Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          L6XeeUxsdRxJnPKnowsow9Y5NWChMo8BVCRIzuW3i7s=
Subject key identifier:   02:F6:85:C5:58:E0:4D:1C:47:96:D3:A1:59:88:04:52:F4:59:73:BF
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       0196A12D2A720988B41A664764CC4E56EF72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          143C
Signing time:             Mon 05 May 2025 16:00:13 +0000
Manifest this update:     Mon 05 May 2025 16:00:13 +0000
Manifest next update:     Tue 06 May 2025 16:00:13 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: KFzQ8v9MWVUxOTO7bWZgDpwxrNa/L9NkIvWhTICkgfY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 16:00:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a1:2d:2a:72:09:88:b4:1a:66:47:64:cc:4e:56:ef:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: May  5 16:00:13 2025 GMT
            Not After : May  6 16:00:13 2025 GMT
        Subject: CN=02f685c558e04d1c4796d3a159880452f45973bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:54:f3:87:13:a1:b1:8c:71:8b:a3:d6:fc:21:
                    21:d8:16:ad:e5:32:78:d0:be:54:fe:d5:8a:68:39:
                    7d:5b:af:ed:57:94:bd:f2:64:30:a9:98:00:44:a8:
                    32:6f:f4:bb:56:b7:c3:0a:9c:55:c6:5a:ef:fc:c5:
                    c1:4d:7e:03:e7:69:cd:3c:89:45:33:7f:21:14:20:
                    9e:17:66:ba:38:f1:db:ad:c6:16:9e:c6:43:8d:e3:
                    86:da:a9:62:8e:a8:81:15:67:85:77:d9:57:38:7b:
                    87:f9:b0:1b:15:d3:25:31:8d:c8:7d:ff:9a:33:89:
                    76:6f:5c:72:ec:d7:ea:53:25:05:34:7c:ce:99:88:
                    f6:36:68:90:05:c6:99:0c:b0:93:13:03:f3:86:d8:
                    85:fb:62:13:ad:41:d1:03:c5:6c:42:82:c6:6e:b4:
                    be:dd:13:6c:29:3c:e9:86:96:49:ef:f3:fc:04:02:
                    bb:25:37:ea:09:92:b8:cd:b6:d8:01:de:dd:26:3f:
                    36:20:b0:38:1a:91:e6:4b:08:92:70:04:02:c8:21:
                    36:3e:e2:f1:c1:45:1d:77:80:d6:41:a9:6e:0a:38:
                    7e:98:76:40:49:5a:f1:b1:9a:cb:16:98:d9:6e:f7:
                    67:bb:4d:4a:ec:a4:18:0b:ff:d5:ee:ea:23:4e:0d:
                    81:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:F6:85:C5:58:E0:4D:1C:47:96:D3:A1:59:88:04:52:F4:59:73:BF
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:87:22:45:44:98:45:09:74:84:06:56:87:16:d9:9b:c7:5f:
         89:b9:31:14:f4:f9:91:71:8f:49:8f:cf:65:6f:00:3c:b9:7f:
         9c:62:cf:6b:5f:fa:1b:3f:eb:63:c2:86:72:3e:1e:f0:e3:9a:
         56:58:b7:06:f9:10:32:a3:1e:4c:55:2f:91:88:36:80:e2:0b:
         aa:7f:c9:24:e7:7a:f5:b7:fe:50:d1:76:f6:88:92:96:5e:e8:
         a2:dd:63:98:10:bf:38:04:2b:1c:f1:e6:30:65:9e:17:9f:b1:
         64:82:58:e9:e7:dc:a1:66:5d:c0:5b:8b:35:df:ea:70:29:5d:
         49:f8:14:d4:66:a7:65:70:55:2f:64:0c:5f:c5:8e:5d:3c:8d:
         0e:e1:40:d1:e5:c0:31:07:12:39:05:37:eb:47:b0:3c:a5:26:
         b4:3a:78:5e:f8:d5:58:0e:19:94:82:3b:18:9e:94:af:c9:a9:
         63:92:7b:37:9a:d6:62:07:a4:fc:44:10:62:e9:09:48:33:75:
         32:4c:c3:fd:62:92:64:3d:cb:9a:cd:fd:07:d9:bf:1c:1f:0d:
         99:6c:24:16:d5:64:46:f3:c1:58:3c:67:4e:11:44:d7:49:be:
         48:3d:19:be:ec:20:8a:b5:80:5d:2a:81:1d:1e:38:8b:4e:18:
         56:01:a6:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZahLSpyCYi0GmZHZMxOVu9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjUwNTA1MTYwMDEzWhcNMjUwNTA2MTYwMDEzWjAzMTEwLwYDVQQD
EygwMmY2ODVjNTU4ZTA0ZDFjNDc5NmQzYTE1OTg4MDQ1MmY0NTk3M2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1TzhxOhsYxxi6PW/CEh2Bat5TJ4
0L5U/tWKaDl9W6/tV5S98mQwqZgARKgyb/S7VrfDCpxVxlrv/MXBTX4D52nNPIlF
M38hFCCeF2a6OPHbrcYWnsZDjeOG2qlijqiBFWeFd9lXOHuH+bAbFdMlMY3Iff+a
M4l2b1xy7NfqUyUFNHzOmYj2NmiQBcaZDLCTEwPzhtiF+2ITrUHRA8VsQoLGbrS+
3RNsKTzphpZJ7/P8BAK7JTfqCZK4zbbYAd7dJj82ILA4GpHmSwiScAQCyCE2PuLx
wUUdd4DWQaluCjh+mHZASVrxsZrLFpjZbvdnu01K7KQYC//V7uojTg2BUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAL2hcVY4E0cR5bToVmIBFL0WXO/MB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnociRUSY
RQl0hAZWhxbZm8dfibkxFPT5kXGPSY/PZW8APLl/nGLPa1/6Gz/rY8KGcj4e8OOa
Vli3BvkQMqMeTFUvkYg2gOILqn/JJOd69bf+UNF29oiSll7oot1jmBC/OAQrHPHm
MGWeF5+xZIJY6efcoWZdwFuLNd/qcCldSfgU1GanZXBVL2QMX8WOXTyNDuFA0eXA
MQcSOQU360ewPKUmtDp4XvjVWA4ZlII7GJ6Ur8mpY5J7N5rWYgek/EQQYukJSDN1
MkzD/WKSZD3Lms39B9m/HB8NmWwkFtVkRvPBWDxnThFE10m+SD0ZvuwgirWAXSqB
HR44i04YVgGmnQ==
-----END CERTIFICATE-----