Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
File:                     k-DpokYd9Py54i53cLJhOgckE4g.mft (raw, json)
Hash identifier:          P2C+PHR31PZRqsRW+gk8PWm6YQdQ9thLLSYVEeK7IDo=
Subject key identifier:   AB:AC:59:D1:11:74:E0:B3:C4:31:3B:E5:6F:62:F0:00:46:85:79:3C
Authority key identifier: 93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88
Certificate issuer:       /CN=93e0e9a2461df4fcb9e22e7770b2613a07241388
Certificate serial:       01968BEF088B5E5B5BBA624B9394AC15D66D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
Manifest number:          14A9
Signing time:             Thu 01 May 2025 13:00:20 +0000
Manifest this update:     Thu 01 May 2025 13:00:20 +0000
Manifest next update:     Fri 02 May 2025 13:00:20 +0000
Files and hashes:         1: k-DpokYd9Py54i53cLJhOgckE4g.crl (hash: M/7/2EC8y1KYTieDCCB5HfxSjoaIOXvSS8wHEArEvME=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 13:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8b:ef:08:8b:5e:5b:5b:ba:62:4b:93:94:ac:15:d6:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93e0e9a2461df4fcb9e22e7770b2613a07241388
        Validity
            Not Before: May  1 13:00:20 2025 GMT
            Not After : May  2 13:00:20 2025 GMT
        Subject: CN=abac59d11174e0b3c4313be56f62f0004685793c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c5:75:c3:78:c7:14:9a:d7:a3:46:ac:bf:75:
                    1d:f0:c3:0c:d1:8e:c3:62:de:7c:c2:38:0c:5b:c4:
                    82:2a:2c:41:81:af:15:0b:9d:3c:c7:65:36:80:bf:
                    1f:9c:71:d5:c9:7c:c8:fd:eb:2a:75:9d:de:73:4a:
                    7a:03:b9:47:92:c2:f9:af:d8:3b:57:b4:60:d4:2b:
                    73:be:3b:8a:f8:90:11:79:f0:7c:5b:b7:7f:6d:62:
                    8e:a4:66:3c:45:60:43:12:45:26:d7:b7:08:ef:d2:
                    3b:f1:f5:5f:c7:6c:8e:4c:a4:c1:ef:92:af:6a:e2:
                    81:e4:b4:f9:20:6d:39:9e:c1:63:b6:9e:67:b0:be:
                    65:94:38:f5:60:67:08:43:16:32:f1:37:ad:2c:b9:
                    e9:b4:03:8e:8b:43:e4:0f:83:b4:8a:7f:ff:37:92:
                    97:32:2a:05:c2:fa:1d:05:1c:14:6a:9d:e8:bc:b8:
                    99:fd:d5:15:6b:67:69:90:6a:35:32:13:44:7b:70:
                    ed:9d:fa:1b:2d:3e:b9:d8:67:1f:ec:7c:ce:ea:31:
                    c8:88:42:ff:69:0c:66:ec:b7:5e:1e:62:d8:51:9c:
                    5a:05:09:1b:e7:b2:0b:5b:5c:7e:9f:b5:c1:8b:26:
                    4f:db:7b:ef:4b:0d:7f:1d:c2:6e:db:ed:e0:5b:c3:
                    ce:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:AC:59:D1:11:74:E0:B3:C4:31:3B:E5:6F:62:F0:00:46:85:79:3C
            X509v3 Authority Key Identifier:
