Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          VjUhGLXSGmXtOObs9RatJk9hAHoeBlQNWCZ6vMjjSWE=
Subject key identifier:   59:26:6C:C2:06:82:2E:01:EA:2A:18:A8:13:01:43:5B:57:C8:AA:9F
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       0197C613884FAD072473C9ED9B79424F54C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0FD2
Signing time:             Tue 01 Jul 2025 13:00:58 +0000
Manifest this update:     Tue 01 Jul 2025 13:00:58 +0000
Manifest next update:     Wed 02 Jul 2025 13:00:58 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: 2kh0NOMJVaN0sp6YcbGs6WfsiYNjMXEdnUWFH53LYvc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 02 Jul 2025 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:c6:13:88:4f:ad:07:24:73:c9:ed:9b:79:42:4f:54:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jul  1 13:00:58 2025 GMT
            Not After : Jul  2 13:00:58 2025 GMT
        Subject: CN=59266cc206822e01ea2a18a81301435b57c8aa9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:a8:a0:7b:c6:8f:69:46:63:57:52:12:1d:80:
                    37:68:b6:2a:99:ba:d6:7d:49:17:90:cd:9e:6c:8f:
                    54:9f:3c:d8:df:30:7e:7e:34:17:aa:a8:3e:d4:6b:
                    84:14:4c:c1:61:b5:ee:0d:d0:57:95:c5:b7:87:44:
                    b3:2e:80:41:7e:d0:00:d4:3f:6a:47:91:51:61:0b:
                    ea:f0:51:8f:63:c1:99:c4:b6:cc:e7:c2:0c:2b:5c:
                    35:01:07:ac:de:78:10:d2:d4:a3:61:27:9a:dd:f6:
                    98:44:e4:df:87:f0:96:9a:4a:31:41:bc:ec:f2:bd:
                    30:b1:2a:bc:e7:68:3b:c2:c5:29:94:17:93:39:a6:
                    bf:de:7e:5d:e1:9f:65:3f:e4:14:0a:8d:7a:af:26:
                    4d:91:0f:6b:eb:31:74:ba:f8:98:67:05:1e:1e:36:
                    91:97:ed:d9:2a:c0:72:76:34:3f:40:f9:97:d1:d5:
                    34:df:7d:3a:8a:7b:dd:99:f7:5e:ae:5b:88:7e:8c:
                    30:e0:0b:e0:4c:61:8c:02:a8:96:5f:6e:f0:a6:0d:
                    32:76:78:d9:4d:c4:b7:ee:ec:44:c7:db:e1:00:1d:
                    55:7d:b4:e0:75:af:55:fa:04:d5:bd:1b:e1:18:78:
                    7b:95:31:a7:86:46:a9:a3:32:c0:36:28:e4:7d:98:
                    8b:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:26:6C:C2:06:82:2E:01:EA:2A:18:A8:13:01:43:5B:57:C8:AA:9F
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:07:2a:16:c0:4b:bc:ee:b8:bb:e3:56:84:61:51:41:32:7d:
         7e:e4:a2:bd:23:8b:9c:a9:62:29:df:f3:7e:c7:16:c7:8a:bd:
         eb:a3:8f:20:73:66:58:08:f6:25:d8:4b:00:83:46:14:d8:5f:
         e0:3d:8f:9a:2f:a6:e5:65:de:7e:c9:be:07:9e:fb:73:55:96:
         90:5b:15:63:22:9c:b4:3f:52:dc:21:89:a8:6c:51:42:7f:66:
         dd:50:27:e9:6a:10:e3:0b:72:b9:c9:dc:cd:9d:4c:fb:eb:a3:
         e3:c0:86:c2:0e:24:6d:2d:4c:06:80:04:ae:7f:61:85:c5:12:
         d5:17:00:5d:9f:e2:ab:d4:f5:b5:19:78:4c:b6:86:36:8a:66:
         c8:e9:87:34:68:d4:33:33:ef:95:f0:14:57:23:d3:1f:70:6a:
         c7:ec:ed:85:38:88:69:c1:1c:0c:46:82:47:ff:08:fa:7f:04:
         28:0e:59:11:b2:9f:fa:69:26:ad:82:0c:32:55:62:7e:07:2e:
         6d:f8:33:07:01:24:a1:0e:c7:86:6e:bb:7a:8b:ca:7c:d6:7f:
         7b:47:17:b7:43:3f:45:95:b7:09:7e:fe:cb:9a:a5:ad:34:de:
         78:c9:a0:39:80:ff:88:38:00:ee:66:41:c0:c7:01:8c:3d:c2:
         0e:f8:16:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfGE4hPrQckc8ntm3lCT1TDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNzAxMTMwMDU4WhcNMjUwNzAyMTMwMDU4WjAzMTEwLwYDVQQD
Eyg1OTI2NmNjMjA2ODIyZTAxZWEyYTE4YTgxMzAxNDM1YjU3YzhhYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qige8aPaUZjV1ISHYA3aLYqmbrW
fUkXkM2ebI9UnzzY3zB+fjQXqqg+1GuEFEzBYbXuDdBXlcW3h0SzLoBBftAA1D9q
R5FRYQvq8FGPY8GZxLbM58IMK1w1AQes3ngQ0tSjYSea3faYROTfh/CWmkoxQbzs
8r0wsSq852g7wsUplBeTOaa/3n5d4Z9lP+QUCo16ryZNkQ9r6zF0uviYZwUeHjaR
l+3ZKsBydjQ/QPmX0dU03306invdmfderluIfoww4AvgTGGMAqiWX27wpg0ydnjZ
TcS37uxEx9vhAB1VfbTgda9V+gTVvRvhGHh7lTGnhkapozLANijkfZiLMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkmbMIGgi4B6ioYqBMBQ1tXyKqfMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJwcqFsBL
vO64u+NWhGFRQTJ9fuSivSOLnKliKd/zfscWx4q966OPIHNmWAj2JdhLAINGFNhf
4D2Pmi+m5WXefsm+B577c1WWkFsVYyKctD9S3CGJqGxRQn9m3VAn6WoQ4wtyucnc
zZ1M++uj48CGwg4kbS1MBoAErn9hhcUS1RcAXZ/iq9T1tRl4TLaGNopmyOmHNGjU
MzPvlfAUVyPTH3Bqx+zthTiIacEcDEaCR/8I+n8EKA5ZEbKf+mkmrYIMMlVifgcu
bfgzBwEkoQ7Hhm67eovKfNZ/e0cXt0M/RZW3CX7+y5qlrTTeeMmgOYD/iDgA7mZB
wMcBjD3CDvgWkg==
-----END CERTIFICATE-----