Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
File:                     KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft (raw, json)
Hash identifier:          x6wnl8Pn2nTTHLen9qdyGhuSxFrBvutZjdlTl6tTJTM=
Subject key identifier:   12:B1:58:C6:C2:1C:29:5E:2B:21:EB:D4:B9:AA:29:16:96:4C:83:F0
Authority key identifier: 28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6
Certificate issuer:       /CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
Certificate serial:       0197B632B558DF8116AC104E168B052F71CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
Manifest number:          0947
Signing time:             Sat 28 Jun 2025 11:01:05 +0000
Manifest this update:     Sat 28 Jun 2025 11:01:05 +0000
Manifest next update:     Sun 29 Jun 2025 11:01:05 +0000
Files and hashes:         1: KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl (hash: R8Cv8ozaosrYjubsvzjBiGtsN415dnKrBy47/vC7aC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:32:b5:58:df:81:16:ac:10:4e:16:8b:05:2f:71:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
        Validity
            Not Before: Jun 28 11:01:05 2025 GMT
            Not After : Jun 29 11:01:05 2025 GMT
        Subject: CN=12b158c6c21c295e2b21ebd4b9aa2916964c83f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:28:55:c3:66:62:b7:e7:eb:fe:bf:c6:fd:f0:
                    58:3a:62:17:35:a2:da:5b:f8:92:1d:0b:7e:6b:65:
                    8f:ee:5e:fe:fd:f9:c3:d1:6e:c8:32:05:9a:f5:1c:
                    13:39:9e:7b:1a:55:6a:73:d6:66:92:9f:ac:a0:47:
                    02:ab:8e:bb:0e:f8:75:fd:e5:35:09:ae:77:86:44:
                    20:4c:61:48:c0:f3:c8:bc:59:cc:5f:30:ed:d2:7d:
                    a5:c7:9c:5b:92:01:cc:50:a4:b4:73:dc:2f:de:18:
                    e1:1a:72:ca:65:50:18:35:43:c4:d5:ab:eb:f3:ba:
                    eb:16:be:cc:d5:44:21:a5:30:bd:8e:f2:20:81:bb:
                    2a:30:d5:89:7d:b8:cb:1e:23:3c:8b:56:bf:6f:91:
                    f1:94:fb:0f:dc:38:38:5f:68:8e:58:9d:24:56:87:
                    1c:fa:a5:79:93:87:1d:3c:00:e7:5b:90:3c:bd:76:
                    1f:00:2a:70:e4:54:6a:6c:42:ef:e7:ba:79:7b:6f:
                    7b:90:0d:7f:e8:cb:9b:15:2f:9c:73:5d:ea:92:58:
                    85:01:29:82:9b:e3:03:f4:69:82:fb:3c:9a:24:17:
                    84:71:2b:36:9e:36:9c:a3:61:b1:6a:6a:e5:ad:a9:
                    f7:aa:90:64:7d:61:f4:89:b2:0d:26:05:ee:d0:ed:
                    ee:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:B1:58:C6:C2:1C:29:5E:2B:21:EB:D4:B9:AA:29:16:96:4C:83:F0
            X509v3 Authority Key Identifier:
                keyid:28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:3a:49:a5:7f:d7:aa:dc:d9:57:d5:a7:46:f3:fd:db:10:13:
         63:e3:e7:df:c9:d7:ea:44:e0:16:f4:a4:6b:ac:73:bf:78:18:
         5e:d0:be:55:e6:a5:ac:96:1d:d4:ec:25:13:59:a2:1d:ab:6e:
         7d:06:c3:04:4f:61:4b:37:ab:d7:e4:50:23:31:06:12:37:b8:
         07:28:13:fb:1a:8b:cb:fe:a0:4b:5c:20:86:79:40:37:09:b7:
         93:22:a7:0e:9f:83:3a:21:9a:ac:52:04:77:41:bf:53:a8:e9:
         6c:ee:9a:64:39:e2:1e:a1:ac:0d:d4:77:de:9d:8f:ca:da:28:
         60:0e:d4:10:16:04:21:c6:07:e0:b6:96:04:e5:77:ac:f2:64:
         8f:b1:8c:7c:40:a0:48:a1:68:5c:58:1b:a9:ea:e2:f6:9d:f5:
         f7:53:58:8a:e0:8f:3d:e8:95:c4:84:48:c7:ce:49:06:9d:f0:
         0a:58:fe:f4:8f:36:7e:d4:6a:da:7d:75:0a:34:54:56:74:63:
         1e:8d:a2:40:71:fc:9d:ce:1f:49:8a:02:d2:b7:9d:34:c7:2a:
         01:5e:65:17:a2:29:73:97:60:4e:4c:f1:79:e4:5f:61:b0:6b:
         c6:42:ee:4d:6d:4b:0c:a3:b6:e2:21:9e:c9:ed:0c:58:cd:a2:
         f9:a6:62:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2MrVY34EWrBBOFosFL3HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MWE3ZjA3YmU1YzMxMzhjYjQzYzJjMThiMjlhYTU0Njg1
NDRiYTYwHhcNMjUwNjI4MTEwMTA1WhcNMjUwNjI5MTEwMTA1WjAzMTEwLwYDVQQD
EygxMmIxNThjNmMyMWMyOTVlMmIyMWViZDRiOWFhMjkxNjk2NGM4M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ihVw2Zit+fr/r/G/fBYOmIXNaLa
W/iSHQt+a2WP7l7+/fnD0W7IMgWa9RwTOZ57GlVqc9Zmkp+soEcCq467Dvh1/eU1
Ca53hkQgTGFIwPPIvFnMXzDt0n2lx5xbkgHMUKS0c9wv3hjhGnLKZVAYNUPE1avr
87rrFr7M1UQhpTC9jvIggbsqMNWJfbjLHiM8i1a/b5HxlPsP3Dg4X2iOWJ0kVocc
+qV5k4cdPADnW5A8vXYfACpw5FRqbELv57p5e297kA1/6MubFS+cc13qkliFASmC
m+MD9GmC+zyaJBeEcSs2njaco2Gxamrlran3qpBkfWH0ibINJgXu0O3uhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKxWMbCHCleKyHr1LmqKRaWTIPwMB8GA1UdIwQY
MBaAFCgafwe+XDE4y0PCwYspqlRoVEumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQt
NTJjY2Y2NWJkNjdiLzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQtNTJjY2Y2NWJkNjdi
LzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTpJpX/X
qtzZV9WnRvP92xATY+Pn38nX6kTgFvSka6xzv3gYXtC+VealrJYd1OwlE1miHatu
fQbDBE9hSzer1+RQIzEGEje4BygT+xqLy/6gS1wghnlANwm3kyKnDp+DOiGarFIE
d0G/U6jpbO6aZDniHqGsDdR33p2PytooYA7UEBYEIcYH4LaWBOV3rPJkj7GMfECg
SKFoXFgbqeri9p3191NYiuCPPeiVxIRIx85JBp3wClj+9I82ftRq2n11CjRUVnRj
Ho2iQHH8nc4fSYoC0redNMcqAV5lF6Ipc5dgTkzxeeRfYbBrxkLuTW1LDKO24iGe
ye0MWM2i+aZi2Q==
-----END CERTIFICATE-----