Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
File:                     kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json)
Hash identifier:          FzQXxj/o+C4u9Xmj4Wipjlxvs/W4X1j1AAYLp7en1Xo=
Subject key identifier:   2A:6E:17:BB:EA:E7:07:DE:76:C7:86:0D:4D:31:51:82:C3:72:7B:83
Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
Certificate issuer:       /CN=91d338370e10627a4cd631e3fde186e194898c81
Certificate serial:       01976D06B1D01EC99CE599510B5332A2D200
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
Manifest number:          0B7A
Signing time:             Sat 14 Jun 2025 06:00:44 +0000
Manifest this update:     Sat 14 Jun 2025 06:00:44 +0000
Manifest next update:     Sun 15 Jun 2025 06:00:44 +0000
Files and hashes:         1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: B+K6mO6BUIgZB+bXu2xVZWFgEMb3EQ2Hj3iXGtpopM8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:06:b1:d0:1e:c9:9c:e5:99:51:0b:53:32:a2:d2:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81
        Validity
            Not Before: Jun 14 06:00:44 2025 GMT
            Not After : Jun 15 06:00:44 2025 GMT
        Subject: CN=2a6e17bbeae707de76c7860d4d315182c3727b83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:29:53:2d:6c:15:55:c5:a3:29:28:b7:d6:9e:
                    74:d7:ed:a8:8f:c0:dc:50:5b:56:87:d1:52:5e:a0:
                    be:a2:3b:7f:67:0c:92:7a:83:5d:b6:c0:a5:2a:40:
                    30:1a:4d:09:03:ef:63:49:b6:46:57:e7:d8:71:41:
                    15:0a:e4:1d:35:83:a5:d8:b7:4e:fb:41:03:43:8b:
                    5d:5a:8e:ef:cd:d5:d6:9b:9b:f2:48:40:32:42:7b:
                    79:18:f6:eb:b1:9b:d1:ba:37:10:02:92:22:5c:04:
                    e4:1e:0b:2b:37:ea:18:98:e2:ad:ef:3d:fe:a6:7e:
                    55:fa:20:5a:bd:0b:fe:47:67:eb:b3:d9:b2:f7:92:
                    ca:5e:62:5b:64:10:8b:f6:6c:05:50:58:bc:3a:4e:
                    e8:6a:66:f4:7a:7d:26:fa:8a:ed:33:cd:75:a8:8d:
                    87:d0:1a:01:8f:29:16:3f:f2:1f:4a:fa:4d:b5:85:
                    ab:84:e0:76:bb:94:dd:5b:28:7e:5f:c1:2f:6b:a3:
                    3e:25:26:13:33:16:1f:14:26:d7:d6:d9:b6:45:9f:
                    b7:31:0e:f5:d1:0e:2b:25:bd:9b:53:00:4f:3b:83:
                    7e:0f:77:e8:e8:ec:48:cb:3d:2c:34:d6:40:a0:b7:
                    b5:8c:b2:a5:73:9d:8c:4d:82:06:49:94:f3:d5:a1:
                    27:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:6E:17:BB:EA:E7:07:DE:76:C7:86:0D:4D:31:51:82:C3:72:7B:83
            X509v3 Authority Key Identifier:
                keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:6f:68:c7:e6:91:22:f8:96:0f:53:04:e9:1c:18:03:9c:79:
         e6:3a:57:a2:9f:0e:2b:71:df:02:34:3c:c0:c2:22:50:40:0c:
         09:80:b2:a6:08:37:23:a6:cf:36:a1:e7:76:55:98:6f:17:a5:
         6b:20:2b:d1:94:d1:06:58:df:f4:15:69:7b:b0:90:4d:bb:b1:
         39:11:85:48:ac:f9:8e:91:d6:40:a1:d1:37:51:ec:11:62:3e:
         89:70:4c:90:94:57:49:03:01:80:92:81:5c:e1:4c:c6:0b:8f:
         56:4b:14:bd:c0:d5:5f:df:41:f7:f9:5c:1d:a7:65:a7:b3:3f:
         79:0b:fd:f6:28:43:db:f5:1d:79:99:bd:a5:42:06:5d:5c:8e:
         25:b5:ba:d7:0e:0b:ea:32:46:79:0f:a7:cd:33:34:3d:10:94:
         dd:3c:da:9b:5d:ee:a8:22:26:dc:db:25:32:d6:fa:c9:a4:53:
         d4:fb:33:14:36:6c:7c:3f:d4:7e:ca:8d:8e:38:b3:48:19:85:
         7d:99:a7:d8:c0:93:35:93:88:dd:bd:f4:13:b0:e3:f8:86:57:
         fc:72:05:50:f2:6f:86:ee:c0:bd:20:1a:ea:be:0d:6d:d3:20:
         ec:fb:d2:5f:c5:39:fb:7a:6f:dd:20:b1:8a:65:c9:d4:8e:9c:
         b3:40:cd:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtBrHQHsmc5ZlRC1MyotIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4
OThjODEwHhcNMjUwNjE0MDYwMDQ0WhcNMjUwNjE1MDYwMDQ0WjAzMTEwLwYDVQQD
EygyYTZlMTdiYmVhZTcwN2RlNzZjNzg2MGQ0ZDMxNTE4MmMzNzI3YjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqylTLWwVVcWjKSi31p501+2oj8Dc
UFtWh9FSXqC+ojt/ZwySeoNdtsClKkAwGk0JA+9jSbZGV+fYcUEVCuQdNYOl2LdO
+0EDQ4tdWo7vzdXWm5vySEAyQnt5GPbrsZvRujcQApIiXATkHgsrN+oYmOKt7z3+
pn5V+iBavQv+R2frs9my95LKXmJbZBCL9mwFUFi8Ok7oamb0en0m+ortM811qI2H
0BoBjykWP/IfSvpNtYWrhOB2u5TdWyh+X8Eva6M+JSYTMxYfFCbX1tm2RZ+3MQ71
0Q4rJb2bUwBPO4N+D3fo6OxIyz0sNNZAoLe1jLKlc52MTYIGSZTz1aEnVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpuF7vq5wfedseGDU0xUYLDcnuDMB8GA1UdIwQY
MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt
MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0
LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgG9ox+aR
IviWD1ME6RwYA5x55jpXop8OK3HfAjQ8wMIiUEAMCYCypgg3I6bPNqHndlWYbxel
ayAr0ZTRBljf9BVpe7CQTbuxORGFSKz5jpHWQKHRN1HsEWI+iXBMkJRXSQMBgJKB
XOFMxguPVksUvcDVX99B9/lcHadlp7M/eQv99ihD2/UdeZm9pUIGXVyOJbW61w4L
6jJGeQ+nzTM0PRCU3Tzam13uqCIm3NslMtb6yaRT1PszFDZsfD/UfsqNjjizSBmF
fZmn2MCTNZOI3b30E7Dj+IZX/HIFUPJvhu7AvSAa6r4NbdMg7PvSX8U5+3pv3SCx
imXJ1I6cs0DNuQ==
-----END CERTIFICATE-----