Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
File:                     kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json)
Hash identifier:          rz/3HxgVs1PBcxxzoRVQtmkZuCHcUKgBILuS8f7m23Q=
Subject key identifier:   66:39:0F:D7:E9:AD:E5:18:93:FD:44:AA:71:EE:10:C9:D2:6E:72:26
Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9
Certificate issuer:       /CN=921da053921f52836788188f82f62dd5aa973fe9
Certificate serial:       0197B70EC27A4675166BCAA6C5FCD95AF191
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
Manifest number:          0E7A
Signing time:             Sat 28 Jun 2025 15:01:27 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:27 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:27 +0000
Files and hashes:         1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: CXaTJDm7OjmacXqW3+byUWG3vfLzQqnvE575iH+CYfs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:c2:7a:46:75:16:6b:ca:a6:c5:fc:d9:5a:f1:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9
        Validity
            Not Before: Jun 28 15:01:27 2025 GMT
            Not After : Jun 29 15:01:27 2025 GMT
        Subject: CN=66390fd7e9ade51893fd44aa71ee10c9d26e7226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:41:27:f9:1b:e6:de:b1:69:09:ad:ee:4a:2f:
                    6f:a6:b7:e3:ce:7c:7c:71:c0:13:a9:d3:76:8f:d0:
                    9c:54:ef:9a:fb:3b:c9:a3:86:73:4c:33:e8:b3:0e:
                    10:70:2f:5d:90:98:2d:f7:cf:d1:77:81:61:c5:5c:
                    c0:dc:d0:ac:4a:bc:67:a6:58:47:06:0b:d9:5c:de:
                    c3:44:9d:46:15:1b:f5:9a:08:1f:81:4f:82:03:00:
                    59:90:f3:e4:a2:74:f6:33:1c:ec:88:4d:18:f5:c7:
                    f1:e0:45:c6:f6:35:22:5f:50:97:b0:bb:03:4a:50:
                    75:13:d7:c0:00:b8:4b:0d:91:d8:24:97:40:b3:9d:
                    bd:5e:0d:e5:34:17:58:5f:48:3c:e9:69:8d:10:e4:
                    0a:d8:8c:3f:dd:2d:16:28:f9:27:ce:ab:f8:58:2d:
                    45:d2:81:d6:71:dc:24:a3:45:7e:86:77:de:bb:23:
                    45:2d:a4:01:67:79:7d:6a:c4:3c:c0:68:5f:0a:b6:
                    ba:29:01:cb:44:dc:47:3c:36:16:25:72:26:9e:f3:
                    22:86:d2:4a:e7:25:32:73:f1:af:7f:33:10:e4:54:
                    5c:0a:2d:97:78:3a:b0:b7:6e:11:c4:c9:fc:1c:fd:
                    bb:56:bc:6e:ae:b0:3d:70:68:f4:98:15:f0:41:a4:
                    95:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:39:0F:D7:E9:AD:E5:18:93:FD:44:AA:71:EE:10:C9:D2:6E:72:26
            X509v3 Authority Key Identifier:
                keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:6a:b8:d7:ec:de:77:9d:21:d9:87:20:bb:46:70:6a:35:22:
         ec:b7:25:58:b5:d6:ec:c1:95:c8:44:e2:63:c0:4c:62:4c:5c:
         13:82:b9:35:82:ea:b7:4b:05:05:35:42:35:d7:6a:71:0c:d5:
         cf:14:e3:75:f9:57:3b:09:7c:52:91:36:d6:b0:95:6d:47:b2:
         1b:f8:62:be:71:e2:b4:08:79:55:36:74:5a:50:5a:a3:b0:4e:
         e0:32:b0:2a:6c:1c:53:69:e2:8e:c5:f2:4c:cd:1e:c0:0a:32:
         43:d0:3a:c0:fd:3f:fb:ee:c5:86:e9:0b:ca:f0:00:76:f4:44:
         be:1f:09:f4:8c:be:0c:c2:7b:5a:84:47:9a:0a:78:b0:da:57:
         c6:3f:ae:e3:2b:75:10:84:bd:d8:18:67:b5:02:3b:ea:af:68:
         c0:09:90:e0:ce:20:c9:7d:5f:b1:fc:ec:cc:ba:5e:9b:1e:c0:
         98:0c:ce:eb:0f:6e:75:31:a9:ee:1c:66:04:9a:4e:1b:e0:3c:
         80:37:7a:39:ba:1b:4f:21:fa:2b:84:5e:fd:48:cb:4a:b0:5c:
         86:58:27:bf:c6:b3:a0:d8:68:0b:80:96:5c:4e:40:95:24:ec:
         32:2b:c3:f4:4e:63:42:97:98:99:1c:8f:7a:1b:b3:f0:e8:fc:
         7e:fc:63:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DsJ6RnUWa8qmxfzZWvGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5
NzNmZTkwHhcNMjUwNjI4MTUwMTI3WhcNMjUwNjI5MTUwMTI3WjAzMTEwLwYDVQQD
Eyg2NjM5MGZkN2U5YWRlNTE4OTNmZDQ0YWE3MWVlMTBjOWQyNmU3MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUEn+Rvm3rFpCa3uSi9vprfjznx8
ccATqdN2j9CcVO+a+zvJo4ZzTDPosw4QcC9dkJgt98/Rd4FhxVzA3NCsSrxnplhH
BgvZXN7DRJ1GFRv1mggfgU+CAwBZkPPkonT2MxzsiE0Y9cfx4EXG9jUiX1CXsLsD
SlB1E9fAALhLDZHYJJdAs529Xg3lNBdYX0g86WmNEOQK2Iw/3S0WKPknzqv4WC1F
0oHWcdwko0V+hnfeuyNFLaQBZ3l9asQ8wGhfCra6KQHLRNxHPDYWJXImnvMihtJK
5yUyc/GvfzMQ5FRcCi2XeDqwt24RxMn8HP27VrxurrA9cGj0mBXwQaSV2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGY5D9fpreUYk/1EqnHuEMnSbnImMB8GA1UdIwQY
MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt
ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw
LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApGq41+ze
d50h2Ycgu0ZwajUi7LclWLXW7MGVyETiY8BMYkxcE4K5NYLqt0sFBTVCNddqcQzV
zxTjdflXOwl8UpE21rCVbUeyG/hivnHitAh5VTZ0WlBao7BO4DKwKmwcU2nijsXy
TM0ewAoyQ9A6wP0/++7FhukLyvAAdvREvh8J9Iy+DMJ7WoRHmgp4sNpXxj+u4yt1
EIS92BhntQI76q9owAmQ4M4gyX1fsfzszLpemx7AmAzO6w9udTGp7hxmBJpOG+A8
gDd6ObobTyH6K4Re/UjLSrBchlgnv8azoNhoC4CWXE5AlSTsMivD9E5jQpeYmRyP
ehuz8Oj8fvxjDQ==
-----END CERTIFICATE-----