Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
File:                     KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft (raw, json)
Hash identifier:          8lFgRIuxRIN5pavPHYz/4FBhkPAvEcaYRZEvB2/D+4c=
Subject key identifier:   33:79:52:6E:29:90:F4:7E:F1:84:DD:56:42:75:F2:ED:7A:33:A0:B7
Authority key identifier: 29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9
Certificate issuer:       /CN=29f4340df71760574808300cb14fc1760faeccf9
Certificate serial:       0197692991EB4E1D1E036F43E204C3EB8662
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
Manifest number:          41
Signing time:             Fri 13 Jun 2025 12:00:21 +0000
Manifest this update:     Fri 13 Jun 2025 12:00:21 +0000
Manifest next update:     Sat 14 Jun 2025 12:00:21 +0000
Files and hashes:         1: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl (hash: ZYWATS4BnNdixBrjVd5aba19Ds/vVhxXOT10pwmteqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 12:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:29:91:eb:4e:1d:1e:03:6f:43:e2:04:c3:eb:86:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f4340df71760574808300cb14fc1760faeccf9
        Validity
            Not Before: Jun 13 12:00:21 2025 GMT
            Not After : Jun 14 12:00:21 2025 GMT
        Subject: CN=3379526e2990f47ef184dd564275f2ed7a33a0b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:07:32:5e:36:c4:8c:5c:79:d9:e3:4e:1c:94:
                    74:5c:e4:cf:6f:c3:e3:f4:d0:20:ca:f8:d5:56:83:
                    e3:98:0e:12:2b:06:20:3f:ef:5a:7d:7b:79:ef:2d:
                    e1:81:6f:31:69:e6:dd:4c:cb:4b:7c:fb:e5:75:ea:
                    93:89:39:01:a3:10:70:46:12:b9:d9:30:5a:7e:08:
                    60:85:3b:79:98:08:96:a1:f9:eb:02:b7:e5:61:60:
                    0b:98:f6:d1:c4:ab:fa:d1:77:6d:d3:d4:40:49:b1:
                    ca:cf:51:a2:b6:fe:f8:56:e4:8a:2e:01:57:78:aa:
                    53:78:2c:9b:39:1b:ce:e9:29:8f:75:5b:71:7b:1d:
                    42:5a:9b:77:d0:af:a1:18:94:ae:6b:ac:6f:87:25:
                    0b:60:e8:3d:9a:9a:82:eb:d8:47:4f:79:67:98:e1:
                    e1:99:02:5e:78:a0:42:4b:41:0b:0e:db:8f:2b:e0:
                    96:16:59:6f:b8:9a:40:da:56:33:a4:87:61:6f:3f:
                    70:04:ae:26:a6:1b:a5:07:1e:1c:c1:9c:31:6d:64:
                    75:9a:c2:d2:46:ba:1e:1c:f2:59:25:22:c5:79:00:
                    9c:f5:1d:98:ca:4f:13:9c:e2:32:29:3c:af:fc:91:
                    a3:64:50:b8:d4:6f:4c:5a:82:9b:0d:2d:b5:f9:0e:
                    3f:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:79:52:6E:29:90:F4:7E:F1:84:DD:56:42:75:F2:ED:7A:33:A0:B7
            X509v3 Authority Key Identifier:
                keyid:29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:a4:76:d4:c7:ab:43:9f:b5:59:0b:42:7d:13:bd:f8:28:4b:
         5e:6d:17:8d:b4:62:ef:ef:ff:c5:48:df:1a:37:dd:ae:6e:ec:
         d8:1b:bf:c3:1e:53:7d:e2:60:7f:e5:8e:75:46:8a:0b:77:88:
         38:a5:d0:39:fe:c9:15:5d:2b:69:d2:08:7e:a6:25:4b:3c:60:
         37:56:e2:de:54:73:a4:75:bb:aa:f1:23:5f:8e:59:e4:30:ce:
         a3:aa:eb:2a:47:99:ab:1a:9d:e1:f8:fa:37:9c:ed:60:56:ae:
         3b:62:21:03:df:a1:84:ed:23:09:85:75:33:ee:99:47:fa:a7:
         76:40:14:8b:4e:58:43:09:7e:8a:d8:33:8f:50:ca:55:a9:6e:
         82:6b:d4:d4:75:05:70:43:65:ed:f8:8c:2b:1c:1a:b4:b1:ef:
         45:a0:c8:d7:97:2d:3d:19:61:f3:8d:04:7c:76:18:4b:db:49:
         28:e0:d5:4e:58:61:30:11:f7:6a:c8:06:30:ed:2c:44:99:c8:
         90:fc:67:12:75:19:c1:e6:b6:26:67:cf:23:1a:2d:bf:43:80:
         a2:74:2d:85:c6:d0:c2:76:8e:22:29:d6:76:8c:2a:3a:84:e4:
         bd:5a:2a:d2:ec:08:84:05:5e:06:40:57:5b:91:3f:de:75:71:
         cb:e7:f0:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpKZHrTh0eA29D4gTD64ZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjQzNDBkZjcxNzYwNTc0ODA4MzAwY2IxNGZjMTc2MGZh
ZWNjZjkwHhcNMjUwNjEzMTIwMDIxWhcNMjUwNjE0MTIwMDIxWjAzMTEwLwYDVQQD
EygzMzc5NTI2ZTI5OTBmNDdlZjE4NGRkNTY0Mjc1ZjJlZDdhMzNhMGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAcyXjbEjFx52eNOHJR0XOTPb8Pj
9NAgyvjVVoPjmA4SKwYgP+9afXt57y3hgW8xaebdTMtLfPvldeqTiTkBoxBwRhK5
2TBafghghTt5mAiWofnrArflYWALmPbRxKv60Xdt09RASbHKz1Gitv74VuSKLgFX
eKpTeCybORvO6SmPdVtxex1CWpt30K+hGJSua6xvhyULYOg9mpqC69hHT3lnmOHh
mQJeeKBCS0ELDtuPK+CWFllvuJpA2lYzpIdhbz9wBK4mphulBx4cwZwxbWR1msLS
RroeHPJZJSLFeQCc9R2Yyk8TnOIyKTyv/JGjZFC41G9MWoKbDS21+Q4/IwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDN5Um4pkPR+8YTdVkJ18u16M6C3MB8GA1UdIwQY
MBaAFCn0NA33F2BXSAgwDLFPwXYPrsz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEt
Nzk1YzNhNjEyZThiLzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEtNzk1YzNhNjEyZThi
LzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdqR21Mer
Q5+1WQtCfRO9+ChLXm0XjbRi7+//xUjfGjfdrm7s2Bu/wx5TfeJgf+WOdUaKC3eI
OKXQOf7JFV0radIIfqYlSzxgN1bi3lRzpHW7qvEjX45Z5DDOo6rrKkeZqxqd4fj6
N5ztYFauO2IhA9+hhO0jCYV1M+6ZR/qndkAUi05YQwl+itgzj1DKValugmvU1HUF
cENl7fiMKxwatLHvRaDI15ctPRlh840EfHYYS9tJKODVTlhhMBH3asgGMO0sRJnI
kPxnEnUZwea2JmfPIxotv0OAonQthcbQwnaOIinWdowqOoTkvVoq0uwIhAVeBkBX
W5E/3nVxy+fwiQ==
-----END CERTIFICATE-----