Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/0ca175-895a-452a-bad4-c599f09787f9/1/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.mft
File:                     kVNTmOpX9qyMAuZZ6S8YsTjhNhk.mft (raw, json)
Hash identifier:          L70qR5YYp4kDC2548IAO3vkj8IO7m2mCh4Nb25kPMVk=
Subject key identifier:   BA:7E:AA:C7:FE:45:C9:1C:29:BF:0D:F1:75:57:2E:7D:BB:F4:B8:C8
Authority key identifier: 91:53:53:98:EA:57:F6:AC:8C:02:E6:59:E9:2F:18:B1:38:E1:36:19
Certificate issuer:       /CN=91535398ea57f6ac8c02e659e92f18b138e13619
Certificate serial:       0196876E787E6FD12B9928B722F1BF24747F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/0ca175-895a-452a-bad4-c599f09787f9/1/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.mft
Manifest number:          1280
Signing time:             Wed 30 Apr 2025 16:01:25 +0000
Manifest this update:     Wed 30 Apr 2025 16:01:25 +0000
Manifest next update:     Thu 01 May 2025 16:01:25 +0000
Files and hashes:         1: kVNTmOpX9qyMAuZZ6S8YsTjhNhk.crl (hash: XlOrhMfs2r26sEZNomXyulzvusLphMG8Aurq/4CwvXc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/0ca175-895a-452a-bad4-c599f09787f9/1/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/0ca175-895a-452a-bad4-c599f09787f9/1/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 16:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:87:6e:78:7e:6f:d1:2b:99:28:b7:22:f1:bf:24:74:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91535398ea57f6ac8c02e659e92f18b138e13619
        Validity
            Not Before: Apr 30 16:01:25 2025 GMT
            Not After : May  1 16:01:25 2025 GMT
        Subject: CN=ba7eaac7fe45c91c29bf0df175572e7dbbf4b8c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:ad:93:05:7d:78:37:c0:17:ab:80:d5:c9:e2:
                    4b:cc:da:06:a1:07:c0:ac:dd:e0:e1:70:a5:83:dc:
                    0b:76:91:c3:48:5b:a7:80:d8:84:0f:43:29:20:2a:
                    fa:01:e1:5b:67:3c:58:d1:78:84:4a:1f:93:68:ea:
                    06:e6:4f:2b:b6:2a:36:75:7e:6f:35:73:62:5f:eb:
                    11:af:d3:c5:2e:c0:98:4e:97:52:4a:34:ec:27:34:
                    04:12:4a:d9:46:de:85:08:6a:96:71:b0:15:97:73:
                    c6:b4:bf:bb:d2:09:22:26:52:26:60:2a:4f:af:17:
                    5e:fd:4a:ab:c1:9b:c3:95:98:2d:7a:d1:fe:69:66:
                    0f:99:bf:aa:ca:c2:fe:5b:50:2d:02:20:36:66:db:
                    c4:12:71:42:34:27:db:a8:61:ea:6b:9e:82:11:5b:
                    ae:f2:81:47:52:4c:a7:93:d2:cc:34:b9:7a:88:84:
                    fa:99:e9:73:81:81:01:09:89:6e:43:07:82:e2:5b:
                    42:52:05:db:49:17:7d:e8:bc:66:48:fc:20:b3:72:
                    0d:32:5e:57:9b:19:da:ef:45:35:a9:5b:89:eb:3f:
                    08:8d:db:93:90:2a:5e:f1:c8:9d:aa:89:e8:9a:95:
                    0d:f2:8b:e9:a8:17:5f:fe:ab:b2:da:a7:b1:45:96:
                    e4:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:7E:AA:C7:FE:45:C9:1C:29:BF:0D:F1:75:57:2E:7D:BB:F4:B8:C8
