Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d76c43-dd6d-4986-898f-193814d843d4/1/kiYrQ-lHhUb8DhN16LHguv1q3lA.mft
File:                     kiYrQ-lHhUb8DhN16LHguv1q3lA.mft (raw, json)
Hash identifier:          sDUreBM/mpICQey3brzTthWmmkgMWHSR7z7Q3WAX/C0=
Subject key identifier:   70:EF:1C:39:39:38:5D:02:5D:1E:E7:60:D7:F1:91:38:29:1D:A4:E5
Authority key identifier: 92:26:2B:43:E9:47:85:46:FC:0E:13:75:E8:B1:E0:BA:FD:6A:DE:50
Certificate issuer:       /CN=92262b43e9478546fc0e1375e8b1e0bafd6ade50
Certificate serial:       019693DF5BA0D8FEF3F6E43D70CC6375BC66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiYrQ-lHhUb8DhN16LHguv1q3lA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/d76c43-dd6d-4986-898f-193814d843d4/1/kiYrQ-lHhUb8DhN16LHguv1q3lA.mft
Manifest number:          151B
Signing time:             Sat 03 May 2025 02:00:10 +0000
Manifest this update:     Sat 03 May 2025 02:00:10 +0000
Manifest next update:     Sun 04 May 2025 02:00:10 +0000
Files and hashes:         1: kiYrQ-lHhUb8DhN16LHguv1q3lA.crl (hash: i9wZP0vkFxe/PCzqm7wiYYZZGUSsbKku3gfZODFvEOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/d76c43-dd6d-4986-898f-193814d843d4/1/kiYrQ-lHhUb8DhN16LHguv1q3lA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/d76c43-dd6d-4986-898f-193814d843d4/1/kiYrQ-lHhUb8DhN16LHguv1q3lA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kiYrQ-lHhUb8DhN16LHguv1q3lA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 May 2025 02:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:93:df:5b:a0:d8:fe:f3:f6:e4:3d:70:cc:63:75:bc:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92262b43e9478546fc0e1375e8b1e0bafd6ade50
        Validity
            Not Before: May  3 02:00:10 2025 GMT
            Not After : May  4 02:00:10 2025 GMT
        Subject: CN=70ef1c3939385d025d1ee760d7f19138291da4e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f6:fd:cb:73:82:17:13:42:bd:50:a9:0f:da:
                    6d:8f:7d:88:a2:47:8d:1f:ff:c6:ac:48:04:f7:c5:
                    dd:cb:00:9c:98:0e:f5:2a:9f:74:f8:60:56:2a:3f:
                    76:73:7a:75:77:bd:69:e0:e1:a2:c3:08:c1:b2:e4:
                    f0:50:91:00:8f:c3:02:a3:f4:f4:af:fc:a8:e5:d9:
                    28:46:f9:f3:a2:f7:80:63:60:a0:ff:13:ea:55:89:
                    a8:c1:ca:65:12:a6:49:a7:d8:4c:e9:81:d5:e2:30:
                    a8:e7:65:d8:1b:ac:7c:d4:7e:1c:10:77:15:bb:11:
                    3a:d1:63:20:34:f8:20:41:d8:7f:44:bd:f1:eb:de:
                    7e:bf:36:3f:0f:f1:5d:92:d9:55:3b:51:a5:0f:90:
                    c9:4a:fe:0c:5f:3f:85:64:f0:de:65:e1:8f:d3:8d:
                    f4:b8:0e:c4:18:2d:12:ce:36:53:36:9c:d8:42:3d:
                    71:27:45:83:ed:87:00:1a:be:b4:63:2c:28:0c:fa:
                    a5:07:ea:30:13:72:a7:b1:43:11:1d:bb:4c:db:7d:
                    42:7a:53:4a:de:a7:f0:b0:e9:b3:55:48:49:b5:34:
                    5b:a6:0e:36:0e:8b:bc:58:63:e4:4c:f4:26:c1:f4:
                    38:5e:95:77:b8:ff:c7:f2:12:06:ca:62:e9:74:22:
                    1a:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:EF:1C:39:39:38:5D:02:5D:1E:E7:60:D7:F1:91:38:29:1D:A4:E5