                keyid:93:E0:E9:A2:46:1D:F4:FC:B9:E2:2E:77:70:B2:61:3A:07:24:13:88

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-DpokYd9Py54i53cLJhOgckE4g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/41e584-9cf7-4c62-9f61-0e2e36019849/1/k-DpokYd9Py54i53cLJhOgckE4g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:b1:42:65:5f:42:e8:86:31:59:6b:2c:df:a6:97:7f:72:6e:
         be:b1:b3:bc:ac:e1:23:e8:3e:46:29:9a:46:b7:ca:15:a2:5a:
         b1:94:99:ad:30:ed:56:02:95:a9:78:18:e8:7d:1b:42:69:66:
         6b:a8:19:50:90:02:56:4a:36:0b:05:8d:f4:1d:ed:20:2c:f8:
         ea:03:dc:5d:d6:1b:a4:5c:0c:c1:1d:a0:5b:cd:70:26:ce:af:
         63:2a:b2:59:d2:09:e7:a9:a8:2f:41:ac:c8:6a:4f:14:9f:96:
         eb:8a:74:5e:a3:5d:d3:c1:7b:aa:84:66:0b:5e:48:50:6d:e4:
         62:ba:f6:1e:d0:d5:75:0b:3d:00:aa:92:9d:83:ba:91:fa:f3:
         87:9e:9d:3d:51:f8:2d:3d:55:50:3c:16:48:5a:34:27:46:38:
         51:98:04:01:7b:a0:d5:9b:c3:a7:8a:e1:e1:1b:e3:1e:4c:5f:
         84:72:bc:a3:e0:78:e8:cd:1b:77:37:6f:89:10:6c:53:13:d2:
         ab:2b:da:ef:e4:e2:c5:5f:68:a2:46:67:4b:04:33:36:78:9d:
         a1:cc:ad:86:e7:de:25:03:7c:2c:99:f8:7a:d5:ae:96:45:1a:
         c1:77:f6:a8:46:a4:56:73:d7:f8:3c:71:87:3c:bc:49:e9:15:
         2e:37:65:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaL7wiLXltbumJLk5SsFdZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZTBlOWEyNDYxZGY0ZmNiOWUyMmU3NzcwYjI2MTNhMDcy
NDEzODgwHhcNMjUwNTAxMTMwMDIwWhcNMjUwNTAyMTMwMDIwWjAzMTEwLwYDVQQD
EyhhYmFjNTlkMTExNzRlMGIzYzQzMTNiZTU2ZjYyZjAwMDQ2ODU3OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocV1w3jHFJrXo0asv3Ud8MMM0Y7D
Yt58wjgMW8SCKixBga8VC508x2U2gL8fnHHVyXzI/esqdZ3ec0p6A7lHksL5r9g7
V7Rg1CtzvjuK+JARefB8W7d/bWKOpGY8RWBDEkUm17cI79I78fVfx2yOTKTB75Kv
auKB5LT5IG05nsFjtp5nsL5llDj1YGcIQxYy8TetLLnptAOOi0PkD4O0in//N5KX
MioFwvodBRwUap3ovLiZ/dUVa2dpkGo1MhNEe3DtnfobLT652Gcf7HzO6jHIiEL/
aQxm7LdeHmLYUZxaBQkb57ILW1x+n7XBiyZP23vvSw1/HcJu2+3gW8POLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKusWdERdOCzxDE75W9i8ABGhXk8MB8GA1UdIwQY
MBaAFJPg6aJGHfT8ueIud3CyYToHJBOIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEt
MGUyZTM2MDE5ODQ5LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC80MWU1ODQtOWNmNy00YzYyLTlmNjEtMGUyZTM2MDE5ODQ5
LzEvay1EcG9rWWQ5UHk1NGk1M2NMSmhPZ2NrRTRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAALFCZV9C
6IYxWWss36aXf3JuvrGzvKzhI+g+RimaRrfKFaJasZSZrTDtVgKVqXgY6H0bQmlm
a6gZUJACVko2CwWN9B3tICz46gPcXdYbpFwMwR2gW81wJs6vYyqyWdIJ56moL0Gs
yGpPFJ+W64p0XqNd08F7qoRmC15IUG3kYrr2HtDVdQs9AKqSnYO6kfrzh56dPVH4
LT1VUDwWSFo0J0Y4UZgEAXug1ZvDp4rh4RvjHkxfhHK8o+B46M0bdzdviRBsUxPS
qyva7+TixV9ookZnSwQzNnidocythufeJQN8LJn4etWulkUawXf2qEakVnPX+Dxx
hzy8SekVLjdlBg==
-----END CERTIFICATE-----