Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
File:                     kpZChU_lYFL93BRr9y57xpSFC2M.mft (raw, json)
Hash identifier:          BXTD7yHD3yhI7OqzvgAySEBOryoDHsBxg+HberStv4Q=
Subject key identifier:   48:E7:D6:37:6B:6E:DB:50:15:D9:FE:35:ED:30:F8:32:A4:ED:78:91
Authority key identifier: 92:96:42:85:4F:E5:60:52:FD:DC:14:6B:F7:2E:7B:C6:94:85:0B:63
Certificate issuer:       /CN=929642854fe56052fddc146bf72e7bc694850b63
Certificate serial:       01967DC5DA4F0FDCF2399E406355EC02ADF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
Manifest number:          05FC
Signing time:             Mon 28 Apr 2025 19:00:40 +0000
Manifest this update:     Mon 28 Apr 2025 19:00:40 +0000
Manifest next update:     Tue 29 Apr 2025 19:00:40 +0000
Files and hashes:         1: kpZChU_lYFL93BRr9y57xpSFC2M.crl (hash: S96Be9V8DXkladCGtIa9QUlj94LqIkCaNSXwBdnMHYY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Apr 2025 15:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:7d:c5:da:4f:0f:dc:f2:39:9e:40:63:55:ec:02:ad:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=929642854fe56052fddc146bf72e7bc694850b63
        Validity
            Not Before: Apr 28 19:00:40 2025 GMT
            Not After : Apr 29 19:00:40 2025 GMT
        Subject: CN=48e7d6376b6edb5015d9fe35ed30f832a4ed7891
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:6b:f4:c7:5a:20:5d:ad:61:78:16:d6:7c:74:
                    10:4c:a1:5f:e5:02:7a:09:12:f9:db:24:d2:00:ed:
                    fc:74:b5:a2:54:36:21:78:64:29:31:63:9d:45:ff:
                    1a:67:43:60:3a:ef:1a:2b:3b:99:77:2d:d1:81:1f:
                    d2:3f:32:09:7b:1b:c0:e9:0f:0e:ff:a3:b2:6b:e5:
                    8c:07:5a:03:d7:da:d4:c2:0d:a7:e0:e6:83:42:d1:
                    c1:a5:8c:35:8e:15:0c:ee:40:c4:06:f0:dd:44:bb:
                    7a:37:51:4c:c4:2c:3c:24:54:06:42:c4:91:c9:cb:
                    f2:08:df:6e:be:76:40:06:9b:bd:c9:3e:1e:03:cf:
                    d1:49:5c:ce:15:03:c8:ae:86:2a:c1:45:84:35:23:
                    c6:28:c5:0a:ed:f7:46:4f:32:e2:8b:fa:4a:91:69:
                    d3:07:d4:f7:3e:d1:48:81:65:db:1f:cc:3c:46:54:
                    71:0e:3e:28:55:70:f9:3f:b2:95:bc:62:32:c4:6c:
                    98:f9:b9:63:50:8f:50:a6:ae:38:21:0e:8c:ca:be:
                    9d:92:c2:0c:27:70:f4:4e:b7:de:20:c4:51:2e:6d:
                    45:9c:21:b3:28:6d:88:71:5a:6e:64:fb:e5:bc:c8:
                    a0:ab:ec:c0:32:2c:a1:01:ee:91:d0:82:77:99:7d:
                    a9:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:E7:D6:37:6B:6E:DB:50:15:D9:FE:35:ED:30:F8:32:A4:ED:78:91
