Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
File:                     kNRNBKKqhYbulMejNTbDaBatoWM.mft (raw, json)
Hash identifier:          IAQ7lhiwps8g4I6IF5zW+2K9YoX9Xo7SIdFQQM6N9Lo=
Subject key identifier:   C9:57:41:7C:F4:6F:40:FE:4E:E8:4A:0D:09:C0:A6:1D:23:22:B0:61
Authority key identifier: 90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63
Certificate issuer:       /CN=90d44d04a2aa8586ee94c7a33536c36816ada163
Certificate serial:       0196B7B57F9A5CF77FE3E574F8D59E3C1C1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
Manifest number:          152F
Signing time:             Sat 10 May 2025 01:00:47 +0000
Manifest this update:     Sat 10 May 2025 01:00:47 +0000
Manifest next update:     Sun 11 May 2025 01:00:47 +0000
Files and hashes:         1: kNRNBKKqhYbulMejNTbDaBatoWM.crl (hash: ZPkhEm4g11TcETZAS2MqyYSSe2ADMAX7J4g4oARwQ6I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 10 May 2025 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:b7:b5:7f:9a:5c:f7:7f:e3:e5:74:f8:d5:9e:3c:1c:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90d44d04a2aa8586ee94c7a33536c36816ada163
        Validity
            Not Before: May 10 01:00:47 2025 GMT
            Not After : May 11 01:00:47 2025 GMT
        Subject: CN=c957417cf46f40fe4ee84a0d09c0a61d2322b061
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:2f:e1:2f:e1:d4:35:e5:7c:a4:46:c5:96:cf:
                    be:4e:e6:ed:60:dd:9d:fa:b6:08:2d:7a:f6:6a:e3:
                    c7:11:c4:46:e0:cb:5e:74:ef:e2:f8:43:ed:d0:65:
                    43:eb:50:21:f1:a1:20:f1:57:8c:48:b0:b0:46:94:
                    ac:ca:5a:a5:f1:1a:17:d0:ba:cc:b4:6d:17:62:c3:
                    d8:f4:b6:9e:3b:80:32:ca:0f:85:04:e3:2f:e8:cc:
                    3b:f2:85:5e:c1:fb:98:37:03:4f:bb:45:03:fb:57:
                    51:98:8e:f0:89:c7:f3:6c:31:5d:62:62:5a:28:44:
                    26:58:7d:82:c4:33:02:3e:97:6d:35:4a:c1:05:4a:
                    e5:79:3d:c1:93:c9:2c:2d:46:35:6c:2f:ba:05:b5:
                    54:b4:69:a7:09:c1:c5:c1:db:ba:41:26:a0:a5:49:
                    76:c9:df:4a:ff:8b:7e:6f:a4:4f:0e:17:96:7c:82:
                    d6:89:91:86:aa:ac:e8:d1:aa:e9:82:cb:10:f0:51:
                    73:73:77:32:4a:6c:93:8a:0b:c6:8a:b3:09:02:39:
                    ff:88:9c:94:8b:f5:d4:dc:06:1e:56:8a:30:6c:b5:
                    85:7c:1d:02:5c:b6:63:e3:dd:e1:06:fd:4c:27:7b:
                    8f:43:7b:10:7e:39:a3:a6:a1:54:4d:bc:df:dc:6c:
                    25:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:57:41:7C:F4:6F:40:FE:4E:E8:4A:0D:09:C0:A6:1D:23:22:B0:61
            X509v3 Authority Key Identifier:
                keyid:90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:dd:64:98:23:eb:0d:6e:12:e4:59:d2:6e:e3:bc:5f:79:e5:
         ee:99:ec:6f:c2:ad:4c:bd:52:a6:0a:08:c6:73:dd:77:85:00:
         d1:dd:f9:30:81:3c:0e:57:da:87:ba:85:06:a9:75:29:ee:32:
         51:50:15:b7:ba:b6:e8:32:0f:39:80:a3:35:d3:96:77:65:63:
         7b:7b:bd:d2:12:5f:8b:55:20:35:69:05:c3:08:3c:3a:d4:59:
         ff:93:b9:09:97:c0:69:a5:62:3c:b0:55:53:e7:11:39:a7:5d:
         de:43:15:a4:02:90:11:25:e2:96:98:4e:72:f1:2b:e5:4f:49:
         2c:ef:09:21:3d:dd:59:09:ff:24:a6:9c:c9:64:40:cf:e3:28:
         11:b0:3f:0e:83:e2:3d:43:63:18:9f:ef:3c:8a:0b:86:37:19:
         7d:49:90:16:92:ce:50:50:c7:b5:b7:8d:92:4e:8e:d0:6b:c4:
         a4:5d:f8:0c:31:8a:a8:c9:cb:ae:57:04:7d:f3:7d:11:cc:37:
         a3:1c:78:42:97:6e:98:1b:7c:74:8a:12:6d:56:0a:53:78:99:
         76:1a:0b:5a:c5:0b:4d:b8:18:c8:e3:e3:c1:11:e4:10:43:4c:
         6c:30:76:c9:20:e7:1c:0c:1e:7a:b0:81:c7:5c:f9:fe:f4:9a:
         b0:ed:61:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa3tX+aXPd/4+V0+NWePBwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQ0ZDA0YTJhYTg1ODZlZTk0YzdhMzM1MzZjMzY4MTZh
ZGExNjMwHhcNMjUwNTEwMDEwMDQ3WhcNMjUwNTExMDEwMDQ3WjAzMTEwLwYDVQQD
EyhjOTU3NDE3Y2Y0NmY0MGZlNGVlODRhMGQwOWMwYTYxZDIzMjJiMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy/hL+HUNeV8pEbFls++TubtYN2d
+rYILXr2auPHEcRG4MtedO/i+EPt0GVD61Ah8aEg8VeMSLCwRpSsylql8RoX0LrM
tG0XYsPY9LaeO4Ayyg+FBOMv6Mw78oVewfuYNwNPu0UD+1dRmI7wicfzbDFdYmJa
KEQmWH2CxDMCPpdtNUrBBUrleT3Bk8ksLUY1bC+6BbVUtGmnCcHFwdu6QSagpUl2
yd9K/4t+b6RPDheWfILWiZGGqqzo0arpgssQ8FFzc3cySmyTigvGirMJAjn/iJyU
i/XU3AYeVoowbLWFfB0CXLZj493hBv1MJ3uPQ3sQfjmjpqFUTbzf3GwlCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlXQXz0b0D+TuhKDQnAph0jIrBhMB8GA1UdIwQY
MBaAFJDUTQSiqoWG7pTHozU2w2gWraFjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzIt
NmY4Y2FjYzEyMzM5LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzItNmY4Y2FjYzEyMzM5
LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASt1kmCPr
DW4S5FnSbuO8X3nl7pnsb8KtTL1SpgoIxnPdd4UA0d35MIE8Dlfah7qFBql1Ke4y
UVAVt7q26DIPOYCjNdOWd2Vje3u90hJfi1UgNWkFwwg8OtRZ/5O5CZfAaaViPLBV
U+cROadd3kMVpAKQESXilphOcvEr5U9JLO8JIT3dWQn/JKacyWRAz+MoEbA/DoPi
PUNjGJ/vPIoLhjcZfUmQFpLOUFDHtbeNkk6O0GvEpF34DDGKqMnLrlcEffN9Ecw3
oxx4QpdumBt8dIoSbVYKU3iZdhoLWsULTbgYyOPjwRHkEENMbDB2ySDnHAweerCB
x1z5/vSasO1hUw==
-----END CERTIFICATE-----