Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          YNGuthiYdojQ98bcuETG3XKZZkHmzNe8s5+KMJkgGr0=
Subject key identifier:   44:66:03:85:8C:83:33:AE:05:0D:94:2A:2E:3C:11:2F:49:8C:10:64
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       01967DC689A8C351E94E7D8115DFE029C543
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          1511
Signing time:             Mon 28 Apr 2025 19:01:25 +0000
Manifest this update:     Mon 28 Apr 2025 19:01:25 +0000
Manifest next update:     Tue 29 Apr 2025 19:01:25 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: 0Xj8WlCjb7wYW59HJvYnAcy1ZmTEyaZSQ0Pnrou5arQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 19:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c6:89:a8:c3:51:e9:4e:7d:81:15:df:e0:29:c5:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Apr 28 19:01:25 2025 GMT
            Not After : Apr 29 19:01:25 2025 GMT
        Subject: CN=446603858c8333ae050d942a2e3c112f498c1064
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:3a:73:26:6d:c5:a4:84:cf:e3:e8:dd:e3:43:
                    5d:81:7e:8f:08:31:13:0b:99:82:f3:d1:98:18:4e:
                    8c:45:78:26:49:5c:55:a2:22:76:5b:2d:ad:63:16:
                    46:30:57:a5:ce:3a:a2:80:1e:0b:d2:7c:ef:d0:e8:
                    e5:37:7e:66:d4:6c:31:a8:b8:da:0b:58:b9:7b:c3:
                    55:90:29:d4:66:98:f7:7a:3d:bf:a5:df:aa:f0:b5:
                    2f:3c:95:ce:c5:ac:b8:7a:b1:0f:32:33:61:21:2e:
                    ee:04:e4:65:1b:12:4a:d5:0e:2d:38:6c:98:bb:9e:
                    fa:c0:83:42:7f:e5:b9:a8:fb:92:0a:3a:ef:60:a1:
                    c4:8d:92:83:cb:0c:43:55:b2:d1:f1:24:e5:90:5c:
                    30:c3:21:0b:00:9d:ec:15:84:b4:cb:4f:70:f4:74:
                    e2:be:90:10:6e:1c:c7:ee:11:8f:1e:81:b2:30:a7:
                    9c:a8:34:c6:8e:21:bf:df:4d:3b:dc:b0:0d:11:d4:
                    d8:af:fe:6a:21:2b:d3:20:4a:da:a9:19:49:4e:98:
                    15:5c:5a:2e:39:5e:86:1f:c5:04:72:e8:73:45:ea:
                    fa:97:e7:7d:a9:0b:d9:c5:92:98:8d:dc:a6:00:7d:
                    8d:c3:66:8b:24:36:72:94:5b:c4:8e:d9:5c:6e:53:
                    25:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:66:03:85:8C:83:33:AE:05:0D:94:2A:2E:3C:11:2F:49:8C:10:64
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:85:49:37:5d:31:04:6b:9e:7a:9e:d6:fd:42:fb:67:86:d5:
         6b:0d:df:12:dc:5b:db:84:c2:3b:18:cd:ca:2b:7f:04:35:e2:
         7b:41:ab:31:7f:d9:e3:41:85:dd:91:ad:97:80:a3:68:af:00:
         da:c8:ae:9a:d8:58:92:c7:09:d9:7c:3c:69:e3:95:9e:9c:a5:
         3c:58:bf:57:a8:cf:fe:7c:3e:c0:6b:8d:96:b1:c2:de:46:f4:
         96:6d:9f:48:80:12:c4:a1:b9:16:c0:7e:d4:07:de:8c:9f:ec:
         9b:fa:a9:eb:a2:31:99:a1:41:4e:fe:95:6e:ef:4d:ea:f9:cf:
         44:b3:9f:75:16:27:76:7d:5f:93:23:f9:98:a0:e3:12:70:f1:
         c1:d5:7e:8d:4d:34:95:1e:c2:0a:05:2d:42:b4:3e:50:6a:51:
         fd:7b:fb:bc:76:49:77:d7:ed:56:6f:5c:1f:99:92:04:c6:a4:
         25:2a:ab:21:c0:97:a3:04:a4:fd:0d:fa:2f:9b:7a:1a:9a:78:
         0c:38:cf:df:36:39:b1:83:b0:3a:87:ff:78:41:74:35:42:60:
         27:c1:36:f2:7a:29:b4:b7:37:f8:09:43:7e:c1:fa:eb:70:82:
         da:a6:9a:d8:5f:41:29:9a:28:b1:04:cc:c6:77:ba:9a:5a:b9:
         1f:17:4e:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xomow1HpTn2BFd/gKcVDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjUwNDI4MTkwMTI1WhcNMjUwNDI5MTkwMTI1WjAzMTEwLwYDVQQD
Eyg0NDY2MDM4NThjODMzM2FlMDUwZDk0MmEyZTNjMTEyZjQ5OGMxMDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDpzJm3FpITP4+jd40NdgX6PCDET
C5mC89GYGE6MRXgmSVxVoiJ2Wy2tYxZGMFelzjqigB4L0nzv0OjlN35m1GwxqLja
C1i5e8NVkCnUZpj3ej2/pd+q8LUvPJXOxay4erEPMjNhIS7uBORlGxJK1Q4tOGyY
u576wINCf+W5qPuSCjrvYKHEjZKDywxDVbLR8STlkFwwwyELAJ3sFYS0y09w9HTi
vpAQbhzH7hGPHoGyMKecqDTGjiG/30073LANEdTYr/5qISvTIEraqRlJTpgVXFou
OV6GH8UEcuhzRer6l+d9qQvZxZKYjdymAH2Nw2aLJDZylFvEjtlcblMlIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERmA4WMgzOuBQ2UKi48ES9JjBBkMB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOYVJN10x
BGueep7W/UL7Z4bVaw3fEtxb24TCOxjNyit/BDXie0GrMX/Z40GF3ZGtl4CjaK8A
2siumthYkscJ2Xw8aeOVnpylPFi/V6jP/nw+wGuNlrHC3kb0lm2fSIASxKG5FsB+
1AfejJ/sm/qp66IxmaFBTv6Vbu9N6vnPRLOfdRYndn1fkyP5mKDjEnDxwdV+jU00
lR7CCgUtQrQ+UGpR/Xv7vHZJd9ftVm9cH5mSBMakJSqrIcCXowSk/Q36L5t6Gpp4
DDjP3zY5sYOwOof/eEF0NUJgJ8E28noptLc3+AlDfsH663CC2qaa2F9BKZoosQTM
xne6mlq5HxdOAw==
-----END CERTIFICATE-----