Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
File:                     kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft (raw, json)
Hash identifier:          qH9buvCYRCDtBMv4woK3JENwstt82niyFr+cJxMvotY=
Subject key identifier:   50:EA:35:3A:1D:BF:0C:EC:06:CA:BF:1F:EB:BB:85:9E:8B:6D:6D:99
Authority key identifier: 90:7D:17:81:C2:8A:02:74:1E:A7:A6:3A:CE:3A:95:31:7E:EB:8B:7C
Certificate issuer:       /CN=907d1781c28a02741ea7a63ace3a95317eeb8b7c
Certificate serial:       0197B745740B7946A4B488D906B58BD6E86A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
Manifest number:          054C
Signing time:             Sat 28 Jun 2025 16:01:11 +0000
Manifest this update:     Sat 28 Jun 2025 16:01:11 +0000
Manifest next update:     Sun 29 Jun 2025 16:01:11 +0000
Files and hashes:         1: kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl (hash: LqBQNzn6s4nTlNjmpCp9lCsnqzwSy7x5mhJXpOjHjKU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:74:0b:79:46:a4:b4:88:d9:06:b5:8b:d6:e8:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907d1781c28a02741ea7a63ace3a95317eeb8b7c
        Validity
            Not Before: Jun 28 16:01:11 2025 GMT
            Not After : Jun 29 16:01:11 2025 GMT
        Subject: CN=50ea353a1dbf0cec06cabf1febbb859e8b6d6d99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:ff:d0:cf:5a:11:15:f3:97:8f:45:54:02:d7:
                    d4:99:98:1f:78:a9:f8:75:14:9f:ed:c8:d9:31:8c:
                    0c:f9:c8:ec:67:32:60:79:54:98:5d:23:57:a2:14:
                    d2:b9:98:77:ae:f7:72:aa:a6:59:0a:eb:8a:fd:b3:
                    3b:c6:37:58:f6:7b:0d:9e:49:64:40:ac:91:9d:ed:
                    dc:84:8b:45:19:f4:54:81:1e:14:c1:54:6d:db:2c:
                    91:4d:c8:be:e9:1f:65:36:eb:3e:34:69:76:71:75:
                    1f:ea:6b:07:ad:7b:75:e0:6a:bc:b3:d2:fd:bd:9d:
                    a4:81:9c:9a:25:a0:24:5d:28:97:db:bc:30:b7:26:
                    ab:d7:82:d7:06:eb:8e:5b:7b:87:2c:09:07:fa:7e:
                    1f:7c:93:62:4e:e0:74:1c:b3:e5:a8:e1:0e:3f:db:
                    16:8f:9d:b1:b2:3b:0a:41:f5:3a:41:30:16:1a:4e:
                    0d:f4:c7:c5:ed:c5:cf:65:5b:2b:d6:9d:f8:77:8f:
                    f1:5d:46:f3:72:ca:da:9a:43:37:1b:36:4a:ba:4a:
                    f3:c1:12:a0:9a:71:25:df:2c:4c:d4:6d:dc:98:f9:
                    d3:0c:3b:e1:a6:69:2e:c0:00:ce:57:c1:1d:78:e7:
                    a3:1b:40:c6:3e:72:0c:27:f8:be:25:64:96:37:71:
                    6c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:EA:35:3A:1D:BF:0C:EC:06:CA:BF:1F:EB:BB:85:9E:8B:6D:6D:99