            X509v3 Authority Key Identifier:
                keyid:92:96:42:85:4F:E5:60:52:FD:DC:14:6B:F7:2E:7B:C6:94:85:0B:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:c2:cd:bb:0e:0a:06:67:21:86:33:42:f9:4e:1c:a9:87:65:
         99:fc:6e:02:26:d7:d9:64:52:c6:62:e7:4c:d3:b4:04:52:2b:
         b1:61:4c:4a:db:aa:ce:02:77:59:6d:95:e8:14:0c:36:34:f9:
         da:ee:5d:c0:18:e6:eb:de:34:69:be:e0:8e:7d:e1:4c:95:8a:
         42:de:fa:8b:93:60:6a:cb:d2:ea:7e:c5:0b:da:6b:0e:bb:c6:
         a3:c2:60:13:71:9f:51:d2:05:24:0b:d4:40:11:16:8d:13:64:
         65:2c:f6:b4:e1:78:2b:6a:53:08:41:bf:bc:41:5d:7c:c3:1e:
         88:14:41:0c:fb:57:b7:cd:f8:70:c1:2c:11:5d:33:3b:5b:3d:
         d7:9b:f9:11:6b:07:d9:6e:9a:fb:00:27:64:6e:c0:bb:87:18:
         c2:d5:2b:c8:b2:25:6d:16:fb:cd:52:51:94:b8:9f:a0:f5:98:
         c7:d1:63:0c:50:ac:a1:b5:0f:de:0a:df:cc:43:0d:bf:39:3f:
         a7:ad:23:25:19:63:7f:59:bd:e1:f1:df:63:43:e2:b4:ce:63:
         06:1f:f6:20:98:af:e4:89:1f:1b:00:0e:6c:74:95:a2:3f:16:
         64:a9:94:11:43:e7:aa:29:84:32:97:1d:5b:cf:d1:80:1f:10:
         e2:42:4b:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ9xdpPD9zyOZ5AY1XsAq30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTY0Mjg1NGZlNTYwNTJmZGRjMTQ2YmY3MmU3YmM2OTQ4
NTBiNjMwHhcNMjUwNDI4MTkwMDQwWhcNMjUwNDI5MTkwMDQwWjAzMTEwLwYDVQQD
Eyg0OGU3ZDYzNzZiNmVkYjUwMTVkOWZlMzVlZDMwZjgzMmE0ZWQ3ODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWv0x1ogXa1heBbWfHQQTKFf5QJ6
CRL52yTSAO38dLWiVDYheGQpMWOdRf8aZ0NgOu8aKzuZdy3RgR/SPzIJexvA6Q8O
/6Oya+WMB1oD19rUwg2n4OaDQtHBpYw1jhUM7kDEBvDdRLt6N1FMxCw8JFQGQsSR
ycvyCN9uvnZABpu9yT4eA8/RSVzOFQPIroYqwUWENSPGKMUK7fdGTzLii/pKkWnT
B9T3PtFIgWXbH8w8RlRxDj4oVXD5P7KVvGIyxGyY+bljUI9Qpq44IQ6Myr6dksIM
J3D0TrfeIMRRLm1FnCGzKG2IcVpuZPvlvMigq+zAMiyhAe6R0IJ3mX2pewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEjn1jdrbttQFdn+Ne0w+DKk7XiRMB8GA1UdIwQY
MBaAFJKWQoVP5WBS/dwUa/cue8aUhQtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xYjAxZDgtOWIzMS00ZjA4LWExYzUt
ZTkxNjQ4ZWM3ZGU1LzEva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xYjAxZDgtOWIzMS00ZjA4LWExYzUtZTkxNjQ4ZWM3ZGU1
LzEva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbMLNuw4K
BmchhjNC+U4cqYdlmfxuAibX2WRSxmLnTNO0BFIrsWFMStuqzgJ3WW2V6BQMNjT5
2u5dwBjm6940ab7gjn3hTJWKQt76i5NgasvS6n7FC9prDrvGo8JgE3GfUdIFJAvU
QBEWjRNkZSz2tOF4K2pTCEG/vEFdfMMeiBRBDPtXt834cMEsEV0zO1s915v5EWsH
2W6a+wAnZG7Au4cYwtUryLIlbRb7zVJRlLifoPWYx9FjDFCsobUP3grfzEMNvzk/
p60jJRljf1m94fHfY0PitM5jBh/2IJiv5IkfGwAObHSVoj8WZKmUEUPnqimEMpcd
W8/RgB8Q4kJLjg==
-----END CERTIFICATE-----