            X509v3 Authority Key Identifier:
                keyid:91:53:53:98:EA:57:F6:AC:8C:02:E6:59:E9:2F:18:B1:38:E1:36:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0ca175-895a-452a-bad4-c599f09787f9/1/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/0ca175-895a-452a-bad4-c599f09787f9/1/kVNTmOpX9qyMAuZZ6S8YsTjhNhk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:f7:27:90:eb:00:0c:4d:19:76:23:35:1f:74:82:db:92:be:
         31:5f:7a:f9:f9:b8:6d:d7:ff:6d:07:f8:18:6b:49:55:ad:61:
         52:d5:91:ad:f9:3e:85:4f:ba:45:66:53:1d:b2:1b:e4:29:5b:
         d6:75:2a:31:e5:f6:91:29:49:0c:a2:59:f5:1a:7c:99:eb:9d:
         44:d7:34:32:8d:37:17:54:1d:39:da:01:b5:2e:c1:54:3a:a6:
         1e:cb:e7:f1:a9:63:a9:4f:ed:71:c2:89:19:30:97:9d:73:a5:
         2d:51:b2:e8:a5:f5:d7:18:9d:18:fe:1b:4e:63:03:3d:99:7b:
         69:60:84:bf:7b:86:47:6c:24:c1:4f:74:fc:1c:ef:6a:47:61:
         fe:8b:6a:84:a7:8c:c6:a2:d3:62:20:1f:1b:cd:5a:6a:4f:be:
         0e:97:59:dd:f4:3d:05:b4:d9:e1:cd:fd:99:f8:e9:1b:84:be:
         5e:9a:ec:4a:cd:2c:2e:a5:87:b0:ec:90:e1:7c:8f:ca:fb:11:
         2e:6e:06:44:f0:8c:0c:f7:f8:fd:b6:b2:66:bd:45:49:e6:c4:
         3a:b9:0c:fe:b6:45:f9:c6:54:9b:4e:87:47:8c:08:e8:43:ff:
         83:29:67:c4:bd:69:f0:ae:2b:12:bd:14:dd:d3:ff:24:bb:4e:
         cc:80:8b:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaHbnh+b9ErmSi3IvG/JHR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNTM1Mzk4ZWE1N2Y2YWM4YzAyZTY1OWU5MmYxOGIxMzhl
MTM2MTkwHhcNMjUwNDMwMTYwMTI1WhcNMjUwNTAxMTYwMTI1WjAzMTEwLwYDVQQD
EyhiYTdlYWFjN2ZlNDVjOTFjMjliZjBkZjE3NTU3MmU3ZGJiZjRiOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK2TBX14N8AXq4DVyeJLzNoGoQfA
rN3g4XClg9wLdpHDSFungNiED0MpICr6AeFbZzxY0XiESh+TaOoG5k8rtio2dX5v
NXNiX+sRr9PFLsCYTpdSSjTsJzQEEkrZRt6FCGqWcbAVl3PGtL+70gkiJlImYCpP
rxde/UqrwZvDlZgtetH+aWYPmb+qysL+W1AtAiA2ZtvEEnFCNCfbqGHqa56CEVuu
8oFHUkynk9LMNLl6iIT6melzgYEBCYluQweC4ltCUgXbSRd96LxmSPwgs3INMl5X
mxna70U1qVuJ6z8IjduTkCpe8cidqonompUN8ovpqBdf/quy2qexRZbk6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLp+qsf+RckcKb8N8XVXLn279LjIMB8GA1UdIwQY
MBaAFJFTU5jqV/asjALmWekvGLE44TYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1ZOVG1PcFg5cXlNQXVaWjZTOFlzVGpoTmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8wY2ExNzUtODk1YS00NTJhLWJhZDQt
YzU5OWYwOTc4N2Y5LzEva1ZOVG1PcFg5cXlNQXVaWjZTOFlzVGpoTmhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8wY2ExNzUtODk1YS00NTJhLWJhZDQtYzU5OWYwOTc4N2Y5
LzEva1ZOVG1PcFg5cXlNQXVaWjZTOFlzVGpoTmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/cnkOsA
DE0ZdiM1H3SC25K+MV96+fm4bdf/bQf4GGtJVa1hUtWRrfk+hU+6RWZTHbIb5Clb
1nUqMeX2kSlJDKJZ9Rp8meudRNc0Mo03F1QdOdoBtS7BVDqmHsvn8aljqU/tccKJ
GTCXnXOlLVGy6KX11xidGP4bTmMDPZl7aWCEv3uGR2wkwU90/Bzvakdh/otqhKeM
xqLTYiAfG81aak++DpdZ3fQ9BbTZ4c39mfjpG4S+XprsSs0sLqWHsOyQ4XyPyvsR
Lm4GRPCMDPf4/bayZr1FSebEOrkM/rZF+cZUm06HR4wI6EP/gylnxL1p8K4rEr0U
3dP/JLtOzICL7Q==
-----END CERTIFICATE-----