Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          a/qBbqThAHHHua0O7BB19jnaxcbnHC6k9+hfXUEGsH0=
Subject key identifier:   65:FD:2D:B3:0B:2E:F0:EF:CC:FF:60:38:98:32:DC:D6:CF:08:2A:CD
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       01967868F1257A24CF0749682F4A74A133B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          043A
Signing time:             Sun 27 Apr 2025 18:01:05 +0000
Manifest this update:     Sun 27 Apr 2025 18:01:05 +0000
Manifest next update:     Mon 28 Apr 2025 18:01:05 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: e4VzHg4xAbFy24xyx6j47umnM7Ji9TlQcV7NuojULqs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:68:f1:25:7a:24:cf:07:49:68:2f:4a:74:a1:33:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Apr 27 18:01:05 2025 GMT
            Not After : Apr 28 18:01:05 2025 GMT
        Subject: CN=65fd2db30b2ef0efccff60389832dcd6cf082acd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:9f:65:01:b9:49:93:31:a6:c0:b5:99:6e:d7:
                    a0:03:62:29:df:14:e7:1c:95:59:2c:9d:0b:5a:d0:
                    48:d9:d9:a9:a9:f2:34:33:01:c9:8d:c7:f5:51:cc:
                    71:34:2a:97:3b:c2:2b:09:f3:03:a0:34:bc:1b:7e:
                    6d:cd:f6:d6:15:0d:bd:fb:21:e5:5d:b4:ae:b8:d3:
                    14:55:d1:00:56:e7:18:3c:7d:dc:f2:50:fd:43:ad:
                    e1:72:93:a2:44:04:1c:33:4c:51:91:9e:cf:ec:29:
                    a2:8b:02:9f:b1:9d:de:41:7a:d7:57:c5:75:fb:d8:
                    c1:58:c5:b1:f7:ef:48:ff:8a:79:0a:0a:9e:6f:8c:
                    34:8f:4b:b3:62:39:be:10:89:c1:ec:cb:52:66:70:
                    56:bc:62:b3:3d:98:fd:5a:8e:91:60:a4:7f:da:6d:
                    3f:2a:d0:6e:3b:bf:5c:b4:5c:cd:ef:8c:80:fc:87:
                    f3:1e:b8:ab:05:e0:bd:2d:7c:42:29:0c:bb:17:04:
                    93:b6:4d:33:8a:20:74:b8:34:55:a8:0b:c7:83:88:
                    ae:d8:0d:ae:eb:95:42:4d:dd:6e:1c:f1:66:af:27:
                    71:a7:d3:52:f2:b9:23:0f:bf:36:a3:d8:25:38:8c:
                    ff:e2:ac:7f:c9:2e:2b:f8:b8:c1:6e:d4:0e:4e:35:
                    38:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:FD:2D:B3:0B:2E:F0:EF:CC:FF:60:38:98:32:DC:D6:CF:08:2A:CD
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:47:14:99:79:8a:06:6a:9e:aa:a9:29:b9:36:7f:9b:3e:bf:
         66:7c:77:61:a9:08:1d:21:18:96:d5:35:71:c7:78:19:5a:57:
         a3:a6:65:27:f9:91:83:c2:99:15:51:8a:f9:f6:2e:d7:1e:5a:
         6f:38:d8:78:b0:a5:44:8b:6a:8c:62:f5:a5:91:02:26:d2:21:
         e0:76:1f:94:7d:91:0b:0d:e8:41:df:58:3b:08:e0:04:19:9b:
         c7:ca:46:08:dd:7a:10:f5:58:93:65:2a:31:31:fb:75:8d:82:
         a7:a3:ed:1b:12:10:72:80:81:e5:07:5d:a1:83:35:69:d9:18:
         79:e4:1e:9a:38:49:78:7e:79:5b:9b:4e:07:5f:20:e9:77:94:
         56:fb:dc:d2:16:09:f9:e9:f5:ab:1c:53:31:15:c6:da:d8:42:
         3e:9a:7e:1f:cd:21:a6:ca:46:09:7c:99:2d:ac:5f:81:e3:6b:
         9e:dd:ee:cf:76:05:dc:c8:78:e9:df:aa:ab:9c:fe:68:bf:05:
         56:9f:70:f6:db:99:76:10:57:4d:84:c0:da:39:a4:36:34:ab:
         79:9e:77:b4:a1:9e:1c:63:4b:53:07:59:d7:bd:6c:eb:a4:98:
         15:93:83:a7:2b:b4:d3:2a:d5:c1:e3:75:ee:ea:16:07:7e:74:
         1b:9f:06:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ4aPEleiTPB0loL0p0oTO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjUwNDI3MTgwMTA1WhcNMjUwNDI4MTgwMTA1WjAzMTEwLwYDVQQD
Eyg2NWZkMmRiMzBiMmVmMGVmY2NmZjYwMzg5ODMyZGNkNmNmMDgyYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ9lAblJkzGmwLWZbtegA2Ip3xTn
HJVZLJ0LWtBI2dmpqfI0MwHJjcf1UcxxNCqXO8IrCfMDoDS8G35tzfbWFQ29+yHl
XbSuuNMUVdEAVucYPH3c8lD9Q63hcpOiRAQcM0xRkZ7P7CmiiwKfsZ3eQXrXV8V1
+9jBWMWx9+9I/4p5Cgqeb4w0j0uzYjm+EInB7MtSZnBWvGKzPZj9Wo6RYKR/2m0/
KtBuO79ctFzN74yA/IfzHrirBeC9LXxCKQy7FwSTtk0ziiB0uDRVqAvHg4iu2A2u
65VCTd1uHPFmrydxp9NS8rkjD782o9glOIz/4qx/yS4r+LjBbtQOTjU4HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGX9LbMLLvDvzP9gOJgy3NbPCCrNMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVUcUmXmK
BmqeqqkpuTZ/mz6/Znx3YakIHSEYltU1ccd4GVpXo6ZlJ/mRg8KZFVGK+fYu1x5a
bzjYeLClRItqjGL1pZECJtIh4HYflH2RCw3oQd9YOwjgBBmbx8pGCN16EPVYk2Uq
MTH7dY2Cp6PtGxIQcoCB5QddoYM1adkYeeQemjhJeH55W5tOB18g6XeUVvvc0hYJ
+en1qxxTMRXG2thCPpp+H80hpspGCXyZLaxfgeNrnt3uz3YF3Mh46d+qq5z+aL8F
Vp9w9tuZdhBXTYTA2jmkNjSreZ53tKGeHGNLUwdZ171s66SYFZODpyu00yrVweN1
7uoWB350G58GfQ==
-----END CERTIFICATE-----