Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          cJ6KkCWA8Old0R+lQBOgtLpIdRjjd1oIzHTyiNmkbEY=
Subject key identifier:   12:7D:1D:E6:0F:B5:23:F6:9F:D3:ED:45:0F:1D:9F:A2:98:E8:D1:A1
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       0196C916A2EDDED8BB72A5E52FCE1B316308
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          0E4E
Signing time:             Tue 13 May 2025 10:00:25 +0000
Manifest this update:     Tue 13 May 2025 10:00:25 +0000
Manifest next update:     Wed 14 May 2025 10:00:25 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: uxUKnl4e93mZyRsSMAcHPrsrp2TAANX75CKiQUPodZo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 08:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:16:a2:ed:de:d8:bb:72:a5:e5:2f:ce:1b:31:63:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: May 13 10:00:25 2025 GMT
            Not After : May 14 10:00:25 2025 GMT
        Subject: CN=127d1de60fb523f69fd3ed450f1d9fa298e8d1a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:e7:56:33:3e:af:9c:c7:35:3d:77:12:42:cc:
                    49:c9:a0:ae:f4:9f:72:ed:0b:7f:b6:b2:52:2f:09:
                    2d:76:89:ff:7a:a4:91:eb:84:e5:62:15:03:bb:66:
                    3d:3e:af:33:a0:b0:c5:4c:e7:81:d0:26:6f:04:51:
                    d6:32:12:bd:c1:5e:e6:df:6a:0f:e4:26:df:24:0e:
                    0f:4f:84:bd:bf:c5:74:e0:fe:9e:28:20:a1:54:3e:
                    88:aa:5c:aa:7b:68:d2:85:97:e5:b1:80:21:ea:69:
                    7a:61:9f:8b:50:97:3d:9d:c6:2f:5f:3e:30:e8:55:
                    66:a1:be:e8:8b:2b:de:9a:69:a5:bd:87:d4:c8:c1:
                    33:ce:50:e4:db:32:7c:bf:50:46:61:8f:a7:69:67:
                    23:ea:1d:2e:43:6d:dc:4c:6a:46:4c:e2:06:49:a7:
                    92:63:9a:9c:25:e4:8b:9d:6a:0a:7b:0e:28:15:43:
                    97:da:56:1e:98:4f:15:43:6c:48:da:9c:b3:92:99:
                    47:02:d3:95:49:c2:cc:b2:d8:11:d3:4e:51:6a:df:
                    7d:83:61:25:38:e5:80:7f:96:2e:ed:8d:1b:cb:a2:
                    bc:64:1f:0f:8a:98:02:3c:b0:9b:e2:58:c0:d7:0b:
                    f7:f2:9c:2e:15:6d:f9:af:9a:d5:1d:82:71:8d:1d:
                    5a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:7D:1D:E6:0F:B5:23:F6:9F:D3:ED:45:0F:1D:9F:A2:98:E8:D1:A1
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:19:df:cd:00:db:9a:4b:b3:ff:b7:e2:0b:64:a5:a2:cf:96:
         2d:10:bb:42:81:6e:8f:bb:e5:8f:3f:25:70:c8:42:02:56:b2:
         04:91:97:dc:ec:ba:1c:45:c3:6f:86:db:bd:01:91:80:55:f3:
         d4:47:6b:88:38:3b:6f:c4:26:01:b4:8c:21:85:dc:17:95:c9:
         68:b7:f5:cd:e9:d9:f5:2a:8e:f9:2a:a4:5e:30:8d:6d:0d:a0:
         a5:d7:de:7a:6c:6d:80:b5:f9:8d:ed:40:49:2a:94:62:32:5e:
         73:04:a3:dc:cd:a0:5e:9c:7c:f6:74:df:9b:5f:d8:2e:b4:c7:
         4d:8c:7d:e0:04:5f:d6:36:8c:73:dd:99:c3:a0:ae:c7:a3:df:
         51:75:3a:7c:83:ba:eb:82:1f:a0:8d:e8:24:26:b5:56:5d:ae:
         74:60:00:cb:b4:29:75:84:b3:b0:c5:fa:b7:6c:d5:ee:ca:04:
         5f:6c:27:83:a2:23:fd:50:d9:17:80:59:c8:76:c1:24:4f:33:
         57:a7:f8:48:73:cf:cf:b4:74:e6:79:68:24:7e:f6:a0:f5:96:
         7f:d7:f9:6c:21:f3:9a:48:fb:42:bf:7b:86:2e:9b:68:2c:b8:
         f8:d2:94:1f:66:ec:94:5e:46:34:81:d9:55:9b:2b:d0:2d:a8:
         8d:90:41:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJFqLt3ti7cqXlL84bMWMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjUwNTEzMTAwMDI1WhcNMjUwNTE0MTAwMDI1WjAzMTEwLwYDVQQD
EygxMjdkMWRlNjBmYjUyM2Y2OWZkM2VkNDUwZjFkOWZhMjk4ZThkMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+dWMz6vnMc1PXcSQsxJyaCu9J9y
7Qt/trJSLwktdon/eqSR64TlYhUDu2Y9Pq8zoLDFTOeB0CZvBFHWMhK9wV7m32oP
5CbfJA4PT4S9v8V04P6eKCChVD6Iqlyqe2jShZflsYAh6ml6YZ+LUJc9ncYvXz4w
6FVmob7oiyvemmmlvYfUyMEzzlDk2zJ8v1BGYY+naWcj6h0uQ23cTGpGTOIGSaeS
Y5qcJeSLnWoKew4oFUOX2lYemE8VQ2xI2pyzkplHAtOVScLMstgR005Rat99g2El
OOWAf5Yu7Y0by6K8ZB8PipgCPLCb4ljA1wv38pwuFW35r5rVHYJxjR1amQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJ9HeYPtSP2n9PtRQ8dn6KY6NGhMB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdhnfzQDb
mkuz/7fiC2Slos+WLRC7QoFuj7vljz8lcMhCAlayBJGX3Oy6HEXDb4bbvQGRgFXz
1EdriDg7b8QmAbSMIYXcF5XJaLf1zenZ9SqO+SqkXjCNbQ2gpdfeemxtgLX5je1A
SSqUYjJecwSj3M2gXpx89nTfm1/YLrTHTYx94ARf1jaMc92Zw6Cux6PfUXU6fIO6
64IfoI3oJCa1Vl2udGAAy7QpdYSzsMX6t2zV7soEX2wng6Ij/VDZF4BZyHbBJE8z
V6f4SHPPz7R05nloJH72oPWWf9f5bCHzmkj7Qr97hi6baCy4+NKUH2bslF5GNIHZ
VZsr0C2ojZBBZg==
-----END CERTIFICATE-----