Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          W6nTafp6wvFCPbEpzRzDse3Il2PcYbQUniYHByD1fnE=
Subject key identifier:   A8:65:FA:35:DD:AE:19:AF:5C:F6:02:E3:66:F5:59:B5:52:48:46:DB
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       0196BFDCFB868CEBD8F076CC5A20770AFB40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          1207
Signing time:             Sun 11 May 2025 15:00:52 +0000
Manifest this update:     Sun 11 May 2025 15:00:52 +0000
Manifest next update:     Mon 12 May 2025 15:00:52 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: AoPRjyRRKXT1/CPDlm1tL/HBbYz0CvIe5L8WWT9k06M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:dc:fb:86:8c:eb:d8:f0:76:cc:5a:20:77:0a:fb:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: May 11 15:00:52 2025 GMT
            Not After : May 12 15:00:52 2025 GMT
        Subject: CN=a865fa35ddae19af5cf602e366f559b5524846db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:24:01:26:93:a9:e4:3b:d5:65:1b:b2:78:40:
                    8d:6a:51:56:7a:d3:99:69:c6:66:96:a1:e4:c9:2f:
                    34:2f:27:5b:0d:95:8f:68:72:da:ed:cf:db:21:f4:
                    05:48:ec:40:65:3a:80:f4:f4:43:1e:a1:02:eb:5c:
                    f2:6e:14:58:77:dd:2e:2f:a0:c0:26:98:f5:00:8b:
                    8b:ff:7f:f8:01:d9:10:46:c0:26:ef:f8:d2:a1:cd:
                    b4:81:a6:c0:d5:b4:fe:77:81:0b:a0:c7:8e:71:26:
                    f4:47:f5:a7:fa:e3:7f:5f:50:a8:22:d3:e8:82:88:
                    07:dd:46:5a:29:98:51:76:8e:58:e2:f2:30:97:13:
                    33:fe:28:e1:d7:e0:4a:3e:1f:3b:fe:22:55:f7:ab:
                    7e:8c:86:57:4a:15:83:45:27:59:45:7d:c0:a1:08:
                    f1:c6:e2:be:a8:7b:6d:b9:6d:87:b3:ce:f5:31:ed:
                    5b:a5:2d:6d:98:cf:f5:d4:9d:4b:b8:09:45:4a:1f:
                    49:e7:bd:5f:9e:2d:20:5e:08:7f:ae:21:2a:5c:d4:
                    01:c6:bc:87:07:1c:98:fd:75:fc:4f:fc:35:9e:05:
                    7e:70:41:9f:8b:45:83:95:7d:5a:08:c5:6a:85:49:
                    fa:9f:ee:74:39:4d:6c:da:ad:64:e7:67:20:32:ef:
                    d6:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:65:FA:35:DD:AE:19:AF:5C:F6:02:E3:66:F5:59:B5:52:48:46:DB
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:d9:73:fa:5f:6d:d8:a7:6e:6a:ef:cc:0e:b0:6c:18:d7:5d:
         1c:a6:fb:91:78:c0:4b:90:3b:31:b0:b9:26:32:27:0c:95:bc:
         37:6a:1a:f9:5a:d4:80:d2:35:48:f9:be:cc:c9:36:ef:10:0b:
         be:c7:a9:22:9a:66:09:13:71:84:58:a6:83:6b:ca:02:17:72:
         33:28:df:2e:eb:f3:19:4e:33:5c:ed:c0:6c:49:29:bd:6d:fc:
         03:75:09:6f:1f:df:17:7c:fa:3e:41:01:b3:81:f6:51:94:1a:
         b9:00:96:e5:df:84:38:5f:3c:74:bb:08:7e:4b:de:12:b4:e3:
         3f:c2:1e:e1:83:61:78:0e:33:40:29:bd:1c:f0:f4:cc:53:7e:
         d0:dc:e4:e3:b3:bf:59:43:4c:94:24:f1:f6:52:46:7c:9c:1e:
         88:b8:2d:dc:81:b7:bb:bd:81:00:8c:04:b6:f5:75:f5:a8:2c:
         5f:e5:03:f2:9f:50:89:01:e9:7e:49:13:2b:4a:93:eb:d4:4d:
         08:9e:20:39:a0:70:93:82:9b:78:57:5f:e9:97:e4:83:df:14:
         09:25:7d:22:43:2f:fa:66:ad:e1:dc:89:cf:05:80:5c:0a:6f:
         d8:58:a9:58:c5:35:23:38:66:78:0e:f8:70:2f:2a:5e:97:d0:
         04:49:a9:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/3PuGjOvY8HbMWiB3CvtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjUwNTExMTUwMDUyWhcNMjUwNTEyMTUwMDUyWjAzMTEwLwYDVQQD
EyhhODY1ZmEzNWRkYWUxOWFmNWNmNjAyZTM2NmY1NTliNTUyNDg0NmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSQBJpOp5DvVZRuyeECNalFWetOZ
acZmlqHkyS80LydbDZWPaHLa7c/bIfQFSOxAZTqA9PRDHqEC61zybhRYd90uL6DA
Jpj1AIuL/3/4AdkQRsAm7/jSoc20gabA1bT+d4ELoMeOcSb0R/Wn+uN/X1CoItPo
gogH3UZaKZhRdo5Y4vIwlxMz/ijh1+BKPh87/iJV96t+jIZXShWDRSdZRX3AoQjx
xuK+qHttuW2Hs871Me1bpS1tmM/11J1LuAlFSh9J571fni0gXgh/riEqXNQBxryH
BxyY/XX8T/w1ngV+cEGfi0WDlX1aCMVqhUn6n+50OU1s2q1k52cgMu/WjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKhl+jXdrhmvXPYC42b1WbVSSEbbMB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY9lz+l9t
2Kduau/MDrBsGNddHKb7kXjAS5A7MbC5JjInDJW8N2oa+VrUgNI1SPm+zMk27xAL
vsepIppmCRNxhFimg2vKAhdyMyjfLuvzGU4zXO3AbEkpvW38A3UJbx/fF3z6PkEB
s4H2UZQauQCW5d+EOF88dLsIfkveErTjP8Ie4YNheA4zQCm9HPD0zFN+0Nzk47O/
WUNMlCTx9lJGfJweiLgt3IG3u72BAIwEtvV19agsX+UD8p9QiQHpfkkTK0qT69RN
CJ4gOaBwk4KbeFdf6Zfkg98UCSV9IkMv+mat4dyJzwWAXApv2FipWMU1IzhmeA74
cC8qXpfQBEmpaw==
-----END CERTIFICATE-----