Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
File:                     0kvL9emk_kMp8iPBFFBykFOPnMI.mft (raw, json)
Hash identifier:          CRWHWjMxCaNbhAdTqc8VTmh+AJrMApJ1T3gKRxzjwZI=
Subject key identifier:   7F:F8:1D:24:35:1F:F0:71:6F:9F:37:CC:03:1F:4E:0E:7E:2A:8A:B2
Authority key identifier: D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2
Certificate issuer:       /CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
Certificate serial:       0196760C1E72ED389365BBC1C770A463F5F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
Manifest number:          105A
Signing time:             Sun 27 Apr 2025 07:00:27 +0000
Manifest this update:     Sun 27 Apr 2025 07:00:27 +0000
Manifest next update:     Mon 28 Apr 2025 07:00:27 +0000
Files and hashes:         1: 0kvL9emk_kMp8iPBFFBykFOPnMI.crl (hash: ngiDKm0w3hpxRmUrKf6sJmKLQcr8fOc8jHqybP+ASps=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:0c:1e:72:ed:38:93:65:bb:c1:c7:70:a4:63:f5:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d24bcbf5e9a4fe4329f223c114507290538f9cc2
        Validity
            Not Before: Apr 27 07:00:27 2025 GMT
            Not After : Apr 28 07:00:27 2025 GMT
        Subject: CN=7ff81d24351ff0716f9f37cc031f4e0e7e2a8ab2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:60:f9:e0:5a:25:76:52:97:59:a3:15:fd:af:
                    6b:e6:ca:d4:42:4f:91:89:85:68:23:c1:2d:86:c4:
                    22:12:4f:57:51:a3:c2:da:00:c8:f9:25:5f:ea:86:
                    fa:0a:0f:46:d7:78:fa:54:4c:d3:9d:f8:c1:4d:52:
                    d9:ce:b6:70:38:85:09:83:12:e6:bb:59:0f:1a:ed:
                    64:a6:78:4c:ea:1a:62:b1:3e:11:8e:cb:bf:90:7c:
                    89:76:26:a0:4c:df:f5:66:4a:5c:59:cd:14:89:92:
                    0f:17:92:14:4a:e5:f8:82:c8:68:8f:10:16:34:d3:
                    51:3e:49:56:9c:bd:b6:1a:e1:f4:13:0f:b5:ef:ab:
                    40:61:25:e1:35:4c:33:17:80:41:24:48:d7:ee:d4:
                    16:4e:2b:94:c7:ab:da:69:c0:13:02:43:55:a3:46:
                    b0:e4:8f:94:d2:73:cb:2b:29:25:e6:53:04:76:bd:
                    60:30:e0:3c:7c:e2:9e:54:f7:e7:a2:2a:09:e7:6a:
                    d8:c5:ec:7e:9d:89:74:76:2e:5c:cc:57:15:97:7b:
                    4c:5a:ed:ec:a5:80:23:13:55:fa:e4:3e:0e:61:e7:
                    8e:c3:6d:88:de:5e:aa:ce:bd:03:ab:49:d5:cb:15:
                    85:7b:ef:bb:0a:bb:58:00:9b:04:b0:c6:f5:f9:21:
                    ad:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:F8:1D:24:35:1F:F0:71:6F:9F:37:CC:03:1F:4E:0E:7E:2A:8A:B2
            X509v3 Authority Key Identifier:
