Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          Fdo5CgRCxNtPCcEq8iQlJtaK/i8rYVxuAqIbI7ecWGE=
Subject key identifier:   CB:A9:03:30:20:72:26:F7:86:0E:2D:EF:11:7F:B1:83:AA:05:5E:6D
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       0197B70E915DD8C87C4C4A288B70A2AC11E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          1287
Signing time:             Sat 28 Jun 2025 15:01:14 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:14 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:14 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: 5e5x7T0F/U4705Ttwpx5kiofidKNIjTaOvdpxmZD8Qc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:91:5d:d8:c8:7c:4c:4a:28:8b:70:a2:ac:11:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Jun 28 15:01:14 2025 GMT
            Not After : Jun 29 15:01:14 2025 GMT
        Subject: CN=cba90330207226f7860e2def117fb183aa055e6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4f:a6:a3:df:01:70:e3:27:74:36:af:05:a8:
                    5e:ce:56:3f:f9:b3:2d:2a:54:62:7c:99:e0:a8:a1:
                    f6:41:fd:27:b2:ed:02:21:4e:37:8e:2b:b3:b3:fe:
                    7a:a8:17:72:40:07:18:8e:92:25:5e:b8:68:71:11:
                    29:f0:7b:2a:90:6f:a4:ef:44:33:04:60:1c:c7:fe:
                    18:97:4f:b0:e3:e5:17:62:41:9c:1a:32:ea:de:53:
                    85:d4:02:fd:d8:01:cb:95:84:66:26:2f:7d:46:69:
                    1b:06:be:a1:f5:ef:c3:77:7c:81:47:45:f0:9d:a9:
                    b9:2f:05:c8:d8:e7:ad:a9:ef:5b:7b:48:8e:27:ff:
                    e2:1d:f5:6f:65:a5:11:71:3e:4d:28:cb:7d:10:df:
                    a8:ae:b9:b8:8e:67:13:66:b4:eb:2a:ec:5a:f6:5c:
                    5d:ee:41:79:f4:a0:de:b8:73:f7:ec:8f:ba:34:e0:
                    29:05:10:70:a2:d9:c8:f8:df:18:b1:f2:de:e1:f2:
                    92:14:bf:a1:19:80:26:53:fb:4a:29:8c:d4:0f:df:
                    b5:4e:78:7b:70:e9:06:c8:82:01:52:49:5b:63:1f:
                    dc:e3:43:db:60:59:b2:56:e7:a2:11:3a:42:6c:b2:
                    a1:b0:46:1f:2c:2d:62:60:c2:4c:5d:2d:bc:f4:3e:
                    77:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:A9:03:30:20:72:26:F7:86:0E:2D:EF:11:7F:B1:83:AA:05:5E:6D
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:3d:f6:a2:57:57:18:4a:f8:ce:a0:27:3e:a4:f4:11:84:d0:
         cc:f5:3e:e5:1a:82:f5:a7:45:a0:1e:9a:4a:88:79:0f:7a:55:
         09:f0:98:b4:37:e6:d6:c6:98:2d:55:be:d8:d8:35:41:53:04:
         71:06:2b:e2:49:f1:1d:ea:fb:fc:b4:e0:e2:9c:1a:02:a3:1a:
         9b:3f:81:73:27:58:d3:a5:ca:97:09:72:2e:72:77:66:01:ea:
         60:66:11:7c:94:98:bd:d2:4b:a3:1b:69:fa:04:b0:1e:50:8b:
         79:db:4d:45:0e:4e:3c:59:00:b0:2e:28:04:f4:ac:1c:f9:40:
         d8:ef:46:9e:15:f7:f1:c4:e0:0c:31:90:e1:f3:e7:a7:e5:63:
         b5:c1:04:83:01:b5:53:03:d4:4b:84:1a:65:7c:56:c8:6b:dc:
         a4:ad:d6:d6:c4:46:d5:9f:09:98:aa:9c:a7:f1:0c:68:70:8b:
         f0:ca:f2:4c:01:ff:34:05:1c:7c:6f:85:ed:01:5c:64:b9:bc:
         83:2e:e1:73:ce:68:43:00:74:86:b5:66:8c:a4:f5:10:e1:49:
         ed:9d:38:a4:09:d3:06:e8:67:37:79:d0:6f:64:2a:03:48:fa:
         3f:60:2c:09:59:4d:41:f7:78:39:05:1f:37:cc:f2:fc:15:24:
         00:94:3e:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DpFd2Mh8TEooi3CirBHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjUwNjI4MTUwMTE0WhcNMjUwNjI5MTUwMTE0WjAzMTEwLwYDVQQD
EyhjYmE5MDMzMDIwNzIyNmY3ODYwZTJkZWYxMTdmYjE4M2FhMDU1ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE+mo98BcOMndDavBahezlY/+bMt
KlRifJngqKH2Qf0nsu0CIU43jiuzs/56qBdyQAcYjpIlXrhocREp8HsqkG+k70Qz
BGAcx/4Yl0+w4+UXYkGcGjLq3lOF1AL92AHLlYRmJi99RmkbBr6h9e/Dd3yBR0Xw
nam5LwXI2Oetqe9be0iOJ//iHfVvZaURcT5NKMt9EN+orrm4jmcTZrTrKuxa9lxd
7kF59KDeuHP37I+6NOApBRBwotnI+N8YsfLe4fKSFL+hGYAmU/tKKYzUD9+1Tnh7
cOkGyIIBUklbYx/c40PbYFmyVueiETpCbLKhsEYfLC1iYMJMXS289D53kwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMupAzAgcib3hg4t7xF/sYOqBV5tMB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbz32oldX
GEr4zqAnPqT0EYTQzPU+5RqC9adFoB6aSoh5D3pVCfCYtDfm1saYLVW+2Ng1QVME
cQYr4knxHer7/LTg4pwaAqMamz+BcydY06XKlwlyLnJ3ZgHqYGYRfJSYvdJLoxtp
+gSwHlCLedtNRQ5OPFkAsC4oBPSsHPlA2O9GnhX38cTgDDGQ4fPnp+VjtcEEgwG1
UwPUS4QaZXxWyGvcpK3W1sRG1Z8JmKqcp/EMaHCL8MryTAH/NAUcfG+F7QFcZLm8
gy7hc85oQwB0hrVmjKT1EOFJ7Z04pAnTBuhnN3nQb2QqA0j6P2AsCVlNQfd4OQUf
N8zy/BUkAJQ+Rg==
-----END CERTIFICATE-----