Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
File:                     KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json)
Hash identifier:          Clqso5A7TLsHnoJV4vVaLrKSPkU0ILJrINLUUX9P2OU=
Subject key identifier:   D8:69:68:6A:22:CF:E1:7B:81:88:DC:9A:B1:FE:01:D1:EF:E3:11:CF
Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1
Certificate issuer:       /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
Certificate serial:       01976C98E82970EBB5799ACFD5E906BEDBF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
Manifest number:          1064
Signing time:             Sat 14 Jun 2025 04:00:49 +0000
Manifest this update:     Sat 14 Jun 2025 04:00:49 +0000
Manifest next update:     Sun 15 Jun 2025 04:00:49 +0000
Files and hashes:         1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: yzeFx+WG2cd9KbAYA5BinzKZC5n/P/7aOEAKOyONX6A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:98:e8:29:70:eb:b5:79:9a:cf:d5:e9:06:be:db:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
        Validity
            Not Before: Jun 14 04:00:49 2025 GMT
            Not After : Jun 15 04:00:49 2025 GMT
        Subject: CN=d869686a22cfe17b8188dc9ab1fe01d1efe311cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:24:dc:66:d0:ec:c9:db:c9:c5:4a:95:b1:68:
                    6e:30:56:03:33:25:21:f2:51:52:95:47:0d:e6:e2:
                    90:64:ea:59:9c:56:2e:81:69:ef:72:89:64:50:3a:
                    37:d5:60:04:e7:dc:4a:ee:94:88:73:90:1f:08:d0:
                    78:b7:86:7e:10:7a:1b:03:40:6b:de:37:05:e9:46:
                    3d:76:86:cc:c2:94:e4:d0:49:83:25:22:ea:0b:e1:
                    02:0f:15:b1:a9:d7:14:ae:69:9b:e3:48:27:90:e8:
                    44:10:b5:a7:d4:28:41:a2:26:77:aa:1c:27:ba:95:
                    3c:ea:9e:39:65:3a:a2:3e:ed:90:d0:e5:16:dc:b9:
                    39:3b:ec:ba:dd:cc:5f:fe:25:44:2c:f3:82:9f:60:
                    a7:27:7d:ca:aa:c2:57:fd:ce:9e:7c:60:a2:f4:43:
                    e5:04:54:df:38:83:3b:1f:16:38:4a:7d:e2:ab:a2:
                    c0:9d:6b:86:b7:51:4a:60:89:c4:08:fb:be:3c:a0:
                    db:f2:47:dd:78:2b:5f:cb:00:f8:86:35:68:8b:c5:
                    cb:ea:b1:61:f9:c2:72:f2:8c:ff:90:5a:b1:ad:23:
                    8c:83:6b:2b:af:02:e4:2a:fe:fa:f8:00:26:7c:01:
                    54:ae:61:0e:ad:c9:78:ce:63:22:55:d2:38:49:b1:
                    72:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:69:68:6A:22:CF:E1:7B:81:88:DC:9A:B1:FE:01:D1:EF:E3:11:CF
            X509v3 Authority Key Identifier:
                keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:12:f0:e4:d2:77:bb:95:45:20:9a:c2:15:32:7a:b5:5c:46:
         72:70:4b:fd:e9:6c:33:1b:88:70:64:12:f4:14:8f:61:ab:e5:
         4e:45:b9:f2:d4:ee:92:ba:0c:5c:75:11:e5:19:ce:c0:66:54:
         9f:fe:d2:52:6d:4f:43:72:60:af:a4:4b:a8:3b:ef:f9:fd:15:
         68:6c:a1:6a:e5:77:08:31:4d:4c:f0:21:a7:c8:7f:c7:21:e8:
         e8:07:4a:3b:db:48:d4:f0:1c:3b:a4:66:74:36:17:3a:97:a0:
         47:80:07:68:84:5d:7e:b3:9c:5d:d1:12:66:4e:88:fb:c8:c6:
         e5:7d:6d:2b:a5:80:26:bb:3d:db:3f:f6:63:be:68:2b:aa:a0:
         e3:cd:e2:4d:1c:cc:56:0b:f0:70:b2:97:4a:6c:17:47:57:31:
         7e:94:b5:aa:a3:23:46:62:50:e1:ed:47:d6:a9:ad:fc:18:1e:
         20:f4:aa:9a:68:95:35:b8:e4:27:d6:22:14:43:73:0c:6a:8d:
         a7:00:8b:f6:01:58:58:5a:9b:bb:54:de:6b:f9:55:26:da:3b:
         69:f7:ba:18:11:f1:02:fc:df:57:00:f5:99:d2:58:92:6d:c3:
         8f:d6:92:88:90:87:b6:b4:ef:1c:2c:7b:e4:76:88:8a:09:48:
         d8:c1:55:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsmOgpcOu1eZrP1ekGvtv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx
OGM4YjEwHhcNMjUwNjE0MDQwMDQ5WhcNMjUwNjE1MDQwMDQ5WjAzMTEwLwYDVQQD
EyhkODY5Njg2YTIyY2ZlMTdiODE4OGRjOWFiMWZlMDFkMWVmZTMxMWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiTcZtDsydvJxUqVsWhuMFYDMyUh
8lFSlUcN5uKQZOpZnFYugWnvcolkUDo31WAE59xK7pSIc5AfCNB4t4Z+EHobA0Br
3jcF6UY9dobMwpTk0EmDJSLqC+ECDxWxqdcUrmmb40gnkOhEELWn1ChBoiZ3qhwn
upU86p45ZTqiPu2Q0OUW3Lk5O+y63cxf/iVELPOCn2CnJ33KqsJX/c6efGCi9EPl
BFTfOIM7HxY4Sn3iq6LAnWuGt1FKYInECPu+PKDb8kfdeCtfywD4hjVoi8XL6rFh
+cJy8oz/kFqxrSOMg2srrwLkKv76+AAmfAFUrmEOrcl4zmMiVdI4SbFyGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhpaGoiz+F7gYjcmrH+AdHv4xHPMB8GA1UdIwQY
MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt
N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk
LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtBLw5NJ3
u5VFIJrCFTJ6tVxGcnBL/elsMxuIcGQS9BSPYavlTkW58tTukroMXHUR5RnOwGZU
n/7SUm1PQ3Jgr6RLqDvv+f0VaGyhauV3CDFNTPAhp8h/xyHo6AdKO9tI1PAcO6Rm
dDYXOpegR4AHaIRdfrOcXdESZk6I+8jG5X1tK6WAJrs92z/2Y75oK6qg483iTRzM
VgvwcLKXSmwXR1cxfpS1qqMjRmJQ4e1H1qmt/BgeIPSqmmiVNbjkJ9YiFENzDGqN
pwCL9gFYWFqbu1Tea/lVJto7afe6GBHxAvzfVwD1mdJYkm3Dj9aSiJCHtrTvHCx7
5HaIiglI2MFVDA==
-----END CERTIFICATE-----