Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          ZEfQuBlAVcssEDez+wdMR8trtqd8ZNC519XyLg7l014=
Subject key identifier:   2B:B3:07:3B:4F:C0:C2:B7:C5:3A:DC:B9:5B:D3:5B:56:B6:B1:F3:35
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       0198D5162A75AA202AE386C44144966D6AE6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          1560
Signing time:             Sat 23 Aug 2025 04:00:56 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:56 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:56 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: uzhwYYkJgRsNOsFBbcothQsKP+SrU1m/Qb6njetjXf8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:16:2a:75:aa:20:2a:e3:86:c4:41:44:96:6d:6a:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: Aug 23 04:00:56 2025 GMT
            Not After : Aug 24 04:00:56 2025 GMT
        Subject: CN=2bb3073b4fc0c2b7c53adcb95bd35b56b6b1f335
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:69:e8:57:74:fc:51:c7:72:db:38:10:5d:f9:
                    cf:4b:d4:b8:07:16:36:49:8a:f3:6f:a4:9c:98:9d:
                    a0:ed:30:d9:06:73:b9:54:06:a3:8c:f1:1d:ca:4b:
                    83:35:fd:dc:2b:82:5a:a6:6e:0f:9e:47:1f:de:b3:
                    a2:ce:e7:98:6a:7e:d6:32:55:c8:1d:02:92:5c:8d:
                    f0:53:00:01:0d:bc:77:b4:32:a8:f7:50:8e:f4:60:
                    ed:3e:05:df:e7:a5:74:ca:85:09:ca:4a:02:54:89:
                    f8:54:0d:fa:10:1a:06:7c:62:c6:88:da:e8:86:10:
                    1a:32:6d:f0:ed:cb:12:0a:9f:d0:03:9e:da:97:b7:
                    f3:6d:e9:2c:29:28:9b:de:e0:67:f9:73:a4:3e:eb:
                    cf:58:72:0f:ac:9e:92:a3:68:0d:84:41:22:dd:d7:
                    3d:ed:61:2c:0c:e1:b5:76:b5:2f:69:89:4d:f6:81:
                    5d:35:3a:af:98:51:98:e4:4b:1d:ac:49:78:66:fd:
                    1d:59:bb:f3:7f:8c:eb:e0:13:04:03:43:53:05:c0:
                    dd:78:76:a2:9a:22:29:d2:c8:0c:66:43:b2:b0:cf:
                    dc:0e:59:84:80:4a:eb:e2:79:60:92:81:b2:50:df:
                    a0:07:f6:b5:60:19:c9:88:d5:05:06:7d:f8:6c:a0:
                    7a:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:B3:07:3B:4F:C0:C2:B7:C5:3A:DC:B9:5B:D3:5B:56:B6:B1:F3:35
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:76:88:97:b4:b3:9b:56:35:f6:af:da:b7:73:da:e9:06:bc:
         a7:63:9d:cc:b8:bf:60:99:9b:a7:51:5a:49:dd:0b:33:10:ac:
         05:d7:b6:c8:27:7a:30:44:55:b3:a7:2c:b0:1a:9f:ab:b8:39:
         4b:3a:9e:71:1c:00:60:90:47:c4:8b:97:06:12:cd:25:4b:6b:
         e7:65:55:90:31:55:3b:74:a7:32:a6:d1:0e:21:61:33:90:3a:
         37:42:f6:ff:2b:8c:b7:71:5b:ff:98:06:a5:33:85:79:d3:46:
         70:ac:85:6d:74:df:1b:fa:65:cb:4b:4d:50:71:17:30:34:65:
         c1:32:c5:dd:05:4a:f9:5d:e5:e4:33:82:63:bb:5c:c8:10:f9:
         7b:a8:98:92:ed:01:c8:6d:4b:9c:0f:5f:7f:f9:af:60:01:7c:
         e7:11:48:da:3e:01:73:b6:91:ce:b4:5c:3e:3b:33:90:6d:fc:
         78:06:0a:b0:38:4e:62:8d:fd:b7:85:62:94:a5:b7:07:33:02:
         6d:75:7a:30:6a:3e:f0:1b:c3:49:ba:4b:a2:de:33:c0:13:da:
         2c:d5:58:ca:2a:72:0c:58:21:0f:48:2f:0d:4f:78:78:6e:f3:
         9c:f5:34:36:51:3a:5f:70:e7:00:e9:ba:a8:0d:a2:06:02:a9:
         88:0e:d7:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFip1qiAq44bEQUSWbWrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjUwODIzMDQwMDU2WhcNMjUwODI0MDQwMDU2WjAzMTEwLwYDVQQD
EygyYmIzMDczYjRmYzBjMmI3YzUzYWRjYjk1YmQzNWI1NmI2YjFmMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2noV3T8Ucdy2zgQXfnPS9S4BxY2
SYrzb6ScmJ2g7TDZBnO5VAajjPEdykuDNf3cK4Japm4Pnkcf3rOizueYan7WMlXI
HQKSXI3wUwABDbx3tDKo91CO9GDtPgXf56V0yoUJykoCVIn4VA36EBoGfGLGiNro
hhAaMm3w7csSCp/QA57al7fzbeksKSib3uBn+XOkPuvPWHIPrJ6So2gNhEEi3dc9
7WEsDOG1drUvaYlN9oFdNTqvmFGY5EsdrEl4Zv0dWbvzf4zr4BMEA0NTBcDdeHai
miIp0sgMZkOysM/cDlmEgErr4nlgkoGyUN+gB/a1YBnJiNUFBn34bKB6HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuzBztPwMK3xTrcuVvTW1a2sfM1MB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFnaIl7Sz
m1Y19q/at3Pa6Qa8p2OdzLi/YJmbp1FaSd0LMxCsBde2yCd6MERVs6cssBqfq7g5
SzqecRwAYJBHxIuXBhLNJUtr52VVkDFVO3SnMqbRDiFhM5A6N0L2/yuMt3Fb/5gG
pTOFedNGcKyFbXTfG/ply0tNUHEXMDRlwTLF3QVK+V3l5DOCY7tcyBD5e6iYku0B
yG1LnA9ff/mvYAF85xFI2j4Bc7aRzrRcPjszkG38eAYKsDhOYo39t4VilKW3BzMC
bXV6MGo+8BvDSbpLot4zwBPaLNVYyipyDFghD0gvDU94eG7znPU0NlE6X3DnAOm6
qA2iBgKpiA7XKg==
-----END CERTIFICATE-----