Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          s4MuaHOdZc1rQ0Sl3UZ9c7mSiR11MGuyzhuJRvrPdKc=
Subject key identifier:   0B:ED:E9:E9:8A:7C:D4:87:2B:BA:69:E2:5C:60:FC:FD:94:2E:A2:AC
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       0196BD8042DAC5CE07C35BA188F4D25CA9CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0F49
Signing time:             Sun 11 May 2025 04:00:21 +0000
Manifest this update:     Sun 11 May 2025 04:00:21 +0000
Manifest next update:     Mon 12 May 2025 04:00:21 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: WMrzhYEN1fmEuilgvy2xqY1KZ9CE+uRhE12znqmearI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 04:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bd:80:42:da:c5:ce:07:c3:5b:a1:88:f4:d2:5c:a9:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: May 11 04:00:21 2025 GMT
            Not After : May 12 04:00:21 2025 GMT
        Subject: CN=0bede9e98a7cd4872bba69e25c60fcfd942ea2ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:db:24:a0:99:a2:4f:8a:02:46:d4:86:87:a3:
                    8b:88:eb:93:c1:fa:d9:bc:7f:42:ec:39:91:d2:6a:
                    f2:ff:e5:26:09:61:0a:f4:3d:ec:28:e7:f7:45:69:
                    0b:a6:13:62:50:76:12:12:3a:b5:ab:de:29:4f:39:
                    cc:2f:3f:f7:9f:23:28:30:8e:b3:7c:34:4a:fd:7d:
                    2f:cf:76:fb:e8:b4:30:e8:f1:06:d4:0a:06:74:d5:
                    0d:d6:5b:ed:40:fc:4d:c6:8a:d6:8f:05:ea:fb:53:
                    58:69:f7:ef:41:fc:60:ff:35:64:0a:8a:86:87:99:
                    98:f8:92:d8:70:7c:9b:90:8e:6c:22:cf:0d:b0:b6:
                    39:9b:9a:80:59:84:bc:1a:ee:2f:87:e6:e4:e8:6e:
                    0a:79:7c:12:f3:87:7d:72:78:31:0a:d7:c4:48:7f:
                    3c:0d:ac:31:d7:8c:0f:c3:a7:f1:09:13:41:f3:e7:
                    81:10:25:d6:02:b1:d3:2e:34:c5:02:59:2c:df:e2:
                    66:ba:67:12:91:c9:2f:ba:db:e0:08:a9:f9:6e:37:
                    cf:fc:51:3d:ee:db:0a:82:f4:3f:1e:ae:2a:f0:7f:
                    e1:56:2c:a1:c3:7d:1a:4d:c9:fe:31:22:cd:a6:07:
                    af:40:cf:e0:18:c2:ff:8e:4d:93:55:a0:90:52:94:
                    c7:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:ED:E9:E9:8A:7C:D4:87:2B:BA:69:E2:5C:60:FC:FD:94:2E:A2:AC
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:57:ad:10:f6:94:1d:29:24:34:cd:a4:a7:92:4d:13:1e:5c:
         4c:8d:03:78:ca:08:d2:2c:e0:9b:de:a8:79:88:05:26:0b:7e:
         8e:f2:f2:28:e8:55:d8:c0:36:c1:09:fb:ae:84:a2:7e:bd:a7:
         5c:e3:28:52:8a:c7:fa:78:82:4f:8f:b8:6f:44:47:2c:9c:34:
         93:e3:0b:fa:56:72:04:32:f4:2e:a5:e1:49:c0:da:cb:2c:ba:
         7e:93:fd:de:c9:20:97:32:d4:e5:d6:16:98:b8:fd:46:ee:76:
         48:e2:ac:3f:81:83:65:f3:79:5b:25:be:74:fd:52:eb:63:41:
         25:0a:22:59:d9:2c:06:3d:1c:d6:17:67:32:85:66:70:77:47:
         c0:d5:e4:27:44:de:3c:4d:ce:66:7d:a7:cb:08:bf:2e:56:c5:
         b9:ce:88:b4:af:82:f3:02:e1:72:01:f9:8f:f4:2e:05:f9:76:
         bf:7f:d4:39:09:0a:c4:81:0e:6b:9a:6a:bb:5b:59:ae:4f:c8:
         8a:dd:14:ce:8a:9d:52:21:22:4c:e2:f4:72:4a:4e:e7:21:c2:
         a9:64:0e:35:47:23:40:72:4c:6c:4b:df:74:62:c4:8f:a9:57:
         b0:4f:24:bd:d9:5e:9e:41:e8:b1:cf:7c:24:bc:a7:44:75:e5:
         37:fe:0c:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa9gELaxc4Hw1uhiPTSXKnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwNTExMDQwMDIxWhcNMjUwNTEyMDQwMDIxWjAzMTEwLwYDVQQD
EygwYmVkZTllOThhN2NkNDg3MmJiYTY5ZTI1YzYwZmNmZDk0MmVhMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtskoJmiT4oCRtSGh6OLiOuTwfrZ
vH9C7DmR0mry/+UmCWEK9D3sKOf3RWkLphNiUHYSEjq1q94pTznMLz/3nyMoMI6z
fDRK/X0vz3b76LQw6PEG1AoGdNUN1lvtQPxNxorWjwXq+1NYaffvQfxg/zVkCoqG
h5mY+JLYcHybkI5sIs8NsLY5m5qAWYS8Gu4vh+bk6G4KeXwS84d9cngxCtfESH88
Dawx14wPw6fxCRNB8+eBECXWArHTLjTFAlks3+JmumcSkckvutvgCKn5bjfP/FE9
7tsKgvQ/Hq4q8H/hViyhw30aTcn+MSLNpgevQM/gGML/jk2TVaCQUpTH7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvt6emKfNSHK7pp4lxg/P2ULqKsMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACFetEPaU
HSkkNM2kp5JNEx5cTI0DeMoI0izgm96oeYgFJgt+jvLyKOhV2MA2wQn7roSifr2n
XOMoUorH+niCT4+4b0RHLJw0k+ML+lZyBDL0LqXhScDayyy6fpP93skglzLU5dYW
mLj9Ru52SOKsP4GDZfN5WyW+dP1S62NBJQoiWdksBj0c1hdnMoVmcHdHwNXkJ0Te
PE3OZn2nywi/LlbFuc6ItK+C8wLhcgH5j/QuBfl2v3/UOQkKxIEOa5pqu1tZrk/I
it0UzoqdUiEiTOL0ckpO5yHCqWQONUcjQHJMbEvfdGLEj6lXsE8kvdlenkHosc98
JLynRHXlN/4MIw==
-----END CERTIFICATE-----