI3TCWkVt4nSYWJas/1aBCnbZMTTdH0uI3PXTPiJ58XB2YfWHGsxW+fV3rMUlVyR
EvVvqJL4TasifYV10SjDPYQAMzPUiGCLaVFkhLM7/1EgcbG2zrnAQvh0jNJBRcWI
M9W8hF5Ax4x93gzJuCBDtGMsdh7uO96Ph7hC7V6V7LljK8PbIQtn3zHi4HJD8Wqa
XX6L6v+VWY2I4BjCH5W9eVQQ9408U6igiTtLd8vrSv17VeLL1+q+NeUB7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlrG2o0AVuqQtWEup9j/pkVjPllMB8GA1UdIwQY
MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt
ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy
LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkD2b6w83
ClkwUGR9VBYf5owcR1Z8azajwfuqSaeu5RiA3bc7BluUKAjXeG+Z0UMSwa9+LBCC
eqW3wIqPrlPicT1XXN+mRmkMVCbIe3D1/7ThuR6KjslVze2NqKOdS09i3JjeCihG
bZwJh5y/nd/K/ZsgtL6h0RWHrTUa8Qp1tlvhJU2v1KlRkFBhx6AWT4rVTBPNHU+g
rKdSGeGVGAgFEjTb6FU5Z8FEwi+IVXLB4kM6I18k35Ta1JK2X8njofxRUEn+Btub
BGGuqykitGQym9k+rtmsA3G/FFYolai9f0RgQQ5hMvpddZ+oO5Odx7n17W8/xBhi
XyG/8D7q2a26ew==
-----END CERTIFICATE-----