Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
File:                     rkIjS6xhcScD45im1b8EjFyfQDI.mft (raw, json)
Hash identifier:          M6sg/418gCbG9RaNxnRFuA57UwTg1FnAWlGH+zJ9u6M=
Subject key identifier:   C5:11:89:C1:5F:96:9D:DD:4B:46:BF:04:84:3C:D2:0A:53:4A:0C:99
Authority key identifier: AE:42:23:4B:AC:61:71:27:03:E3:98:A6:D5:BF:04:8C:5C:9F:40:32
Certificate issuer:       /CN=ae42234bac61712703e398a6d5bf048c5c9f4032
Certificate serial:       01967AFB4DD72869D4D09F46C6E9811D3D7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
Manifest number:          0643
Signing time:             Mon 28 Apr 2025 06:00:11 +0000
Manifest this update:     Mon 28 Apr 2025 06:00:11 +0000
Manifest next update:     Tue 29 Apr 2025 06:00:11 +0000
Files and hashes:         1: rkIjS6xhcScD45im1b8EjFyfQDI.crl (hash: XUHXXbnSWTYrLwH2u9Ea4xz7ktrXbDlSAET7/vNawWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7a:fb:4d:d7:28:69:d4:d0:9f:46:c6:e9:81:1d:3d:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae42234bac61712703e398a6d5bf048c5c9f4032
        Validity
            Not Before: Apr 28 06:00:11 2025 GMT
            Not After : Apr 29 06:00:11 2025 GMT
        Subject: CN=c51189c15f969ddd4b46bf04843cd20a534a0c99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:cc:40:f1:0c:50:c1:82:6d:15:db:e9:26:29:
                    59:cc:0a:e0:42:3d:a5:75:03:95:9a:a2:06:e5:f7:
                    90:1f:09:5b:ca:5a:d7:5d:b1:23:6e:d7:f7:e8:b5:
                    8d:ae:be:e8:2a:1c:2a:25:de:ed:ef:74:65:80:04:
                    44:0a:53:95:7a:85:dc:eb:d4:c5:09:87:45:9c:41:
                    d8:78:23:f2:04:3e:18:26:4b:97:cc:58:02:13:8d:
                    41:a8:25:eb:a7:40:d4:ca:b0:bc:e1:74:a7:2d:66:
                    94:2a:55:6e:ce:d8:88:b0:94:95:1e:45:b4:f6:ee:
                    26:8d:05:ae:2f:4c:60:53:de:49:a5:74:70:f9:b6:
                    8d:00:6a:e7:a8:34:24:44:b4:ad:29:87:1e:83:21:
                    a1:a6:67:ac:08:4a:4c:b7:2d:09:53:99:85:21:42:
                    44:49:83:b5:91:ae:bd:6a:20:6f:8c:9c:a3:2e:46:
                    86:7f:a8:eb:77:24:5d:7d:1a:c1:41:40:e8:1a:78:
                    72:98:89:ec:8b:32:e3:83:0a:65:cd:ac:a8:f2:ed:
                    90:c3:3c:38:a6:9c:90:cf:67:13:06:cc:5b:1c:54:
                    87:63:84:47:45:2a:e0:22:28:da:52:c6:92:fc:6d:
                    67:2d:71:f7:ce:89:9b:77:db:4c:66:34:57:45:0e:
                    2e:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:11:89:C1:5F:96:9D:DD:4B:46:BF:04:84:3C:D2:0A:53:4A:0C:99
            X509v3 Authority Key Identifier:
