Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          eEOG9bHpKhfRXEyOcmkLusEMhEuTGdnfUVjxdEIki54=
Subject key identifier:   64:64:B6:68:EF:20:FB:DD:28:41:75:FE:29:04:32:47:03:BA:4C:6C
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       0197B7452C00BF95885E298057D89BB8A805
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          14CC
Signing time:             Sat 28 Jun 2025 16:00:53 +0000
Manifest this update:     Sat 28 Jun 2025 16:00:53 +0000
Manifest next update:     Sun 29 Jun 2025 16:00:53 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: 2kYzSTxaQOXeZVm2DLPPQU87RXBIyuJmcO3x18IOrd0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:45:2c:00:bf:95:88:5e:29:80:57:d8:9b:b8:a8:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: Jun 28 16:00:53 2025 GMT
            Not After : Jun 29 16:00:53 2025 GMT
        Subject: CN=6464b668ef20fbdd284175fe2904324703ba4c6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:43:dc:a9:2c:33:4c:f4:8d:5e:b0:10:97:7a:
                    f6:a7:2f:0f:68:4e:1e:06:c3:d4:23:a9:d2:fd:69:
                    df:79:86:1e:bc:97:2f:64:94:d2:99:b9:17:35:e7:
                    96:5b:0b:3b:4c:fd:2d:dc:e8:58:25:87:48:ab:f8:
                    9f:5b:9d:9c:aa:93:f3:48:d4:f9:b6:18:37:d2:46:
                    af:6f:0f:b6:11:27:17:ac:9f:8f:0b:e1:a2:6d:94:
                    b3:92:1e:ac:c4:40:54:1c:8f:45:33:db:d6:42:36:
                    2e:a9:8b:79:84:f7:16:cb:05:ba:b8:d6:11:e9:4b:
                    db:9a:76:47:23:9e:9a:34:a3:b9:78:66:ea:f1:9e:
                    20:d4:49:77:77:ce:64:93:9e:7e:58:c4:fe:fb:b0:
                    3a:a9:5c:61:75:4a:c2:82:eb:e3:16:8f:7d:66:fd:
                    4f:64:18:2e:83:fe:c7:9a:3e:ee:7f:e2:4c:5b:cb:
                    13:ad:85:74:85:9e:be:a8:72:77:c2:b6:4b:f8:ec:
                    74:33:58:e6:2e:f1:5f:d2:66:e3:a7:df:8d:bd:07:
                    83:a9:83:e1:d3:e4:b4:c8:d1:51:0c:f8:6d:25:5f:
                    ba:af:a7:2e:d3:5e:46:93:85:73:94:a3:a6:1c:c1:
                    12:74:94:15:a2:5c:ca:bf:40:96:5a:14:76:dd:6c:
                    68:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:64:B6:68:EF:20:FB:DD:28:41:75:FE:29:04:32:47:03:BA:4C:6C
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:bd:0e:d6:93:eb:b1:8d:14:81:17:35:01:3f:89:3c:8f:99:
         b6:1b:47:39:dd:db:0e:53:98:2f:5e:72:ac:87:ff:3b:f8:82:
         17:e1:7f:bc:5b:c4:20:5a:99:24:c3:2c:46:5b:a8:3f:d4:91:
         a8:b2:76:01:21:93:ca:a2:7e:1e:2e:8c:64:14:b6:bb:dc:d6:
         51:70:2c:03:ad:0a:f0:06:6d:2d:5e:9a:7b:2a:d6:25:fb:ad:
         c1:5b:9e:b8:80:ec:b4:66:51:39:42:6d:dc:b3:c6:66:c9:93:
         f1:c1:0b:a4:da:34:d9:52:c6:08:9c:62:75:05:a0:7a:31:fc:
         8a:5d:be:90:cf:76:97:2e:82:21:92:df:31:10:9e:76:af:3c:
         b1:f8:aa:f1:88:e3:f8:86:f0:ca:ae:fc:c6:d8:17:91:1b:e4:
         a5:09:b8:23:3f:a5:96:c2:24:71:3f:e4:ad:a8:17:08:56:61:
         92:35:5f:f9:c7:a3:ec:b1:50:91:da:b9:61:ab:ce:0a:b9:91:
         9a:1c:f7:0c:fb:5a:2a:0f:8b:ab:b1:09:29:29:52:38:0b:ff:
         ad:2a:cf:3e:73:43:b6:3a:6c:43:b2:db:4f:62:4d:2c:78:54:
         f1:70:d0:26:74:54:01:a6:4c:54:83:2b:de:53:dc:6f:59:22:
         45:2a:2a:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RSwAv5WIXimAV9ibuKgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjUwNjI4MTYwMDUzWhcNMjUwNjI5MTYwMDUzWjAzMTEwLwYDVQQD
Eyg2NDY0YjY2OGVmMjBmYmRkMjg0MTc1ZmUyOTA0MzI0NzAzYmE0YzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkPcqSwzTPSNXrAQl3r2py8PaE4e
BsPUI6nS/WnfeYYevJcvZJTSmbkXNeeWWws7TP0t3OhYJYdIq/ifW52cqpPzSNT5
thg30kavbw+2EScXrJ+PC+GibZSzkh6sxEBUHI9FM9vWQjYuqYt5hPcWywW6uNYR
6UvbmnZHI56aNKO5eGbq8Z4g1El3d85kk55+WMT++7A6qVxhdUrCguvjFo99Zv1P
ZBgug/7Hmj7uf+JMW8sTrYV0hZ6+qHJ3wrZL+Ox0M1jmLvFf0mbjp9+NvQeDqYPh
0+S0yNFRDPhtJV+6r6cu015Gk4VzlKOmHMESdJQVolzKv0CWWhR23WxozQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRktmjvIPvdKEF1/ikEMkcDukxsMB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcL0O1pPr
sY0UgRc1AT+JPI+ZthtHOd3bDlOYL15yrIf/O/iCF+F/vFvEIFqZJMMsRluoP9SR
qLJ2ASGTyqJ+Hi6MZBS2u9zWUXAsA60K8AZtLV6aeyrWJfutwVueuIDstGZROUJt
3LPGZsmT8cELpNo02VLGCJxidQWgejH8il2+kM92ly6CIZLfMRCedq88sfiq8Yjj
+Ibwyq78xtgXkRvkpQm4Iz+llsIkcT/kragXCFZhkjVf+cej7LFQkdq5YavOCrmR
mhz3DPtaKg+Lq7EJKSlSOAv/rSrPPnNDtjpsQ7LbT2JNLHhU8XDQJnRUAaZMVIMr
3lPcb1kiRSoq/A==
-----END CERTIFICATE-----