Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
File:                     kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft (raw, json)
Hash identifier:          5BUOCMalHA3M+x6YdkbNPUC0Vq+ooOtMs7JitLWoGgQ=
Subject key identifier:   3F:EC:50:CB:AD:98:E3:14:F1:84:C0:8F:AB:47:9D:CF:CD:41:2E:24
Authority key identifier: 93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44
Certificate issuer:       /CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44
Certificate serial:       0196DAE5D7A529BF0586535536597D13F622
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
Manifest number:          14D3
Signing time:             Fri 16 May 2025 21:00:18 +0000
Manifest this update:     Fri 16 May 2025 21:00:18 +0000
Manifest next update:     Sat 17 May 2025 21:00:18 +0000
Files and hashes:         1: kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl (hash: bFEVfG7cwD65aGeQPUQzcxoDdp0P9QR9UD+AO/0pYvY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 17 May 2025 17:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:da:e5:d7:a5:29:bf:05:86:53:55:36:59:7d:13:f6:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44
        Validity
            Not Before: May 16 21:00:18 2025 GMT
            Not After : May 17 21:00:18 2025 GMT
        Subject: CN=3fec50cbad98e314f184c08fab479dcfcd412e24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:58:c4:6a:12:62:d1:7b:71:4d:c4:4f:d3:2d:
                    8a:2f:80:97:f4:28:4e:20:09:df:c1:c9:09:c7:22:
                    05:77:67:f7:e0:b1:ae:0f:86:a5:c8:49:40:0e:f5:
                    48:86:19:f1:a3:2d:94:89:ef:4c:c3:5a:e9:6a:cc:
                    ea:5b:be:e9:4c:ca:42:a7:aa:10:a2:9a:09:51:90:
                    eb:72:4c:36:07:ec:ab:8e:3d:f7:99:6e:c7:f6:6f:
                    33:a9:f9:be:1e:c0:87:8a:d1:04:bb:90:01:43:d8:
                    64:e3:85:d1:0e:1a:d1:c0:01:64:14:0c:ad:41:d1:
                    f8:28:f2:90:1e:15:95:38:2d:24:6c:a1:15:6d:47:
                    22:4d:33:af:02:5c:2e:d3:0a:f8:b1:b5:86:da:d3:
                    d7:18:e2:fe:7c:fd:33:06:5d:5d:b8:ca:f0:33:65:
                    a9:0a:1e:17:d0:be:5d:9d:1b:ab:36:dd:b1:d1:96:
                    c0:af:b5:2c:7e:66:d0:56:a0:5a:ad:97:55:48:82:
                    e4:37:16:ed:2d:4c:e1:96:ef:7f:ce:34:3a:31:cf:
                    3d:04:94:3d:6f:6f:da:2c:b9:43:7a:8e:d6:e1:8e:
                    a5:b1:ba:ad:35:69:3f:72:d8:05:7d:7b:94:71:e2:
                    37:4d:47:c0:bd:91:ee:4a:99:43:bf:6c:ae:e0:99:
                    14:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:EC:50:CB:AD:98:E3:14:F1:84:C0:8F:AB:47:9D:CF:CD:41:2E:24
            X509v3 Authority Key Identifier:
                keyid:93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:31:d1:f7:1c:5e:1a:94:26:90:1a:8d:4e:e4:22:52:c9:e2:
         ff:2c:dc:74:b1:1a:92:c8:0e:c2:15:13:51:0d:12:44:94:f5:
         ef:2b:d4:7a:cf:3d:50:ed:20:d7:25:92:8a:df:4f:b8:93:b4:
         6f:7e:4b:8d:20:6b:ee:87:7a:da:db:af:f6:21:5b:ce:cd:26:
         80:1b:ee:00:55:5f:25:17:f1:67:1b:7a:11:7a:46:b8:f1:e9:
         d9:a3:c0:fd:41:1d:dd:5c:54:91:67:b4:bb:8c:d4:95:2a:bb:
         51:95:8d:af:5c:a0:c9:dc:44:0d:2e:29:f4:01:0d:fa:e4:2d:
         86:73:0e:ac:34:cf:95:83:23:96:86:0b:fd:6a:0c:54:62:c4:
         01:ad:7f:53:b1:46:2a:b8:5f:4d:c7:98:3d:47:22:bd:3e:05:
         66:dc:9e:ad:9f:98:26:7c:ef:07:e5:5f:32:bd:bc:e2:db:56:
         2b:b1:59:ad:11:64:fb:2d:c9:2e:f9:ee:f7:57:fc:01:d9:a5:
         0c:99:48:42:ab:43:40:0c:e5:23:9c:27:33:1b:3d:ca:1d:93:
         3f:70:79:96:2f:b2:80:93:a1:bb:c9:74:dc:69:b5:ff:de:78:
         fd:18:52:eb:d9:09:76:27:eb:a7:f9:b6:49:5e:74:a4:f7:b2:
         03:46:25:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZba5delKb8FhlNVNll9E/YiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzIwZThiZTdjNzRjYTY1NWM3YzNlOTc4YmMxYWE2MGZk
OGRiNDQwHhcNMjUwNTE2MjEwMDE4WhcNMjUwNTE3MjEwMDE4WjAzMTEwLwYDVQQD
EygzZmVjNTBjYmFkOThlMzE0ZjE4NGMwOGZhYjQ3OWRjZmNkNDEyZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoljEahJi0XtxTcRP0y2KL4CX9ChO
IAnfwckJxyIFd2f34LGuD4alyElADvVIhhnxoy2Uie9Mw1rpaszqW77pTMpCp6oQ
opoJUZDrckw2B+yrjj33mW7H9m8zqfm+HsCHitEEu5ABQ9hk44XRDhrRwAFkFAyt
QdH4KPKQHhWVOC0kbKEVbUciTTOvAlwu0wr4sbWG2tPXGOL+fP0zBl1duMrwM2Wp
Ch4X0L5dnRurNt2x0ZbAr7UsfmbQVqBarZdVSILkNxbtLUzhlu9/zjQ6Mc89BJQ9
b2/aLLlDeo7W4Y6lsbqtNWk/ctgFfXuUceI3TUfAvZHuSplDv2yu4JkUmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD/sUMutmOMU8YTAj6tHnc/NQS4kMB8GA1UdIwQY
MBaAFJMyDovnx0ymVcfD6Xi8GqYP2NtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYt
ZmE5MWM3NWZiOWRjLzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYtZmE5MWM3NWZiOWRj
LzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEzHR9xxe
GpQmkBqNTuQiUsni/yzcdLEaksgOwhUTUQ0SRJT17yvUes89UO0g1yWSit9PuJO0
b35LjSBr7od62tuv9iFbzs0mgBvuAFVfJRfxZxt6EXpGuPHp2aPA/UEd3VxUkWe0
u4zUlSq7UZWNr1ygydxEDS4p9AEN+uQthnMOrDTPlYMjloYL/WoMVGLEAa1/U7FG
KrhfTceYPUcivT4FZtyerZ+YJnzvB+VfMr284ttWK7FZrRFk+y3JLvnu91f8Adml
DJlIQqtDQAzlI5wnMxs9yh2TP3B5li+ygJOhu8l03Gm1/954/RhS69kJdifrp/m2
SV50pPeyA0Yl8Q==
-----END CERTIFICATE-----