Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          GOyt5e192ksZFOgGYHKrLuPuiedPbWaT7wScWjbP2xc=
Subject key identifier:   FA:B2:73:10:02:83:F4:D5:D6:BF:79:84:8A:86:F9:43:59:4C:8F:3B
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       0196BD812A368A3A227F5380FFCB4F8918E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          107F
Signing time:             Sun 11 May 2025 04:01:20 +0000
Manifest this update:     Sun 11 May 2025 04:01:20 +0000
Manifest next update:     Mon 12 May 2025 04:01:20 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: 0H7fDa3Ubvw8NxfcnygqccuEzEqXCmsWMWLkxQnbA34=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 04:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:81:2a:36:8a:3a:22:7f:53:80:ff:cb:4f:89:18:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: May 11 04:01:20 2025 GMT
            Not After : May 12 04:01:20 2025 GMT
        Subject: CN=fab273100283f4d5d6bf79848a86f943594c8f3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:62:94:b0:d5:ac:3e:a3:3f:15:c1:16:b9:f6:
                    b6:f1:a7:34:16:19:c2:41:b1:75:ad:90:cf:5d:a9:
                    15:e4:59:c2:35:0a:69:c2:18:12:10:07:32:c4:0f:
                    30:ae:fb:44:31:27:7b:04:32:d5:79:38:c9:04:57:
                    25:39:ab:fd:5a:f0:fa:79:f4:b9:c9:b8:18:6e:67:
                    16:9d:fe:05:e0:10:d5:6c:30:b4:65:59:97:61:1c:
                    d5:85:8a:44:a1:79:ad:8f:cb:d8:c3:9f:4c:12:53:
                    3b:fa:09:48:7c:39:6b:90:5b:f0:1c:c0:ac:d5:1d:
                    15:bf:18:48:e5:d2:fd:01:fa:75:b4:da:47:16:4a:
                    73:22:0d:4f:e9:90:cc:f3:0e:53:70:9f:03:68:7a:
                    e6:3a:52:7e:b8:f8:9c:d7:78:66:b9:ab:48:ff:2c:
                    c0:bd:0f:a3:0b:b3:c0:2b:5f:29:06:7f:a2:e4:97:
                    25:5f:35:5c:bd:63:7f:25:87:6a:8d:a5:c7:ea:7f:
                    53:45:89:49:e0:12:82:2d:61:96:5f:51:69:27:af:
                    32:5f:df:43:4f:36:14:61:ff:0d:67:65:68:83:c2:
                    b1:17:7c:f1:03:d6:0e:32:ba:ba:13:7e:65:d5:9b:
                    bd:3c:9c:23:ec:ea:6e:e1:cb:80:55:b1:97:c2:ec:
                    9a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:B2:73:10:02:83:F4:D5:D6:BF:79:84:8A:86:F9:43:59:4C:8F:3B
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:f2:29:1e:63:bf:02:9a:19:2f:d0:ba:80:d1:aa:b5:28:a7:
         f1:07:2c:a6:08:2e:56:26:c4:3f:92:1e:d2:5d:54:79:34:4a:
         10:22:50:aa:16:82:c8:04:2a:72:41:47:0f:f1:7e:e2:eb:7c:
         0c:79:b0:7e:b7:cc:28:0f:04:06:a6:f7:46:e4:46:05:99:65:
         f9:de:4d:3c:f5:c0:63:5c:ec:79:15:69:a8:9a:a8:f9:40:33:
         5e:a7:32:53:83:0e:00:64:7c:d7:9e:ee:f5:dc:b8:6c:75:ae:
         08:50:fd:85:4c:50:eb:68:5d:69:b0:47:df:8d:9a:c6:6e:55:
         99:4a:03:c6:20:5d:d4:cf:54:0e:e4:3c:92:14:56:bd:1a:67:
         b9:f0:90:d6:4a:b4:33:76:a6:46:b9:8e:2c:0c:26:b8:2e:68:
         f7:c9:63:3a:9e:0e:77:89:32:dd:1b:e6:71:07:28:cf:89:88:
         e8:f9:78:f6:61:df:94:63:af:06:62:53:e8:a7:72:12:80:d6:
         fa:c0:9f:46:57:f0:59:b7:15:28:86:55:ba:3a:b5:ca:f0:af:
         59:09:65:bb:0e:22:0a:6b:7a:56:7f:0b:6c:00:46:67:f0:a5:
         90:0d:c2:0a:eb:86:99:0c:95:db:c6:4d:40:91:47:aa:64:45:
         5d:8b:cf:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gSo2ijoif1OA/8tPiRjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjUwNTExMDQwMTIwWhcNMjUwNTEyMDQwMTIwWjAzMTEwLwYDVQQD
EyhmYWIyNzMxMDAyODNmNGQ1ZDZiZjc5ODQ4YTg2Zjk0MzU5NGM4ZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmKUsNWsPqM/FcEWufa28ac0FhnC
QbF1rZDPXakV5FnCNQppwhgSEAcyxA8wrvtEMSd7BDLVeTjJBFclOav9WvD6efS5
ybgYbmcWnf4F4BDVbDC0ZVmXYRzVhYpEoXmtj8vYw59MElM7+glIfDlrkFvwHMCs
1R0VvxhI5dL9Afp1tNpHFkpzIg1P6ZDM8w5TcJ8DaHrmOlJ+uPic13hmuatI/yzA
vQ+jC7PAK18pBn+i5JclXzVcvWN/JYdqjaXH6n9TRYlJ4BKCLWGWX1FpJ68yX99D
TzYUYf8NZ2Vog8KxF3zxA9YOMrq6E35l1Zu9PJwj7Opu4cuAVbGXwuyaDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqycxACg/TV1r95hIqG+UNZTI87MB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiPIpHmO/
ApoZL9C6gNGqtSin8QcspgguVibEP5Ie0l1UeTRKECJQqhaCyAQqckFHD/F+4ut8
DHmwfrfMKA8EBqb3RuRGBZll+d5NPPXAY1zseRVpqJqo+UAzXqcyU4MOAGR8157u
9dy4bHWuCFD9hUxQ62hdabBH342axm5VmUoDxiBd1M9UDuQ8khRWvRpnufCQ1kq0
M3amRrmOLAwmuC5o98ljOp4Od4ky3RvmcQcoz4mI6Pl49mHflGOvBmJT6KdyEoDW
+sCfRlfwWbcVKIZVujq1yvCvWQlluw4iCmt6Vn8LbABGZ/ClkA3CCuuGmQyV28ZN
QJFHqmRFXYvPHg==
-----END CERTIFICATE-----