Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
File:                     kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft (raw, json)
Hash identifier:          S3FsSoweuPObv7TTvbHQKdduq01lQ5F6CSsFmFoCnCI=
Subject key identifier:   61:19:9A:BD:41:CE:AD:1F:88:E6:7E:BF:9F:FF:EF:2F:1E:45:4D:4E
Authority key identifier: 90:7D:17:81:C2:8A:02:74:1E:A7:A6:3A:CE:3A:95:31:7E:EB:8B:7C
Certificate issuer:       /CN=907d1781c28a02741ea7a63ace3a95317eeb8b7c
Certificate serial:       0196BE25A214F8B3EB64A1FB043605FDD824
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
Manifest number:          04CB
Signing time:             Sun 11 May 2025 07:00:59 +0000
Manifest this update:     Sun 11 May 2025 07:00:59 +0000
Manifest next update:     Mon 12 May 2025 07:00:59 +0000
Files and hashes:         1: kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl (hash: ABZknyh1E04ASXPDJ07SxP6A+tT9nz31WFkglo6xqWI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:25:a2:14:f8:b3:eb:64:a1:fb:04:36:05:fd:d8:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907d1781c28a02741ea7a63ace3a95317eeb8b7c
        Validity
            Not Before: May 11 07:00:59 2025 GMT
            Not After : May 12 07:00:59 2025 GMT
        Subject: CN=61199abd41cead1f88e67ebf9fffef2f1e454d4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:cb:5f:af:5d:fb:5a:95:82:dc:09:77:d4:0b:
                    3c:c1:8d:c2:8c:7a:60:dc:b4:3c:63:b7:66:4c:d4:
                    50:8d:2a:22:3f:3e:d1:27:f1:44:e2:cb:2d:9b:d4:
                    e6:f1:68:36:0f:75:da:4f:5c:e0:70:1c:89:ac:71:
                    57:c8:21:8b:d7:00:e4:f6:12:21:46:2f:0b:ea:72:
                    0e:58:c6:38:90:1a:2c:fd:29:b6:ea:9a:db:11:03:
                    fc:15:67:5d:8f:d9:5d:18:35:5a:97:19:f0:5b:90:
                    1e:b4:94:89:fb:98:68:30:da:7e:48:85:c8:0f:98:
                    a5:ce:2e:b1:a0:87:db:8f:50:41:c7:9f:ff:9a:7d:
                    d0:1a:86:52:7a:95:83:a8:0f:64:9a:0d:95:ed:ac:
                    55:ae:14:ea:44:d0:43:87:84:99:ab:3e:b2:75:b7:
                    22:a7:d6:e3:a3:8d:8a:50:2e:d1:bd:28:59:79:fc:
                    56:96:19:33:a0:c4:20:67:a9:0a:1c:df:bf:31:ae:
                    9f:80:47:ab:f4:2e:52:cd:f9:af:5e:d7:a2:23:8f:
                    2e:97:05:78:a7:e8:d6:53:84:c0:62:15:7b:b5:02:
                    cb:d5:45:90:cd:c6:4a:ee:12:4a:48:e0:30:8d:74:
                    f5:89:d0:50:42:30:39:6c:5d:ab:70:e2:07:64:44:
                    71:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:19:9A:BD:41:CE:AD:1F:88:E6:7E:BF:9F:FF:EF:2F:1E:45:4D:4E
            X509v3 Authority Key Identifier:
