Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
File:                     ksrhHed02u8FJ0JGPOlU9SHG0nI.mft (raw, json)
Hash identifier:          IYnF7Yxj2UjBnV6G6rWCrBsnRgCz7SAbOgHb6jeYXR8=
Subject key identifier:   3C:49:D2:0F:BA:D0:07:E7:95:93:DD:48:66:9B:11:43:E5:43:AE:9C
Authority key identifier: 92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72
Certificate issuer:       /CN=92cae11de774daef052742463ce954f521c6d272
Certificate serial:       0197BA7DBE0835BA7730B0725A2D9CAD885E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
Manifest number:          0FAF
Signing time:             Sun 29 Jun 2025 07:01:32 +0000
Manifest this update:     Sun 29 Jun 2025 07:01:32 +0000
Manifest next update:     Mon 30 Jun 2025 07:01:32 +0000
Files and hashes:         1: ksrhHed02u8FJ0JGPOlU9SHG0nI.crl (hash: L0eQ/ZFskoYp0hlpDdkm2E4rasK7MPxLcur1kAdLMLw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 30 Jun 2025 04:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:ba:7d:be:08:35:ba:77:30:b0:72:5a:2d:9c:ad:88:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92cae11de774daef052742463ce954f521c6d272
        Validity
            Not Before: Jun 29 07:01:32 2025 GMT
            Not After : Jun 30 07:01:32 2025 GMT
        Subject: CN=3c49d20fbad007e79593dd48669b1143e543ae9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:0b:fa:63:0a:a5:92:a1:15:1f:b6:55:2f:cf:
                    f8:10:ac:8b:fa:52:9c:69:cd:13:d0:6c:fc:a6:69:
                    38:d8:52:6f:b8:bb:bd:3c:6f:96:bb:37:0e:6a:86:
                    0a:58:e4:c1:3d:0b:e4:39:86:aa:5f:6e:e3:5c:d1:
                    3a:39:fc:99:05:03:9a:ad:67:c6:6a:a3:9f:33:5b:
                    b8:06:78:b9:25:67:15:b5:5a:9e:8f:e6:4c:c1:85:
                    6c:72:c0:21:a6:31:0a:9a:f7:0a:dc:0a:b0:2f:e7:
                    01:e1:40:65:4c:9e:0e:99:1a:a6:32:a3:2d:3f:88:
                    9c:16:6e:1f:00:7a:2c:f0:c7:b6:b7:0c:36:12:0c:
                    8d:43:d8:53:13:18:61:91:b4:85:3f:f8:96:cf:be:
                    3a:79:bb:a1:b8:39:3f:05:cf:30:d4:91:aa:a5:29:
                    79:9d:93:e6:6f:44:1e:1e:9f:c7:4c:c2:f0:41:1a:
                    03:42:f0:0b:32:8a:6f:4e:ac:84:31:91:85:e7:8d:
                    76:6f:4b:8a:ef:31:12:2f:01:f7:5a:97:f7:e2:65:
                    c6:05:31:ba:ef:ad:d1:81:9d:8e:0a:1a:5a:77:84:
                    91:bb:e0:90:ae:db:3b:99:e5:0d:30:13:af:35:5c:
                    57:1d:26:49:d3:49:64:a2:66:64:bb:67:9e:99:c1:
                    2c:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:49:D2:0F:BA:D0:07:E7:95:93:DD:48:66:9B:11:43:E5:43:AE:9C
            X509v3 Authority Key Identifier:
                keyid:92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:ff:a2:f5:79:18:ee:b7:c8:77:13:6e:28:b0:f8:97:86:70:
         f4:43:ce:a9:5c:7d:d3:22:c8:88:fb:de:1a:b6:bc:27:5d:47:
         01:d0:26:60:f6:bc:12:c1:0b:96:41:04:60:6c:dc:bb:e9:97:
         a1:ff:c0:90:bb:09:69:63:a2:1f:da:d0:28:f3:66:8e:36:72:
         3d:41:bd:f9:ae:b4:60:44:06:9c:42:e5:61:de:1b:cb:47:56:
         55:2c:75:0a:29:d0:c2:22:09:7d:a1:d2:d2:9d:8f:b2:0d:a1:
         06:4c:ce:be:33:c8:d2:d2:86:1c:1a:86:49:c2:fc:f1:78:f7:
         3e:46:22:39:1a:74:04:6e:0b:19:aa:8c:be:51:38:bf:a7:fd:
         f3:c1:49:0e:5c:81:39:9b:38:bc:70:67:24:0d:d4:7f:8e:02:
         34:42:63:f2:00:44:b5:f6:3d:8e:e1:03:ae:c0:5c:31:b5:8a:
         9a:08:a3:cb:2c:c9:4e:4d:84:78:a1:5e:dc:40:30:64:1a:47:
         b9:c7:e5:8a:eb:69:0b:08:d1:e6:08:0a:80:c8:13:38:9e:1c:
         3c:49:74:21:fc:57:f0:54:d4:3f:57:8c:ae:65:bc:4a:81:44:
         b1:6f:6e:40:e2:df:39:a2:a2:44:2a:e0:33:7b:3a:92:bd:9e:
         4a:7f:c1:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe6fb4INbp3MLByWi2crYheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyY2FlMTFkZTc3NGRhZWYwNTI3NDI0NjNjZTk1NGY1MjFj
NmQyNzIwHhcNMjUwNjI5MDcwMTMyWhcNMjUwNjMwMDcwMTMyWjAzMTEwLwYDVQQD
EygzYzQ5ZDIwZmJhZDAwN2U3OTU5M2RkNDg2NjliMTE0M2U1NDNhZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgv6YwqlkqEVH7ZVL8/4EKyL+lKc
ac0T0Gz8pmk42FJvuLu9PG+WuzcOaoYKWOTBPQvkOYaqX27jXNE6OfyZBQOarWfG
aqOfM1u4Bni5JWcVtVqej+ZMwYVscsAhpjEKmvcK3AqwL+cB4UBlTJ4OmRqmMqMt
P4icFm4fAHos8Me2tww2EgyNQ9hTExhhkbSFP/iWz746ebuhuDk/Bc8w1JGqpSl5
nZPmb0QeHp/HTMLwQRoDQvALMopvTqyEMZGF5412b0uK7zESLwH3Wpf34mXGBTG6
763RgZ2OChpad4SRu+CQrts7meUNMBOvNVxXHSZJ00lkomZku2eemcEs7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDxJ0g+60AfnlZPdSGabEUPlQ66cMB8GA1UdIwQY
MBaAFJLK4R3ndNrvBSdCRjzpVPUhxtJyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQt
ZWZmNmZkN2QzYjI4LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQtZWZmNmZkN2QzYjI4
LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEf+i9XkY
7rfIdxNuKLD4l4Zw9EPOqVx90yLIiPveGra8J11HAdAmYPa8EsELlkEEYGzcu+mX
of/AkLsJaWOiH9rQKPNmjjZyPUG9+a60YEQGnELlYd4by0dWVSx1CinQwiIJfaHS
0p2Psg2hBkzOvjPI0tKGHBqGScL88Xj3PkYiORp0BG4LGaqMvlE4v6f988FJDlyB
OZs4vHBnJA3Uf44CNEJj8gBEtfY9juEDrsBcMbWKmgijyyzJTk2EeKFe3EAwZBpH
ucfliutpCwjR5ggKgMgTOJ4cPEl0IfxX8FTUP1eMrmW8SoFEsW9uQOLfOaKiRCrg
M3s6kr2eSn/B8A==
-----END CERTIFICATE-----