Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          qbnCO2F0yncyOb61Es2vXNo3QkcjsvzyYXx+bt7gD8c=
Subject key identifier:   0A:C6:69:31:83:92:03:F9:A6:75:45:7E:F6:75:CB:DC:A6:59:5C:F2
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       019883C369E472E458CF8C4B45DD4B32079B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          0549
Signing time:             Thu 07 Aug 2025 09:01:18 +0000
Manifest this update:     Thu 07 Aug 2025 09:01:18 +0000
Manifest next update:     Fri 08 Aug 2025 09:01:18 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: 2PeQHXBZzHlRjmPxGvakUXoFzaaMQ0QzBOZeZi7Mze4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 08:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:83:c3:69:e4:72:e4:58:cf:8c:4b:45:dd:4b:32:07:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Aug  7 09:01:18 2025 GMT
            Not After : Aug  8 09:01:18 2025 GMT
        Subject: CN=0ac66931839203f9a675457ef675cbdca6595cf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:58:7d:4d:b7:50:64:60:20:64:b5:b8:88:57:
                    8a:87:44:86:db:36:16:e7:03:3d:a5:ca:e0:a7:45:
                    b4:7d:49:72:4d:87:c7:65:d2:09:ad:6c:97:cf:cc:
                    ba:55:43:3f:e8:f2:5c:fe:44:f6:84:bf:27:6e:52:
                    6e:40:09:ec:08:16:19:43:88:2b:bc:bc:31:df:47:
                    77:2b:d3:f7:15:b2:fa:83:77:5e:7a:c7:fd:30:29:
                    0b:19:d9:0f:4b:c7:a8:0a:fb:3d:11:da:e3:5d:38:
                    55:e5:40:b9:47:e1:81:b5:07:69:d4:4b:d0:ee:db:
                    93:d2:36:a1:93:54:48:2b:e5:26:28:39:1b:da:13:
                    4a:17:c5:ac:23:d2:a1:66:ef:d1:1b:fd:2f:b3:75:
                    7d:db:69:fc:7c:89:93:2a:1d:3a:fc:ce:b6:8b:98:
                    99:22:78:77:7c:8c:d5:1f:b6:9f:1c:e9:1f:95:38:
                    27:a5:40:e2:db:52:bc:39:fb:08:02:9b:16:75:aa:
                    2b:6e:dc:67:84:85:e1:0a:ed:9d:1e:5f:8d:ab:2c:
                    cf:4e:ed:58:62:c8:38:32:9a:4d:11:cb:ec:27:9b:
                    5c:b9:1a:4a:a9:3e:71:c3:2b:3a:53:a5:49:ce:c2:
                    fc:2e:9b:0f:2e:0e:6b:08:11:17:50:d8:48:07:3d:
                    87:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:C6:69:31:83:92:03:F9:A6:75:45:7E:F6:75:CB:DC:A6:59:5C:F2
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:84:ab:35:c0:59:0e:6d:c3:51:7e:71:95:ee:9f:d7:77:ae:
         df:c7:bd:16:c1:ce:86:0b:aa:fb:69:14:a9:81:46:b2:fa:50:
         68:ce:12:82:24:86:90:f5:d2:78:63:65:ef:15:55:01:55:57:
         0d:2f:2d:8b:05:93:10:bd:7c:79:28:c8:41:39:71:26:cd:dc:
         c9:97:36:a9:04:2c:20:86:d4:34:66:0d:48:13:b1:22:d5:63:
         d1:cf:06:83:69:1b:29:f5:be:98:d0:be:88:43:be:a4:a6:a2:
         08:87:dd:5e:bc:13:89:a9:5c:7e:e1:b4:ed:72:5b:01:22:d3:
         34:22:4b:87:47:42:d9:0a:7e:d8:c3:f7:7e:0d:51:00:a8:19:
         43:21:98:02:8c:a8:94:9f:b8:eb:b2:41:87:77:5b:d5:fb:34:
         d3:c0:27:33:a4:0b:c4:ab:40:a9:cd:96:58:d2:a7:6c:72:35:
         45:0e:fe:fc:25:b3:95:da:fb:ba:b1:46:dd:f4:14:36:f3:1c:
         db:63:63:b1:a6:9c:96:5b:40:45:85:1e:b6:1a:da:83:b4:ad:
         0b:3e:fa:2d:59:16:31:dd:31:8a:c3:02:ad:86:06:44:02:98:
         cd:85:6a:e8:0b:6a:d9:03:35:f3:69:dc:30:b1:d0:7a:5a:45:
         70:5e:2d:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiDw2nkcuRYz4xLRd1LMgebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUwODA3MDkwMTE4WhcNMjUwODA4MDkwMTE4WjAzMTEwLwYDVQQD
EygwYWM2NjkzMTgzOTIwM2Y5YTY3NTQ1N2VmNjc1Y2JkY2E2NTk1Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlh9TbdQZGAgZLW4iFeKh0SG2zYW
5wM9pcrgp0W0fUlyTYfHZdIJrWyXz8y6VUM/6PJc/kT2hL8nblJuQAnsCBYZQ4gr
vLwx30d3K9P3FbL6g3deesf9MCkLGdkPS8eoCvs9EdrjXThV5UC5R+GBtQdp1EvQ
7tuT0jahk1RIK+UmKDkb2hNKF8WsI9KhZu/RG/0vs3V922n8fImTKh06/M62i5iZ
Inh3fIzVH7afHOkflTgnpUDi21K8OfsIApsWdaorbtxnhIXhCu2dHl+NqyzPTu1Y
Ysg4MppNEcvsJ5tcuRpKqT5xwys6U6VJzsL8LpsPLg5rCBEXUNhIBz2HNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFArGaTGDkgP5pnVFfvZ1y9ymWVzyMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYSrNcBZ
Dm3DUX5xle6f13eu38e9FsHOhguq+2kUqYFGsvpQaM4SgiSGkPXSeGNl7xVVAVVX
DS8tiwWTEL18eSjIQTlxJs3cyZc2qQQsIIbUNGYNSBOxItVj0c8Gg2kbKfW+mNC+
iEO+pKaiCIfdXrwTialcfuG07XJbASLTNCJLh0dC2Qp+2MP3fg1RAKgZQyGYAoyo
lJ+467JBh3db1fs008AnM6QLxKtAqc2WWNKnbHI1RQ7+/CWzldr7urFG3fQUNvMc
22NjsaaclltARYUethrag7StCz76LVkWMd0xisMCrYYGRAKYzYVq6Atq2QM182nc
MLHQelpFcF4t8Q==
-----END CERTIFICATE-----