Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          bwMew57iVRKDqFRqv25Z3SoZUZDp6QIqFWUPAiL6Xxg=
Subject key identifier:   63:0F:7E:CD:97:CE:7C:57:C2:40:FE:A2:F7:BE:81:32:56:92:28:DF
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       01968D39488A073D2ECD93A3DAB2ABDE31E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          07E8
Signing time:             Thu 01 May 2025 19:01:03 +0000
Manifest this update:     Thu 01 May 2025 19:01:03 +0000
Manifest next update:     Fri 02 May 2025 19:01:03 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: zY3JGEz2oudN8k6Pd2WhQXDjGBzAklbHznAYcgaeJvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 02 May 2025 19:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8d:39:48:8a:07:3d:2e:cd:93:a3:da:b2:ab:de:31:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: May  1 19:01:03 2025 GMT
            Not After : May  2 19:01:03 2025 GMT
        Subject: CN=630f7ecd97ce7c57c240fea2f7be8132569228df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:a4:a6:41:3b:07:94:9c:1d:9a:d2:70:29:22:
                    7e:2e:4e:85:8e:c8:29:92:12:e1:ea:f8:7a:6d:a1:
                    24:1d:fc:a1:73:f0:47:00:e8:f2:a6:3d:06:32:b2:
                    3f:45:6f:03:17:b8:88:f1:e4:08:46:9f:b4:42:4a:
                    ca:c3:20:8c:38:be:52:eb:c4:df:4f:ab:0c:b4:2f:
                    4a:5f:51:ea:8d:ea:ba:ec:52:b3:fe:c3:1c:68:1b:
                    c9:cc:af:b7:0e:87:6b:ad:4f:1c:15:42:9f:fc:9e:
                    27:2e:76:e5:dc:7c:51:d0:79:30:b5:9e:d7:01:8c:
                    90:30:f8:6b:19:b8:cf:09:aa:65:65:91:20:46:7c:
                    11:a2:37:fb:e5:c7:81:a3:7a:78:ab:57:ca:55:77:
                    43:98:9b:6e:34:ae:b5:bb:ae:5a:fc:87:82:71:f8:
                    89:6e:16:00:da:15:44:53:78:8f:69:3e:e4:8a:d3:
                    39:f4:d9:e0:c8:1a:8a:9d:49:45:66:44:24:4a:f1:
                    5a:2f:79:ec:bd:ea:70:b4:32:ab:a6:86:35:53:0b:
                    b6:67:de:f1:24:fa:70:83:37:cc:77:96:67:77:16:
                    9f:e2:33:66:1c:27:d7:b7:aa:a6:aa:0c:c8:2d:be:
                    d0:0b:39:e2:92:69:19:e4:a5:d6:2f:e7:d6:bf:6f:
                    a4:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:0F:7E:CD:97:CE:7C:57:C2:40:FE:A2:F7:BE:81:32:56:92:28:DF
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:ff:57:5d:a7:5b:52:e0:78:83:ec:e8:57:4a:59:36:6a:d7:
         90:31:05:5d:80:9c:0b:cd:34:a5:d8:7c:85:2a:23:92:b6:be:
         74:97:33:cf:e9:a5:b9:74:da:bb:50:21:ae:3f:cf:9a:07:ad:
         65:ca:a8:d7:0c:d6:26:77:56:6d:e4:8f:b8:e2:8d:93:8f:8d:
         1c:3d:1d:b0:cd:03:33:10:ec:50:b0:fb:b3:e5:68:ca:45:4d:
         59:5d:4b:36:5b:5a:1c:53:f3:70:41:8a:fb:72:32:e8:42:22:
         c8:84:5b:20:8b:5e:ce:a3:b1:50:ee:e8:1e:74:ff:7e:31:fe:
         dc:41:9e:84:f4:e5:ba:90:46:37:0a:53:bf:50:7f:92:3f:17:
         76:2c:93:d3:49:18:78:f8:9a:31:c5:08:10:0d:8d:18:07:66:
         ec:16:8a:26:45:81:b1:5c:bb:3d:08:fa:ff:86:43:25:cc:8a:
         f3:fb:a9:89:ca:4f:be:d5:de:16:56:8c:55:32:89:3e:01:22:
         f4:25:7b:2a:b2:91:f3:91:d7:b9:09:89:4b:10:3a:02:19:45:
         c9:ea:9f:f6:5b:17:8a:2a:7f:be:8a:55:bb:d2:81:2d:69:e1:
         f9:c7:df:21:01:68:5d:0f:00:2e:04:3d:c4:96:4e:52:f0:45:
         a6:56:e4:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaNOUiKBz0uzZOj2rKr3jHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjUwNTAxMTkwMTAzWhcNMjUwNTAyMTkwMTAzWjAzMTEwLwYDVQQD
Eyg2MzBmN2VjZDk3Y2U3YzU3YzI0MGZlYTJmN2JlODEzMjU2OTIyOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaSmQTsHlJwdmtJwKSJ+Lk6Fjsgp
khLh6vh6baEkHfyhc/BHAOjypj0GMrI/RW8DF7iI8eQIRp+0QkrKwyCMOL5S68Tf
T6sMtC9KX1Hqjeq67FKz/sMcaBvJzK+3DodrrU8cFUKf/J4nLnbl3HxR0HkwtZ7X
AYyQMPhrGbjPCaplZZEgRnwRojf75ceBo3p4q1fKVXdDmJtuNK61u65a/IeCcfiJ
bhYA2hVEU3iPaT7kitM59NngyBqKnUlFZkQkSvFaL3nsvepwtDKrpoY1Uwu2Z97x
JPpwgzfMd5Zndxaf4jNmHCfXt6qmqgzILb7QCznikmkZ5KXWL+fWv2+kxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMPfs2XznxXwkD+ove+gTJWkijfMB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ/9XXadb
UuB4g+zoV0pZNmrXkDEFXYCcC800pdh8hSojkra+dJczz+mluXTau1Ahrj/Pmget
Zcqo1wzWJndWbeSPuOKNk4+NHD0dsM0DMxDsULD7s+VoykVNWV1LNltaHFPzcEGK
+3Iy6EIiyIRbIItezqOxUO7oHnT/fjH+3EGehPTlupBGNwpTv1B/kj8XdiyT00kY
ePiaMcUIEA2NGAdm7BaKJkWBsVy7PQj6/4ZDJcyK8/upicpPvtXeFlaMVTKJPgEi
9CV7KrKR85HXuQmJSxA6AhlFyeqf9lsXiip/vopVu9KBLWnh+cffIQFoXQ8ALgQ9
xJZOUvBFplbkiw==
-----END CERTIFICATE-----