                keyid:90:7D:17:81:C2:8A:02:74:1E:A7:A6:3A:CE:3A:95:31:7E:EB:8B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kH0XgcKKAnQep6Y6zjqVMX7ri3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/818f6a-7e0a-4a00-956e-2d993ff031be/1/kH0XgcKKAnQep6Y6zjqVMX7ri3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:7d:c2:5b:3e:a5:8a:32:97:b0:b7:f8:3d:e6:f1:0f:5a:8b:
         9b:53:61:12:fa:ce:22:f9:dc:55:5d:23:d2:ce:05:a7:8f:ac:
         0e:0a:4d:34:2b:ef:38:ea:ff:da:c2:e8:15:d4:1c:4c:08:34:
         c7:01:e5:fa:9d:58:6d:52:28:59:6d:db:b1:60:01:9e:2f:4d:
         48:3c:db:cd:dd:fd:0d:e3:65:09:a9:d4:f4:cf:a7:5f:f6:c1:
         ff:2c:f9:4d:be:6a:94:10:89:01:b7:ea:28:0e:75:d3:81:12:
         a3:f0:79:74:11:74:bc:14:eb:6f:0c:f4:e3:17:ce:1c:6f:be:
         19:96:5a:07:0d:a1:a4:1a:21:d9:3a:2b:a5:cc:39:7f:fc:c4:
         ea:78:a9:a7:ea:b4:03:d7:cb:4f:6d:12:7f:44:67:9d:b9:df:
         e8:d6:cd:16:7d:03:9a:cd:ee:d6:8b:6c:79:e0:95:0c:a7:42:
         4a:3c:42:36:fd:85:01:4f:ae:26:f2:76:e6:59:b4:14:82:06:
         32:5f:66:ca:47:d3:2b:59:b8:2b:b0:2c:9f:6f:78:e4:a3:de:
         88:ab:2b:94:ec:0c:dc:bb:ad:31:14:98:82:9d:b5:1a:8c:27:
         b5:00:1b:4f:09:7c:fa:d3:d6:ab:6c:e4:91:22:90:fc:43:a7:
         9e:16:24:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+JaIU+LPrZKH7BDYF/dgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2QxNzgxYzI4YTAyNzQxZWE3YTYzYWNlM2E5NTMxN2Vl
YjhiN2MwHhcNMjUwNTExMDcwMDU5WhcNMjUwNTEyMDcwMDU5WjAzMTEwLwYDVQQD
Eyg2MTE5OWFiZDQxY2VhZDFmODhlNjdlYmY5ZmZmZWYyZjFlNDU0ZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMtfr137WpWC3Al31As8wY3CjHpg
3LQ8Y7dmTNRQjSoiPz7RJ/FE4sstm9Tm8Wg2D3XaT1zgcByJrHFXyCGL1wDk9hIh
Ri8L6nIOWMY4kBos/Sm26prbEQP8FWddj9ldGDValxnwW5AetJSJ+5hoMNp+SIXI
D5ilzi6xoIfbj1BBx5//mn3QGoZSepWDqA9kmg2V7axVrhTqRNBDh4SZqz6ydbci
p9bjo42KUC7RvShZefxWlhkzoMQgZ6kKHN+/Ma6fgEer9C5SzfmvXteiI48ulwV4
p+jWU4TAYhV7tQLL1UWQzcZK7hJKSOAwjXT1idBQQjA5bF2rcOIHZERxmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGEZmr1Bzq0fiOZ+v5//7y8eRU1OMB8GA1UdIwQY
MBaAFJB9F4HCigJ0HqemOs46lTF+64t8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC84MThmNmEtN2UwYS00YTAwLTk1NmUt
MmQ5OTNmZjAzMWJlLzEva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC84MThmNmEtN2UwYS00YTAwLTk1NmUtMmQ5OTNmZjAzMWJl
LzEva0gwWGdjS0tBblFlcDZZNnpqcVZNWDdyaTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb33CWz6l
ijKXsLf4PebxD1qLm1NhEvrOIvncVV0j0s4Fp4+sDgpNNCvvOOr/2sLoFdQcTAg0
xwHl+p1YbVIoWW3bsWABni9NSDzbzd39DeNlCanU9M+nX/bB/yz5Tb5qlBCJAbfq
KA5104ESo/B5dBF0vBTrbwz04xfOHG++GZZaBw2hpBoh2Torpcw5f/zE6nipp+q0
A9fLT20Sf0Rnnbnf6NbNFn0Dms3u1otseeCVDKdCSjxCNv2FAU+uJvJ25lm0FIIG
Ml9mykfTK1m4K7Asn2945KPeiKsrlOwM3LutMRSYgp21GowntQAbTwl8+tPWq2zk
kSKQ/EOnnhYkqQ==
-----END CERTIFICATE-----