            X509v3 Authority Key Identifier:
                keyid:92:26:2B:43:E9:47:85:46:FC:0E:13:75:E8:B1:E0:BA:FD:6A:DE:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiYrQ-lHhUb8DhN16LHguv1q3lA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d76c43-dd6d-4986-898f-193814d843d4/1/kiYrQ-lHhUb8DhN16LHguv1q3lA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d76c43-dd6d-4986-898f-193814d843d4/1/kiYrQ-lHhUb8DhN16LHguv1q3lA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:3c:0c:7d:09:61:02:79:f7:b6:98:f5:46:78:79:25:d7:5e:
         f3:28:07:ce:03:58:05:06:db:e8:b7:ed:c3:a0:91:dc:de:20:
         47:75:b3:22:5b:86:74:e7:1f:8a:e2:29:5a:a5:c3:e3:f2:29:
         64:cc:e9:68:a4:19:8b:bd:47:47:c7:9c:8e:e4:26:5e:1f:e3:
         83:65:1b:32:da:01:54:0e:48:bc:24:e2:ba:e7:20:ed:0d:43:
         bd:e4:ff:20:d2:44:a3:e8:ad:34:dd:08:0b:7b:79:c1:04:0f:
         a6:44:48:ee:c8:08:a3:e8:51:07:2e:65:67:41:b7:fd:86:75:
         40:1e:98:90:75:b8:40:d8:3d:c9:4e:e7:a5:10:34:9c:5f:f0:
         58:cd:a9:d2:f0:70:57:0c:4c:34:e2:06:cf:9b:3b:1d:00:e4:
         8e:a3:c3:df:ad:89:7f:55:51:27:6b:1d:09:54:b9:05:7f:61:
         43:82:d7:68:64:1e:50:cc:5d:2f:56:d8:cd:98:b6:d2:dc:95:
         9f:74:4e:f5:4f:f7:8a:c9:ad:fb:08:f0:1b:62:de:43:b4:99:
         fd:cc:dd:fb:ef:49:d1:e2:75:bf:28:0c:a0:e4:48:45:c2:65:
         79:f2:90:16:e6:28:41:99:9d:0e:59:1b:c1:e4:ce:f4:cd:15:
         4e:08:92:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaT31ug2P7z9uQ9cMxjdbxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjYyYjQzZTk0Nzg1NDZmYzBlMTM3NWU4YjFlMGJhZmQ2
YWRlNTAwHhcNMjUwNTAzMDIwMDEwWhcNMjUwNTA0MDIwMDEwWjAzMTEwLwYDVQQD
Eyg3MGVmMWMzOTM5Mzg1ZDAyNWQxZWU3NjBkN2YxOTEzODI5MWRhNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/b9y3OCFxNCvVCpD9ptj32IokeN
H//GrEgE98XdywCcmA71Kp90+GBWKj92c3p1d71p4OGiwwjBsuTwUJEAj8MCo/T0
r/yo5dkoRvnzoveAY2Cg/xPqVYmowcplEqZJp9hM6YHV4jCo52XYG6x81H4cEHcV
uxE60WMgNPggQdh/RL3x695+vzY/D/FdktlVO1GlD5DJSv4MXz+FZPDeZeGP0430
uA7EGC0SzjZTNpzYQj1xJ0WD7YcAGr60YywoDPqlB+owE3KnsUMRHbtM231CelNK
3qfwsOmzVUhJtTRbpg42Dou8WGPkTPQmwfQ4XpV3uP/H8hIGymLpdCIaXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDvHDk5OF0CXR7nYNfxkTgpHaTlMB8GA1UdIwQY
MBaAFJImK0PpR4VG/A4Tdeix4Lr9at5QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lZclEtbEhoVWI4RGhOMTZMSGd1djFxM2xBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kNzZjNDMtZGQ2ZC00OTg2LTg5OGYt
MTkzODE0ZDg0M2Q0LzEva2lZclEtbEhoVWI4RGhOMTZMSGd1djFxM2xBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kNzZjNDMtZGQ2ZC00OTg2LTg5OGYtMTkzODE0ZDg0M2Q0
LzEva2lZclEtbEhoVWI4RGhOMTZMSGd1djFxM2xBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQjwMfQlh
Ann3tpj1Rnh5Jdde8ygHzgNYBQbb6Lftw6CR3N4gR3WzIluGdOcfiuIpWqXD4/Ip
ZMzpaKQZi71HR8ecjuQmXh/jg2UbMtoBVA5IvCTiuucg7Q1DveT/INJEo+itNN0I
C3t5wQQPpkRI7sgIo+hRBy5lZ0G3/YZ1QB6YkHW4QNg9yU7npRA0nF/wWM2p0vBw
VwxMNOIGz5s7HQDkjqPD362Jf1VRJ2sdCVS5BX9hQ4LXaGQeUMxdL1bYzZi20tyV
n3RO9U/3ismt+wjwG2LeQ7SZ/czd++9J0eJ1vygMoORIRcJlefKQFuYoQZmdDlkb
weTO9M0VTgiS9Q==
-----END CERTIFICATE-----