                keyid:D2:4B:CB:F5:E9:A4:FE:43:29:F2:23:C1:14:50:72:90:53:8F:9C:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kvL9emk_kMp8iPBFFBykFOPnMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bc41a4-fc91-496f-a225-2e6e5e5f5d9b/1/0kvL9emk_kMp8iPBFFBykFOPnMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:cf:ca:e4:dd:81:e3:ba:51:37:89:9f:9c:d9:eb:16:64:8e:
         dc:7c:1a:c3:13:b8:aa:d9:87:9e:90:c8:fa:5a:0d:df:69:62:
         96:f2:08:d6:90:6f:d9:00:ed:8e:e5:c2:1d:e2:e4:bd:c1:05:
         51:68:33:4d:a9:2d:04:2a:83:d7:6f:56:cb:a9:c9:b9:22:f3:
         bb:43:83:7d:00:f4:be:5e:d2:a7:17:5d:d5:93:12:b4:29:0b:
         d0:eb:a2:fe:f5:96:b4:7c:25:7c:01:f7:b3:47:e4:29:49:d0:
         48:d2:e7:d2:d6:4e:bf:2e:fd:09:8e:32:86:14:5f:6e:f4:5d:
         42:a0:c1:6b:35:08:ff:28:8a:97:f4:d7:56:95:c0:26:78:ad:
         9c:4d:43:c4:a3:c7:d8:31:8b:0a:70:8b:2c:e1:e5:8b:57:2e:
         2e:e7:ea:a1:9b:d0:2f:28:28:2d:f8:58:4c:9a:46:6e:45:91:
         ef:ec:6b:e3:85:75:36:7b:4c:3f:b6:6b:b1:4c:48:05:ab:99:
         0f:aa:c2:db:54:84:d0:7b:7e:87:0e:c1:b0:bb:fb:9d:e0:83:
         22:21:05:55:42:8d:38:bf:e8:90:9c:7e:35:80:8d:70:01:7e:
         57:32:cb:cc:9d:60:ab:4b:5a:86:7f:2a:7b:62:2d:a9:03:25:
         b1:a4:3c:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2DB5y7TiTZbvBx3CkY/X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGJjYmY1ZTlhNGZlNDMyOWYyMjNjMTE0NTA3MjkwNTM4
ZjljYzIwHhcNMjUwNDI3MDcwMDI3WhcNMjUwNDI4MDcwMDI3WjAzMTEwLwYDVQQD
Eyg3ZmY4MWQyNDM1MWZmMDcxNmY5ZjM3Y2MwMzFmNGUwZTdlMmE4YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWD54FoldlKXWaMV/a9r5srUQk+R
iYVoI8EthsQiEk9XUaPC2gDI+SVf6ob6Cg9G13j6VEzTnfjBTVLZzrZwOIUJgxLm
u1kPGu1kpnhM6hpisT4Rjsu/kHyJdiagTN/1ZkpcWc0UiZIPF5IUSuX4gshojxAW
NNNRPklWnL22GuH0Ew+176tAYSXhNUwzF4BBJEjX7tQWTiuUx6vaacATAkNVo0aw
5I+U0nPLKykl5lMEdr1gMOA8fOKeVPfnoioJ52rYxex+nYl0di5czFcVl3tMWu3s
pYAjE1X65D4OYeeOw22I3l6qzr0Dq0nVyxWFe++7CrtYAJsEsMb1+SGt1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH/4HSQ1H/Bxb583zAMfTg5+KoqyMB8GA1UdIwQY
MBaAFNJLy/XppP5DKfIjwRRQcpBTj5zCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUt
MmU2ZTVlNWY1ZDliLzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iYzQxYTQtZmM5MS00OTZmLWEyMjUtMmU2ZTVlNWY1ZDli
LzEvMGt2TDllbWtfa01wOGlQQkZGQnlrRk9Qbk1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaM/K5N2B
47pRN4mfnNnrFmSO3HwawxO4qtmHnpDI+loN32lilvII1pBv2QDtjuXCHeLkvcEF
UWgzTaktBCqD129Wy6nJuSLzu0ODfQD0vl7Spxdd1ZMStCkL0Oui/vWWtHwlfAH3
s0fkKUnQSNLn0tZOvy79CY4yhhRfbvRdQqDBazUI/yiKl/TXVpXAJnitnE1DxKPH
2DGLCnCLLOHli1cuLufqoZvQLygoLfhYTJpGbkWR7+xr44V1NntMP7ZrsUxIBauZ
D6rC21SE0Ht+hw7BsLv7neCDIiEFVUKNOL/okJx+NYCNcAF+VzLLzJ1gq0tahn8q
e2ItqQMlsaQ87A==
-----END CERTIFICATE-----