            X509v3 Authority Key Identifier:
                keyid:90:7D:17:81:C2:8A:02:74:1E:A7:A6:3A:CE:3A:95:31:7E:EB:8B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:e8:09:86:9b:0e:fc:f4:0f:72:49:e6:45:3a:d0:9a:1f:67:
         de:2e:9f:8f:c9:63:95:74:b2:f3:ab:78:d7:7f:78:85:72:80:
         33:af:ad:71:35:c7:a7:a6:a1:04:05:fd:0f:1c:dd:6a:57:38:
         f4:d6:60:14:80:d4:aa:56:63:ac:0a:38:5d:54:0e:bc:e1:72:
         48:5c:b4:01:77:c0:cb:44:e3:a5:c0:7c:a4:9b:c9:ce:bc:c0:
         c0:5a:26:32:86:31:ec:f1:cf:45:48:d0:d3:75:8f:e2:f2:38:
         24:1d:83:89:4d:e0:90:e3:9c:65:5a:48:27:e0:2d:f6:1f:6e:
         6f:72:69:37:94:92:bb:6f:0b:54:71:9a:56:db:d2:17:7f:90:
         8e:85:74:44:cb:a4:86:4b:7f:35:10:06:4a:e7:9f:15:fb:16:
         41:a7:a1:6c:61:4a:e1:6d:f3:32:37:30:8b:31:d2:70:24:fc:
         85:71:7d:4c:d6:4a:e8:99:ac:61:1f:e9:36:05:d5:59:e4:e5:
         2d:79:67:b0:e6:0c:34:89:d8:6e:35:d5:8a:80:d5:8f:f8:96:
         72:00:fb:9d:fd:b0:bf:3a:e6:c0:6a:a4:fc:26:8a:1e:1f:1f:
         b0:d1:25:30:97:9b:1d:dc:89:fc:b3:34:96:40:f7:a0:0c:61:
         ed:30:45:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RXQLeUaktIjZBrWL1uhqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2QxNzgxYzI4YTAyNzQxZWE3YTYzYWNlM2E5NTMxN2Vl
YjhiN2MwHhcNMjUwNjI4MTYwMTExWhcNMjUwNjI5MTYwMTExWjAzMTEwLwYDVQQD
Eyg1MGVhMzUzYTFkYmYwY2VjMDZjYWJmMWZlYmJiODU5ZThiNmQ2ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf/Qz1oRFfOXj0VUAtfUmZgfeKn4
dRSf7cjZMYwM+cjsZzJgeVSYXSNXohTSuZh3rvdyqqZZCuuK/bM7xjdY9nsNnklk
QKyRne3chItFGfRUgR4UwVRt2yyRTci+6R9lNus+NGl2cXUf6msHrXt14Gq8s9L9
vZ2kgZyaJaAkXSiX27wwtyar14LXBuuOW3uHLAkH+n4ffJNiTuB0HLPlqOEOP9sW
j52xsjsKQfU6QTAWGk4N9MfF7cXPZVsr1p34d4/xXUbzcsramkM3GzZKukrzwRKg
mnEl3yxM1G3cmPnTDDvhpmkuwADOV8EdeOejG0DGPnIMJ/i+JWSWN3FsswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFDqNTodvwzsBsq/H+u7hZ6LbW2ZMB8GA1UdIwQY
MBaAFJB9F4HCigJ0HqemOs46lTF+64t8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC84MThmNmEtN2UwYS00YTAwLTk1NmUt
MmQ5OTNmZjAzMWJlLzEva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC84MThmNmEtN2UwYS00YTAwLTk1NmUtMmQ5OTNmZjAzMWJl
LzEva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQOgJhpsO
/PQPcknmRTrQmh9n3i6fj8ljlXSy86t41394hXKAM6+tcTXHp6ahBAX9Dxzdalc4
9NZgFIDUqlZjrAo4XVQOvOFySFy0AXfAy0TjpcB8pJvJzrzAwFomMoYx7PHPRUjQ
03WP4vI4JB2DiU3gkOOcZVpIJ+At9h9ub3JpN5SSu28LVHGaVtvSF3+QjoV0RMuk
hkt/NRAGSuefFfsWQaehbGFK4W3zMjcwizHScCT8hXF9TNZK6JmsYR/pNgXVWeTl
LXlnsOYMNInYbjXVioDVj/iWcgD7nf2wvzrmwGqk/CaKHh8fsNElMJebHdyJ/LM0
lkD3oAxh7TBFkw==
-----END CERTIFICATE-----