Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
File:                     kyIxLx0huzs4bKOqlzrGzSVLcDk.mft (raw, json)
Hash identifier:          hY7rxcED479r4LU0CRwbjB2pMVa1PP2m5bJBWRf3j/Q=
Subject key identifier:   E1:F3:D5:B4:5E:0C:53:D7:41:ED:E0:60:0D:92:D6:D4:01:3E:C0:3D
Authority key identifier: 93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39
Certificate issuer:       /CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
Certificate serial:       019676B0AD540A623032BADE637D52A6DCCF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
Manifest number:          150B
Signing time:             Sun 27 Apr 2025 10:00:12 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:12 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:12 +0000
Files and hashes:         1: kyIxLx0huzs4bKOqlzrGzSVLcDk.crl (hash: A6j3kyWEKUHhXBgh/glzmyJ9IOgEIhiK3SrLrwaCunQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:ad:54:0a:62:30:32:ba:de:63:7d:52:a6:dc:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
        Validity
            Not Before: Apr 27 10:00:12 2025 GMT
            Not After : Apr 28 10:00:12 2025 GMT
        Subject: CN=e1f3d5b45e0c53d741ede0600d92d6d4013ec03d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:24:cf:fd:3a:32:4b:b5:e6:3a:47:fc:87:ba:
                    34:13:0f:b0:b2:ed:e3:94:f2:41:18:d7:ef:3c:17:
                    68:b0:22:11:29:b8:93:07:19:83:05:11:65:02:3f:
                    68:4f:23:f4:91:b7:19:60:4a:2e:8e:18:fd:e4:c2:
                    48:5d:78:a6:98:22:1c:8c:10:e9:d9:0b:2e:5e:68:
                    f3:85:61:d8:27:fe:ef:f9:f5:9c:fd:54:55:cb:cb:
                    eb:75:c1:63:02:0e:88:84:df:29:46:2c:ab:c9:bb:
                    0f:d8:be:32:44:f0:c1:88:b3:06:25:03:ae:05:0d:
                    f5:b9:d4:9f:1c:78:8c:92:d3:1a:4d:7b:3d:5d:88:
                    52:fb:1c:97:95:da:37:b8:af:0f:3f:6e:6e:e2:10:
                    bc:61:1c:d6:06:e1:af:b2:c5:98:a4:94:76:1f:82:
                    86:41:da:80:d5:79:5e:de:c3:de:c2:f9:0a:19:59:
                    18:56:0e:d2:ae:48:1d:0c:8d:ca:0c:55:56:63:1e:
                    f4:e3:7a:0e:8d:1d:87:13:75:0d:38:65:f4:f5:55:
                    10:a7:1a:f6:72:92:6b:e5:bf:14:f6:de:81:00:91:
                    5f:98:a1:7b:c0:f6:48:e5:61:a3:db:67:b6:04:a9:
                    f6:57:59:ac:c2:c0:9c:b8:f7:b1:9d:5d:07:7e:a6:
                    4c:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:F3:D5:B4:5E:0C:53:D7:41:ED:E0:60:0D:92:D6:D4:01:3E:C0:3D
            X509v3 Authority Key Identifier:
                keyid:93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:af:88:37:bc:7e:27:71:db:45:be:46:39:25:8b:f5:b3:13:
         5c:ad:05:57:a8:16:af:ff:2e:1d:e7:a2:ed:b7:21:21:21:b5:
         a8:98:a6:2c:3a:05:a2:22:7d:39:2a:e1:a4:22:6c:c5:90:aa:
         9d:76:9b:96:7d:d5:94:70:7c:cd:54:e5:11:46:cb:dd:59:be:
         1f:8c:a2:ca:bb:2c:2c:db:7f:57:04:71:09:4c:bc:f9:11:36:
         eb:9f:3a:fa:2f:c8:c7:7e:66:c0:9b:42:10:4a:65:20:1c:5a:
         7f:db:5f:70:d6:ea:68:bf:f1:3b:b3:3c:0f:89:09:80:84:a6:
         d9:45:a3:a5:28:5a:ae:e7:33:82:9a:8d:42:66:08:a9:2d:e4:
         ba:82:85:74:bf:ef:01:87:a3:05:a9:92:ff:f3:c8:99:eb:32:
         0c:45:17:41:6f:bc:36:51:0e:a3:4a:b9:22:3e:36:d7:d9:fe:
         07:a0:b2:c4:d1:cd:82:ef:ae:54:72:a7:f2:05:46:59:5a:ce:
         69:36:c1:48:3b:b3:42:67:02:12:c0:e0:7a:68:10:16:1b:db:
         a3:18:db:fb:cc:c2:2b:08:c4:c6:08:a5:a2:6f:6f:c8:13:46:
         2c:12:e5:b0:6c:eb:ff:8c:36:01:dd:51:b4:3e:ed:bc:61:f2:
         cf:22:90:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sK1UCmIwMrreY31SptzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjIzMTJmMWQyMWJiM2IzODZjYTNhYTk3M2FjNmNkMjU0
YjcwMzkwHhcNMjUwNDI3MTAwMDEyWhcNMjUwNDI4MTAwMDEyWjAzMTEwLwYDVQQD
EyhlMWYzZDViNDVlMGM1M2Q3NDFlZGUwNjAwZDkyZDZkNDAxM2VjMDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2STP/ToyS7XmOkf8h7o0Ew+wsu3j
lPJBGNfvPBdosCIRKbiTBxmDBRFlAj9oTyP0kbcZYEoujhj95MJIXXimmCIcjBDp
2QsuXmjzhWHYJ/7v+fWc/VRVy8vrdcFjAg6IhN8pRiyrybsP2L4yRPDBiLMGJQOu
BQ31udSfHHiMktMaTXs9XYhS+xyXldo3uK8PP25u4hC8YRzWBuGvssWYpJR2H4KG
QdqA1Xle3sPewvkKGVkYVg7SrkgdDI3KDFVWYx7043oOjR2HE3UNOGX09VUQpxr2
cpJr5b8U9t6BAJFfmKF7wPZI5WGj22e2BKn2V1mswsCcuPexnV0HfqZMnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOHz1bReDFPXQe3gYA2S1tQBPsA9MB8GA1UdIwQY
MBaAFJMiMS8dIbs7OGyjqpc6xs0lS3A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMt
YzI2Nzc4MDliNGE3LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMtYzI2Nzc4MDliNGE3
LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfa+IN7x+
J3HbRb5GOSWL9bMTXK0FV6gWr/8uHeei7bchISG1qJimLDoFoiJ9OSrhpCJsxZCq
nXabln3VlHB8zVTlEUbL3Vm+H4yiyrssLNt/VwRxCUy8+RE26586+i/Ix35mwJtC
EEplIBxaf9tfcNbqaL/xO7M8D4kJgISm2UWjpSharuczgpqNQmYIqS3kuoKFdL/v
AYejBamS//PImesyDEUXQW+8NlEOo0q5Ij4219n+B6CyxNHNgu+uVHKn8gVGWVrO
aTbBSDuzQmcCEsDgemgQFhvboxjb+8zCKwjExgilom9vyBNGLBLlsGzr/4w2Ad1R
tD7tvGHyzyKQvw==
-----END CERTIFICATE-----