                keyid:AE:42:23:4B:AC:61:71:27:03:E3:98:A6:D5:BF:04:8C:5C:9F:40:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rkIjS6xhcScD45im1b8EjFyfQDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/0893d0-d1a1-4276-a5b7-ee2bcf186f24/1/rkIjS6xhcScD45im1b8EjFyfQDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:a7:1f:82:19:9a:76:aa:68:5f:d7:2c:59:3b:c4:1f:c5:f2:
         77:c0:97:ae:d1:4b:f7:8e:99:90:e6:07:36:2b:b7:5f:e1:35:
         3b:11:06:25:51:52:78:e5:d3:4b:b7:d5:ee:aa:7f:82:9e:3b:
         a8:35:fc:8e:3b:2b:9e:31:28:61:9c:ea:a6:fb:ad:9a:a3:fa:
         1a:0a:54:6f:24:cb:04:80:25:ab:1f:b2:4e:72:6a:3b:b5:be:
         a6:fc:a0:22:82:45:a5:ca:f3:bc:a8:be:5d:8b:13:b1:a5:7c:
         88:f4:6d:36:af:7b:9a:52:e9:fa:fc:9e:24:72:5e:a3:50:14:
         19:d3:bd:4c:73:f8:50:fb:01:5a:f7:78:71:5e:4a:14:ce:d4:
         d0:89:e6:e1:97:42:bd:6e:a2:2b:72:67:3f:ba:b8:bd:5e:12:
         63:6e:43:93:44:7e:91:fd:be:f9:4b:7d:dc:ee:4d:1e:9b:72:
         01:fa:61:35:01:79:46:7e:0d:6b:9a:85:2c:27:b8:c7:5d:8a:
         50:4c:ef:eb:3c:41:e2:a2:6b:b7:b5:09:0c:c3:a1:a3:ac:4f:
         71:d7:6f:4d:ac:23:58:8b:c5:bb:d6:97:e5:e3:7d:b7:51:04:
         fd:ca:a1:fb:9a:f1:54:cb:d4:7e:6e:fe:97:a3:33:55:04:0e:
         7a:62:90:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ6+03XKGnU0J9GxumBHT1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNDIyMzRiYWM2MTcxMjcwM2UzOThhNmQ1YmYwNDhjNWM5
ZjQwMzIwHhcNMjUwNDI4MDYwMDExWhcNMjUwNDI5MDYwMDExWjAzMTEwLwYDVQQD
EyhjNTExODljMTVmOTY5ZGRkNGI0NmJmMDQ4NDNjZDIwYTUzNGEwYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcxA8QxQwYJtFdvpJilZzArgQj2l
dQOVmqIG5feQHwlbylrXXbEjbtf36LWNrr7oKhwqJd7t73RlgAREClOVeoXc69TF
CYdFnEHYeCPyBD4YJkuXzFgCE41BqCXrp0DUyrC84XSnLWaUKlVuztiIsJSVHkW0
9u4mjQWuL0xgU95JpXRw+baNAGrnqDQkRLStKYcegyGhpmesCEpMty0JU5mFIUJE
SYO1ka69aiBvjJyjLkaGf6jrdyRdfRrBQUDoGnhymInsizLjgwplzayo8u2Qwzw4
ppyQz2cTBsxbHFSHY4RHRSrgIijaUsaS/G1nLXH3zombd9tMZjRXRQ4uwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMURicFflp3dS0a/BIQ80gpTSgyZMB8GA1UdIwQY
MBaAFK5CI0usYXEnA+OYptW/BIxcn0AyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8wODkzZDAtZDFhMS00Mjc2LWE1Yjct
ZWUyYmNmMTg2ZjI0LzEvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8wODkzZDAtZDFhMS00Mjc2LWE1YjctZWUyYmNmMTg2ZjI0
LzEvcmtJalM2eGhjU2NENDVpbTFiOEVqRnlmUURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAKcfghma
dqpoX9csWTvEH8Xyd8CXrtFL946ZkOYHNiu3X+E1OxEGJVFSeOXTS7fV7qp/gp47
qDX8jjsrnjEoYZzqpvutmqP6GgpUbyTLBIAlqx+yTnJqO7W+pvygIoJFpcrzvKi+
XYsTsaV8iPRtNq97mlLp+vyeJHJeo1AUGdO9THP4UPsBWvd4cV5KFM7U0Inm4ZdC
vW6iK3JnP7q4vV4SY25Dk0R+kf2++Ut93O5NHptyAfphNQF5Rn4Na5qFLCe4x12K
UEzv6zxB4qJrt7UJDMOho6xPcddvTawjWIvFu9aX5eN9t1EE/cqh+5rxVMvUfm7+
l6MzVQQOemKQHQ==
-----END CERTIFICATE-----