Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          hCm9VsYR7GCv0Qe2/wL1W5CC741ularto1Vv1rpm35g=
Subject key identifier:   AB:2C:41:CD:D2:41:7C:1A:03:C0:BB:C3:34:0E:7B:3D:FB:61:AD:7B
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       0198D54E30191CE9CBBFD821F123AE2A4851
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0DA2
Signing time:             Sat 23 Aug 2025 05:02:07 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:07 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:07 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: d8aLnbacZSVoo6rHQufSbL96ZwV/B0806Se0RRd+lD0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:30:19:1c:e9:cb:bf:d8:21:f1:23:ae:2a:48:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Aug 23 05:02:07 2025 GMT
            Not After : Aug 24 05:02:07 2025 GMT
        Subject: CN=ab2c41cdd2417c1a03c0bbc3340e7b3dfb61ad7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c7:de:16:61:a2:13:0d:ba:8f:5e:fb:e9:db:
                    05:6e:57:99:90:9e:ae:a5:6d:d5:17:23:19:c9:6b:
                    7c:84:8d:8e:7d:4b:a1:29:bf:4e:1b:88:14:95:e7:
                    e8:5c:bd:bc:b7:ce:77:74:7a:d6:8a:21:b7:25:77:
                    48:bd:20:54:94:e6:47:70:23:44:cd:00:67:16:30:
                    30:5c:5f:06:01:07:51:1d:de:8f:17:6c:e8:3c:67:
                    1a:35:ca:0a:e7:da:b8:13:10:be:97:10:2a:c7:c6:
                    b6:0a:97:34:5d:21:b4:00:9a:d7:9a:66:0f:57:03:
                    54:5c:90:9f:0a:27:cb:bc:5d:5e:8e:e5:93:1a:be:
                    f5:2e:84:fc:c4:56:a8:45:59:eb:3f:14:07:81:85:
                    4d:0d:6f:3d:57:40:20:19:09:13:67:1e:80:57:34:
                    49:6b:14:d7:9f:3b:09:e0:43:b2:1b:18:a9:2a:9c:
                    09:7a:48:cc:20:7b:f1:fb:ac:31:17:e4:df:57:0e:
                    65:89:7f:1f:f5:ab:3b:a6:ce:28:41:57:a5:c7:6e:
                    c7:6d:62:92:11:b5:18:27:e3:ef:31:26:c7:2d:1f:
                    f3:5f:e7:0e:e2:dd:74:1b:e0:70:8f:a4:7e:ee:b6:
                    27:77:0b:c7:d1:72:0a:ba:e2:92:3f:88:6c:ec:79:
                    9a:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:2C:41:CD:D2:41:7C:1A:03:C0:BB:C3:34:0E:7B:3D:FB:61:AD:7B
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:7e:42:3a:b8:ce:94:1b:b3:5a:ca:f1:92:b3:d8:bb:a9:b4:
         2c:be:f1:f1:88:ae:cd:90:b4:40:5b:e7:84:9f:c9:de:8d:c4:
         ea:80:3d:ab:0a:9b:76:c8:30:91:31:27:69:3c:a7:4b:5a:18:
         d7:83:5b:33:a5:d5:21:94:28:71:71:c6:48:b2:81:11:b9:5c:
         64:91:b1:db:54:62:4a:41:d9:89:0c:db:71:0e:90:19:5e:8b:
         0b:be:46:ea:5f:db:39:3d:d6:1a:a6:f1:9e:e8:93:37:f1:6b:
         1c:40:68:22:a4:71:09:5e:fb:ed:b2:21:dc:bd:44:2a:a4:69:
         10:87:52:c5:c3:d0:fb:f6:1b:b3:44:80:03:b1:de:e9:2c:d9:
         15:b3:1d:56:cb:91:de:3e:93:f0:cd:61:88:c0:60:71:7e:80:
         32:cb:8c:ce:64:56:51:aa:f0:f4:cd:72:a8:38:a2:f3:d6:33:
         69:f3:a1:42:f4:ee:e4:5a:8b:bf:a2:b4:6e:e1:95:23:49:8b:
         21:2b:b4:92:7d:13:c0:97:b7:99:4d:93:d7:f3:dd:96:b9:f1:
         cb:ee:6e:14:65:df:ab:90:5e:eb:21:89:a0:63:e4:03:83:27:
         9b:c9:f9:4f:dc:0f:c9:e7:eb:94:1b:6a:22:5e:41:18:d9:97:
         e4:a8:b2:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTjAZHOnLv9gh8SOuKkhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUwODIzMDUwMjA3WhcNMjUwODI0MDUwMjA3WjAzMTEwLwYDVQQD
EyhhYjJjNDFjZGQyNDE3YzFhMDNjMGJiYzMzNDBlN2IzZGZiNjFhZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMfeFmGiEw26j1776dsFbleZkJ6u
pW3VFyMZyWt8hI2OfUuhKb9OG4gUlefoXL28t853dHrWiiG3JXdIvSBUlOZHcCNE
zQBnFjAwXF8GAQdRHd6PF2zoPGcaNcoK59q4ExC+lxAqx8a2Cpc0XSG0AJrXmmYP
VwNUXJCfCifLvF1ejuWTGr71LoT8xFaoRVnrPxQHgYVNDW89V0AgGQkTZx6AVzRJ
axTXnzsJ4EOyGxipKpwJekjMIHvx+6wxF+TfVw5liX8f9as7ps4oQVelx27HbWKS
EbUYJ+PvMSbHLR/zX+cO4t10G+Bwj6R+7rYndwvH0XIKuuKSP4hs7HmawwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKssQc3SQXwaA8C7wzQOez37Ya17MB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADn5COrjO
lBuzWsrxkrPYu6m0LL7x8YiuzZC0QFvnhJ/J3o3E6oA9qwqbdsgwkTEnaTynS1oY
14NbM6XVIZQocXHGSLKBEblcZJGx21RiSkHZiQzbcQ6QGV6LC75G6l/bOT3WGqbx
nuiTN/FrHEBoIqRxCV777bIh3L1EKqRpEIdSxcPQ+/Ybs0SAA7He6SzZFbMdVsuR
3j6T8M1hiMBgcX6AMsuMzmRWUarw9M1yqDii89YzafOhQvTu5FqLv6K0buGVI0mL
ISu0kn0TwJe3mU2T1/Pdlrnxy+5uFGXfq5Be6yGJoGPkA4Mnm8n5T9wPyefrlBtq
Il5BGNmX5KiyRg==
-----END CERTIFICATE-----