Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
File:                     ksrhHed02u8FJ0JGPOlU9SHG0nI.mft (raw, json)
Hash identifier:          RV2THF7PpKX24SYuiiBMSVDI/ru0qFQiXnzN76e6Cg4=
Subject key identifier:   CA:2C:12:E7:3B:1B:24:52:D1:D1:7E:AB:18:38:36:60:F8:C5:F6:E0
Authority key identifier: 92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72
Certificate issuer:       /CN=92cae11de774daef052742463ce954f521c6d272
Certificate serial:       0196A842F64331EF31751A7D264912489540
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
Manifest number:          0F21
Signing time:             Wed 07 May 2025 01:01:22 +0000
Manifest this update:     Wed 07 May 2025 01:01:22 +0000
Manifest next update:     Thu 08 May 2025 01:01:22 +0000
Files and hashes:         1: ksrhHed02u8FJ0JGPOlU9SHG0nI.crl (hash: rvulmEZCn36CdBNF4Ei7IPtnkwZxjTWtw1T98m+dGcM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 01:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a8:42:f6:43:31:ef:31:75:1a:7d:26:49:12:48:95:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92cae11de774daef052742463ce954f521c6d272
        Validity
            Not Before: May  7 01:01:22 2025 GMT
            Not After : May  8 01:01:22 2025 GMT
        Subject: CN=ca2c12e73b1b2452d1d17eab18383660f8c5f6e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b6:4f:9f:4e:1a:1a:5e:61:2e:3e:c0:24:86:
                    27:d9:b0:3f:31:cc:b6:de:fc:7b:0f:b3:04:9c:86:
                    83:64:7d:c7:22:88:c9:b1:0d:cc:0d:2c:8f:00:ad:
                    42:47:4c:81:3f:f0:83:23:c7:a6:68:c6:dd:b6:0b:
                    75:ab:8b:57:8c:f0:07:a2:bc:f7:74:58:02:05:f5:
                    d6:89:85:dc:86:3e:1e:fc:30:7d:00:8a:78:d8:1e:
                    ad:e3:85:a6:06:41:e1:cf:9a:c7:85:50:4e:73:df:
                    28:b1:ed:aa:6b:cb:f4:c1:b8:95:5a:fe:80:21:2e:
                    5f:11:78:a0:4e:84:ee:49:de:81:e7:3c:80:91:ff:
                    ad:a1:44:c6:77:a2:07:1f:3f:74:1d:d1:42:ac:78:
                    23:d6:67:b0:a4:67:ff:89:a1:b0:e6:f3:48:6f:15:
                    0d:8a:69:63:80:87:e1:20:f7:16:a9:3b:48:82:78:
                    31:19:aa:f4:7f:16:01:0e:8a:ef:8e:fe:18:ff:7c:
                    43:63:d6:1a:4e:74:e1:a7:38:0f:39:48:5f:f6:a5:
                    3a:a3:36:ce:7d:cd:0b:1b:af:9f:70:8e:0e:7e:ba:
                    2b:dc:d8:16:13:2a:4b:da:e1:e8:a2:2a:6c:1b:5b:
                    08:34:0d:e7:e3:77:c0:7b:3a:96:b9:f2:8d:0d:40:
                    31:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:2C:12:E7:3B:1B:24:52:D1:D1:7E:AB:18:38:36:60:F8:C5:F6:E0
            X509v3 Authority Key Identifier:
                keyid:92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:12:d1:3a:b8:8f:b0:91:3c:67:96:5c:4d:5e:0d:f0:77:d7:
         ab:c9:67:2b:3e:94:03:67:1a:ae:04:26:35:e5:81:57:23:4e:
         7a:c2:21:c3:79:fa:0e:87:7b:10:89:d6:15:99:bb:3e:bb:16:
         7c:94:3e:ec:74:c7:2e:e2:2f:72:f6:a7:32:30:63:59:a3:82:
         92:73:9a:d0:0c:cc:dd:cf:f3:3d:b1:8d:98:40:97:fb:76:2c:
         f4:90:f9:d9:9e:75:41:c5:df:56:fa:57:0c:e6:89:cb:b2:cd:
         c9:ee:4a:6e:f9:75:1f:96:68:db:36:2b:01:9e:40:84:04:95:
         03:40:96:25:1f:1f:13:62:03:38:ec:25:d8:4f:95:ee:be:1e:
         49:fb:2a:06:3c:89:59:66:1c:bb:06:db:a3:2f:59:e2:5f:4c:
         bf:67:90:6c:f6:1b:58:cf:5c:83:34:27:3d:39:d0:12:95:ef:
         82:81:48:e7:fd:30:bf:a0:14:ca:6a:79:4b:53:43:9d:4e:87:
         3c:b8:34:3c:72:e8:d1:4d:d2:03:0c:29:83:c6:f7:69:fb:a6:
         81:62:6e:5c:ab:c5:f6:00:c3:fa:67:9c:06:8b:b2:96:61:f4:
         af:f5:f6:b4:8f:bd:73:1c:e9:87:b1:bf:a4:3a:a9:e9:60:ec:
         e4:bd:c7:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaoQvZDMe8xdRp9JkkSSJVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyY2FlMTFkZTc3NGRhZWYwNTI3NDI0NjNjZTk1NGY1MjFj
NmQyNzIwHhcNMjUwNTA3MDEwMTIyWhcNMjUwNTA4MDEwMTIyWjAzMTEwLwYDVQQD
EyhjYTJjMTJlNzNiMWIyNDUyZDFkMTdlYWIxODM4MzY2MGY4YzVmNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbZPn04aGl5hLj7AJIYn2bA/Mcy2
3vx7D7MEnIaDZH3HIojJsQ3MDSyPAK1CR0yBP/CDI8emaMbdtgt1q4tXjPAHorz3
dFgCBfXWiYXchj4e/DB9AIp42B6t44WmBkHhz5rHhVBOc98ose2qa8v0wbiVWv6A
IS5fEXigToTuSd6B5zyAkf+toUTGd6IHHz90HdFCrHgj1mewpGf/iaGw5vNIbxUN
imljgIfhIPcWqTtIgngxGar0fxYBDorvjv4Y/3xDY9YaTnThpzgPOUhf9qU6ozbO
fc0LG6+fcI4Ofror3NgWEypL2uHooipsG1sINA3n43fAezqWufKNDUAxxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMosEuc7GyRS0dF+qxg4NmD4xfbgMB8GA1UdIwQY
MBaAFJLK4R3ndNrvBSdCRjzpVPUhxtJyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQt
ZWZmNmZkN2QzYjI4LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQtZWZmNmZkN2QzYjI4
LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdhLROriP
sJE8Z5ZcTV4N8HfXq8lnKz6UA2cargQmNeWBVyNOesIhw3n6Dod7EInWFZm7PrsW
fJQ+7HTHLuIvcvanMjBjWaOCknOa0AzM3c/zPbGNmECX+3Ys9JD52Z51QcXfVvpX
DOaJy7LNye5Kbvl1H5Zo2zYrAZ5AhASVA0CWJR8fE2IDOOwl2E+V7r4eSfsqBjyJ
WWYcuwbboy9Z4l9Mv2eQbPYbWM9cgzQnPTnQEpXvgoFI5/0wv6AUymp5S1NDnU6H
PLg0PHLo0U3SAwwpg8b3afumgWJuXKvF9gDD+mecBouylmH0r/X2tI+9cxzph7G/
pDqp6WDs5L3H5Q==
-----END CERTIFICATE-----