Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.mft
File:                     kUS2KYi--9kYP26_brLRlMso5uM.mft (raw, json)
Hash identifier:          XsUseaFexRVhE2BaKZl51GDwK53gOL0G8i3I3crg8Eo=
Subject key identifier:   AC:BF:AB:CD:39:95:8D:E7:CE:9F:93:92:F7:41:AB:27:23:E4:FB:90
Authority key identifier: 91:44:B6:29:88:BE:FB:D9:18:3F:6E:BF:6E:B2:D1:94:CB:28:E6:E3
Certificate issuer:       /CN=9144b62988befbd9183f6ebf6eb2d194cb28e6e3
Certificate serial:       0196C72878D6A6059AD768179372C8689690
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kUS2KYi--9kYP26_brLRlMso5uM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.mft
Manifest number:          06F9
Signing time:             Tue 13 May 2025 01:00:40 +0000
Manifest this update:     Tue 13 May 2025 01:00:40 +0000
Manifest next update:     Wed 14 May 2025 01:00:40 +0000
Files and hashes:         1: kUS2KYi--9kYP26_brLRlMso5uM.crl (hash: jWQPszuyEAUfdm3FO4sfVY0KelC81ciy7otej3SwnpI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kUS2KYi--9kYP26_brLRlMso5uM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 20:47:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c7:28:78:d6:a6:05:9a:d7:68:17:93:72:c8:68:96:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9144b62988befbd9183f6ebf6eb2d194cb28e6e3
        Validity
            Not Before: May 13 01:00:40 2025 GMT
            Not After : May 14 01:00:40 2025 GMT
        Subject: CN=acbfabcd39958de7ce9f9392f741ab2723e4fb90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:98:ba:c0:bf:a1:02:0f:4f:38:2d:05:0e:3a:
                    c1:4e:dd:1c:74:37:a8:27:6f:32:26:8a:eb:86:a9:
                    fe:92:b5:20:39:66:e3:91:5d:2b:61:77:2c:7a:da:
                    e8:6c:3f:5e:91:55:95:fd:1a:25:28:53:66:26:79:
                    f0:e0:64:4a:2e:f7:f0:36:11:99:59:e7:3c:a4:a3:
                    68:a2:4d:b7:9a:b5:2e:8b:78:b5:d8:3e:99:d6:8f:
                    2c:16:57:4e:34:a4:5a:ad:1b:3d:c0:95:cb:19:20:
                    f4:37:8c:8f:ff:e1:5f:c4:a2:25:4e:7a:d6:02:6a:
                    0d:05:28:f4:d4:a7:f0:56:46:eb:72:af:35:d9:d4:
                    c6:76:c3:f0:ba:8e:46:59:52:1f:b4:3f:d5:1b:32:
                    22:ae:b7:99:2d:3c:14:6b:ff:cf:0d:70:37:53:0a:
                    c1:72:ae:c1:de:8d:b3:dd:de:e6:1f:28:c0:68:88:
                    9c:8c:bd:f9:96:7e:46:91:a9:dd:e1:5a:97:3a:47:
                    9c:49:70:63:cf:aa:cc:3a:a3:b4:77:32:b7:ea:c9:
                    c4:60:26:9c:cd:81:3b:61:72:6a:c8:40:4c:b6:89:
                    3f:9a:29:47:00:6b:1b:13:20:2a:f2:c0:26:de:8c:
                    52:de:fc:ef:4e:1a:c4:72:1b:21:88:6e:cf:9d:e1:
                    03:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:BF:AB:CD:39:95:8D:E7:CE:9F:93:92:F7:41:AB:27:23:E4:FB:90
