Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
File:                     KpTH34VXtlNEfD4G-0s3LVEgoiI.mft (raw, json)
Hash identifier:          M07k20xTMG8rpu3ovIq1j0Qtu5ps0+ExxP60zj9TDT8=
Subject key identifier:   08:5B:B3:94:72:9F:E8:11:33:5B:A2:0B:97:D0:35:CA:E8:46:4C:6A
Authority key identifier: 2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22
Certificate issuer:       /CN=2a94c7df8557b653447c3e06fb4b372d5120a222
Certificate serial:       0196A46579092ED18C894C02142046FCFBE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
Manifest number:          1524
Signing time:             Tue 06 May 2025 07:00:35 +0000
Manifest this update:     Tue 06 May 2025 07:00:35 +0000
Manifest next update:     Wed 07 May 2025 07:00:35 +0000
Files and hashes:         1: KpTH34VXtlNEfD4G-0s3LVEgoiI.crl (hash: dtKsB50G7qcwGvkuz/hytalUiGj1qOovq2BN884p+jg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 07:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:65:79:09:2e:d1:8c:89:4c:02:14:20:46:fc:fb:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94c7df8557b653447c3e06fb4b372d5120a222
        Validity
            Not Before: May  6 07:00:35 2025 GMT
            Not After : May  7 07:00:35 2025 GMT
        Subject: CN=085bb394729fe811335ba20b97d035cae8464c6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:76:72:22:f4:1e:e5:b3:bf:fa:f0:b2:c3:42:
                    55:b6:f7:9c:35:50:75:38:ee:71:a8:88:66:58:bf:
                    ad:36:f0:06:2c:da:62:f3:07:e8:f3:e2:af:4f:04:
                    d9:b1:68:b7:6b:31:00:17:b2:36:55:24:2f:28:44:
                    e1:dc:ff:e9:d2:e8:cd:63:54:72:c3:f7:f6:80:cc:
                    71:10:56:e5:dd:2f:bb:e1:03:87:d0:8e:73:0e:09:
                    48:0f:aa:f5:5b:ed:14:14:f2:f5:39:aa:8d:0c:96:
                    65:41:75:88:09:83:59:a0:54:bf:d4:28:c5:39:00:
                    fd:26:e3:e5:9f:c1:6f:df:7f:b0:92:eb:03:e4:2d:
                    98:c6:41:b6:d6:59:22:39:68:2f:0f:8b:d2:0c:54:
                    45:be:d5:66:9d:2d:56:69:5b:95:21:06:f4:ef:7a:
                    92:f4:b7:9c:70:41:44:0e:c1:ed:d4:cd:ca:4c:9f:
                    64:84:c2:db:e2:ca:f6:a2:2e:cc:f5:c3:fa:13:90:
                    2f:b7:c4:27:e4:ed:a7:11:92:97:86:31:b5:25:26:
                    14:a8:62:db:0f:7b:33:cb:25:58:66:c3:41:c5:2e:
                    be:a8:57:a2:a8:58:18:72:d4:5f:25:a8:d5:a4:91:
                    54:ea:ea:8c:d1:15:4a:40:ac:ac:2b:d2:f3:18:de:
                    8c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:5B:B3:94:72:9F:E8:11:33:5B:A2:0B:97:D0:35:CA:E8:46:4C:6A
            X509v3 Authority Key Identifier:
                keyid:2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:c6:e7:06:1f:a1:2a:3a:36:80:1a:55:0a:4d:aa:af:85:aa:
         75:5f:38:56:78:f2:02:31:0d:e5:c4:bb:e0:1b:ee:eb:bd:4c:
         02:a3:44:95:d0:fb:46:4a:6e:c0:fa:c0:bd:bc:95:b5:86:1a:
         cb:ec:62:a0:f3:ba:37:70:5c:d2:90:8b:b2:de:3b:64:cb:e5:
         a2:e1:86:b5:25:03:ab:8e:1a:fa:b0:c9:0e:75:7b:7b:9e:70:
         44:a1:6f:bc:58:a9:4e:c0:f5:df:5b:dc:5c:50:43:2c:60:56:
         80:10:4e:52:52:9f:37:67:14:b6:33:91:d4:72:dc:27:43:27:
         47:58:e5:07:93:55:ea:44:c7:e9:f0:1b:f1:d9:e9:2d:b0:cb:
         45:4a:6b:6b:44:04:f3:bb:32:73:3b:2e:41:80:44:83:b1:78:
         3f:bf:b6:7c:8b:0c:4f:2b:9e:75:4e:c8:09:35:a1:cb:eb:47:
         76:47:3b:f8:f6:51:7a:0d:c5:f0:3c:75:82:71:c9:f2:e1:61:
         a0:dc:89:a7:9f:18:a7:54:8a:cd:54:8b:32:55:42:8c:82:7d:
         52:ad:7d:1f:39:cc:03:fc:da:ea:6f:a2:62:a4:d8:ee:41:25:
         6c:ee:fd:9a:fa:b6:c0:99:9d:f3:7d:82:57:c9:68:8c:d5:81:
         99:4f:47:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZakZXkJLtGMiUwCFCBG/PvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRjN2RmODU1N2I2NTM0NDdjM2UwNmZiNGIzNzJkNTEy
MGEyMjIwHhcNMjUwNTA2MDcwMDM1WhcNMjUwNTA3MDcwMDM1WjAzMTEwLwYDVQQD
EygwODViYjM5NDcyOWZlODExMzM1YmEyMGI5N2QwMzVjYWU4NDY0YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXZyIvQe5bO/+vCyw0JVtvecNVB1
OO5xqIhmWL+tNvAGLNpi8wfo8+KvTwTZsWi3azEAF7I2VSQvKETh3P/p0ujNY1Ry
w/f2gMxxEFbl3S+74QOH0I5zDglID6r1W+0UFPL1OaqNDJZlQXWICYNZoFS/1CjF
OQD9JuPln8Fv33+wkusD5C2YxkG21lkiOWgvD4vSDFRFvtVmnS1WaVuVIQb073qS
9LeccEFEDsHt1M3KTJ9khMLb4sr2oi7M9cP6E5Avt8Qn5O2nEZKXhjG1JSYUqGLb
D3szyyVYZsNBxS6+qFeiqFgYctRfJajVpJFU6uqM0RVKQKysK9LzGN6MpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhbs5Ryn+gRM1uiC5fQNcroRkxqMB8GA1UdIwQY
MBaAFCqUx9+FV7ZTRHw+BvtLNy1RIKIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMt
NTUxOGIwZTg2NTY2LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMtNTUxOGIwZTg2NTY2
LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM8bnBh+h
Kjo2gBpVCk2qr4WqdV84VnjyAjEN5cS74Bvu671MAqNEldD7RkpuwPrAvbyVtYYa
y+xioPO6N3Bc0pCLst47ZMvlouGGtSUDq44a+rDJDnV7e55wRKFvvFipTsD131vc
XFBDLGBWgBBOUlKfN2cUtjOR1HLcJ0MnR1jlB5NV6kTH6fAb8dnpLbDLRUpra0QE
87syczsuQYBEg7F4P7+2fIsMTyuedU7ICTWhy+tHdkc7+PZReg3F8Dx1gnHJ8uFh
oNyJp58Yp1SKzVSLMlVCjIJ9Uq19HznMA/za6m+iYqTY7kElbO79mvq2wJmd832C
V8lojNWBmU9HkQ==
-----END CERTIFICATE-----