Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
File:                     kyIxLx0huzs4bKOqlzrGzSVLcDk.mft (raw, json)
Hash identifier:          WBnqtWhi+IzjlwRV/u6DS2OZYyRtT6ktzAjbWAda2e0=
Subject key identifier:   38:71:B1:C9:5E:73:9D:FC:88:DA:47:A7:33:B0:37:54:C8:46:25:8F
Authority key identifier: 93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39
Certificate issuer:       /CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
Certificate serial:       019771BF98DEADA19F2DF1A268D6EDA5614E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
Manifest number:          158D
Signing time:             Sun 15 Jun 2025 04:01:11 +0000
Manifest this update:     Sun 15 Jun 2025 04:01:11 +0000
Manifest next update:     Mon 16 Jun 2025 04:01:11 +0000
Files and hashes:         1: kyIxLx0huzs4bKOqlzrGzSVLcDk.crl (hash: VXv0524RGhuXhN2e4H5nhuQMXVFKmozE5UdQ4Oa6SN4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:71:bf:98:de:ad:a1:9f:2d:f1:a2:68:d6:ed:a5:61:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
        Validity
            Not Before: Jun 15 04:01:11 2025 GMT
            Not After : Jun 16 04:01:11 2025 GMT
        Subject: CN=3871b1c95e739dfc88da47a733b03754c846258f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:59:bc:40:53:7c:60:96:f5:97:8c:70:2a:05:
                    7c:95:ac:b3:22:10:a6:8c:ef:75:59:56:98:68:00:
                    f7:cf:d9:f0:d3:e4:0c:cb:a2:12:b3:a1:28:24:df:
                    e8:fd:55:e3:53:0c:2f:ed:92:da:6b:1a:7e:fd:15:
                    fa:a2:c2:e1:80:37:91:32:ab:f4:dc:a4:85:40:d8:
                    a0:ff:c7:0f:ab:ca:68:e9:d9:44:d1:e5:44:01:f8:
                    93:cc:e8:e5:77:c7:29:14:3d:32:ed:75:f0:39:83:
                    22:c3:ff:d3:9d:84:b9:8a:ae:fd:d7:e5:21:76:61:
                    e0:d1:4b:dc:8d:86:19:94:2b:16:47:0d:ea:0a:77:
                    94:87:0a:8d:68:6f:39:80:23:e0:d4:9a:af:8b:52:
                    f4:36:90:1e:f0:57:43:dd:19:9f:fe:50:79:1a:48:
                    4b:4f:43:f9:ac:70:d4:0f:b9:e1:29:ab:34:54:4e:
                    75:60:62:03:e5:cb:df:73:be:86:57:b7:7a:ac:9a:
                    f8:20:2f:a8:e3:3b:ec:f4:1b:fe:63:87:b3:67:f9:
                    0d:6a:44:d9:31:46:7f:b7:2a:82:64:8f:11:79:47:
                    be:de:09:e7:8d:d5:aa:4d:17:c7:fc:23:89:58:ed:
                    10:9d:45:93:fd:42:79:b1:1d:8e:f1:2e:88:be:c2:
                    65:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:71:B1:C9:5E:73:9D:FC:88:DA:47:A7:33:B0:37:54:C8:46:25:8F
            X509v3 Authority Key Identifier:
                keyid:93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:0a:a0:04:cb:c5:e8:d9:3b:8a:28:b2:d7:59:be:1b:38:cd:
         0a:98:66:9c:8d:33:49:72:fa:d7:e7:3b:ad:8a:df:cb:d2:fa:
         35:0d:fa:bd:ae:a9:f9:e8:5c:c2:86:29:d5:fb:ac:c0:29:de:
         5f:4a:60:29:1f:a9:07:b5:ab:7c:d5:8c:ef:46:07:da:64:b2:
         c9:1e:d7:41:5a:20:4b:15:71:dd:a0:94:be:b1:4b:4b:15:3c:
         90:62:f9:4e:af:cc:48:c6:40:38:03:90:e5:39:a0:2b:9c:ea:
         e6:28:96:9f:ec:71:0c:95:0c:5f:5c:ce:d0:15:7b:0f:16:5c:
         16:3c:bf:9f:bc:c6:d5:fe:39:34:67:83:cf:af:11:d8:dc:0d:
         e2:3e:48:f4:37:e8:bd:53:1c:f7:ee:de:4b:b1:1a:f7:92:11:
         18:bf:73:34:c4:f5:af:e6:cc:6d:b6:31:25:4c:b4:85:e7:13:
         27:91:75:70:12:ad:65:ec:a6:99:59:5a:17:00:48:02:e9:72:
         8a:eb:20:26:23:b4:ba:3a:a9:d3:fe:67:87:82:23:8b:bb:5c:
         32:8f:cb:7c:04:4e:ae:a8:2b:ff:16:9a:f9:0b:9e:4d:01:31:
         4e:c8:54:7f:3b:ff:4a:e1:9c:f5:48:56:d9:33:f0:11:b3:12:
         10:57:68:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdxv5jeraGfLfGiaNbtpWFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjIzMTJmMWQyMWJiM2IzODZjYTNhYTk3M2FjNmNkMjU0
YjcwMzkwHhcNMjUwNjE1MDQwMTExWhcNMjUwNjE2MDQwMTExWjAzMTEwLwYDVQQD
EygzODcxYjFjOTVlNzM5ZGZjODhkYTQ3YTczM2IwMzc1NGM4NDYyNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVm8QFN8YJb1l4xwKgV8layzIhCm
jO91WVaYaAD3z9nw0+QMy6ISs6EoJN/o/VXjUwwv7ZLaaxp+/RX6osLhgDeRMqv0
3KSFQNig/8cPq8po6dlE0eVEAfiTzOjld8cpFD0y7XXwOYMiw//TnYS5iq791+Uh
dmHg0UvcjYYZlCsWRw3qCneUhwqNaG85gCPg1Jqvi1L0NpAe8FdD3Rmf/lB5GkhL
T0P5rHDUD7nhKas0VE51YGID5cvfc76GV7d6rJr4IC+o4zvs9Bv+Y4ezZ/kNakTZ
MUZ/tyqCZI8ReUe+3gnnjdWqTRfH/COJWO0QnUWT/UJ5sR2O8S6IvsJlQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhxsclec538iNpHpzOwN1TIRiWPMB8GA1UdIwQY
MBaAFJMiMS8dIbs7OGyjqpc6xs0lS3A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMt
YzI2Nzc4MDliNGE3LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMtYzI2Nzc4MDliNGE3
LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABAqgBMvF
6Nk7iiiy11m+GzjNCphmnI0zSXL61+c7rYrfy9L6NQ36va6p+ehcwoYp1fuswCne
X0pgKR+pB7WrfNWM70YH2mSyyR7XQVogSxVx3aCUvrFLSxU8kGL5Tq/MSMZAOAOQ
5TmgK5zq5iiWn+xxDJUMX1zO0BV7DxZcFjy/n7zG1f45NGeDz68R2NwN4j5I9Dfo
vVMc9+7eS7Ea95IRGL9zNMT1r+bMbbYxJUy0hecTJ5F1cBKtZeymmVlaFwBIAuly
iusgJiO0ujqp0/5nh4Iji7tcMo/LfAROrqgr/xaa+QueTQExTshUfzv/SuGc9UhW
2TPwEbMSEFdocQ==
-----END CERTIFICATE-----