            X509v3 Authority Key Identifier:
                keyid:91:44:B6:29:88:BE:FB:D9:18:3F:6E:BF:6E:B2:D1:94:CB:28:E6:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUS2KYi--9kYP26_brLRlMso5uM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:c6:bd:a8:1c:4c:c9:51:b1:47:6b:05:52:2c:5e:6a:07:b2:
         34:eb:4c:38:30:62:fd:9e:05:79:14:ea:63:85:53:8a:f7:c8:
         05:0f:b0:60:12:1c:b9:fd:80:cb:b2:1c:6b:34:8f:86:8f:bb:
         de:0e:28:37:1d:b4:41:d1:74:24:6b:48:50:96:07:d5:48:70:
         18:f0:da:8c:4b:8a:b0:43:c2:13:f1:73:30:40:32:54:7d:fa:
         97:e0:15:c5:14:11:a2:ce:60:68:62:37:58:28:c7:57:d3:1d:
         90:ba:bc:97:b0:e4:06:cd:ff:a4:04:35:62:1a:38:a8:08:6d:
         41:64:de:6b:bc:eb:fe:fe:2e:99:b3:2f:d8:94:1f:f2:4a:a9:
         bb:55:a7:a6:5a:02:36:e2:a2:80:dd:17:c7:90:30:05:dc:30:
         ef:13:5f:45:e8:c5:63:22:92:0f:a4:5c:b1:e8:19:01:69:55:
         31:97:09:97:c3:43:cc:de:a6:62:bd:4a:71:82:f8:c8:e4:10:
         e8:ef:8d:5b:6c:ba:10:06:e9:d5:b0:bf:54:e0:92:6d:3e:a8:
         bd:d4:08:52:14:d0:b4:cc:5e:56:db:0d:5a:b9:c3:04:fa:a1:
         84:4f:6c:9c:7b:d9:af:23:2b:db:4b:c3:8a:96:bd:3f:f4:bb:
         2b:cc:36:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbHKHjWpgWa12gXk3LIaJaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNDRiNjI5ODhiZWZiZDkxODNmNmViZjZlYjJkMTk0Y2Iy
OGU2ZTMwHhcNMjUwNTEzMDEwMDQwWhcNMjUwNTE0MDEwMDQwWjAzMTEwLwYDVQQD
EyhhY2JmYWJjZDM5OTU4ZGU3Y2U5ZjkzOTJmNzQxYWIyNzIzZTRmYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpi6wL+hAg9POC0FDjrBTt0cdDeo
J28yJorrhqn+krUgOWbjkV0rYXcsetrobD9ekVWV/RolKFNmJnnw4GRKLvfwNhGZ
Wec8pKNook23mrUui3i12D6Z1o8sFldONKRarRs9wJXLGSD0N4yP/+FfxKIlTnrW
AmoNBSj01KfwVkbrcq812dTGdsPwuo5GWVIftD/VGzIirreZLTwUa//PDXA3UwrB
cq7B3o2z3d7mHyjAaIicjL35ln5Gkand4VqXOkecSXBjz6rMOqO0dzK36snEYCac
zYE7YXJqyEBMtok/milHAGsbEyAq8sAm3oxS3vzvThrEchshiG7PneEDyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKy/q805lY3nzp+TkvdBqycj5PuQMB8GA1UdIwQY
MBaAFJFEtimIvvvZGD9uv26y0ZTLKObjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VTMktZaS0tOWtZUDI2X2JyTFJsTXNvNXVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85MzU3NGUtZDgxMS00M2MyLWJkMWMt
OTkwYmEwYzA2MzI2LzEva1VTMktZaS0tOWtZUDI2X2JyTFJsTXNvNXVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85MzU3NGUtZDgxMS00M2MyLWJkMWMtOTkwYmEwYzA2MzI2
LzEva1VTMktZaS0tOWtZUDI2X2JyTFJsTXNvNXVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfca9qBxM
yVGxR2sFUixeageyNOtMODBi/Z4FeRTqY4VTivfIBQ+wYBIcuf2Ay7IcazSPho+7
3g4oNx20QdF0JGtIUJYH1UhwGPDajEuKsEPCE/FzMEAyVH36l+AVxRQRos5gaGI3
WCjHV9MdkLq8l7DkBs3/pAQ1Yho4qAhtQWTea7zr/v4umbMv2JQf8kqpu1WnploC
NuKigN0Xx5AwBdww7xNfRejFYyKSD6RcsegZAWlVMZcJl8NDzN6mYr1KcYL4yOQQ
6O+NW2y6EAbp1bC/VOCSbT6ovdQIUhTQtMxeVtsNWrnDBPqhhE9snHvZryMr20vD
ipa9P/S7K8w2Ag==
-----END CERTIFICATE-----