Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
File:                     KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json)
Hash identifier:          xz39g/kbJq1MD2UwQeNsLnEvPQ7Dvm1PkJJxMQccyho=
Subject key identifier:   BB:16:01:DF:78:27:39:3F:1E:BD:7F:1D:C5:51:D6:1A:DC:CB:A0:44
Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61
Certificate issuer:       /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
Certificate serial:       0197B77C7B41D2B40877A4FBFA9B1FCD2602
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
Manifest number:          8A
Signing time:             Sat 28 Jun 2025 17:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:17 +0000
Files and hashes:         1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: EKRrC59fNzeTKdkXQvmLxGiaKGE60CFw74kvvtO3T9Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:7b:41:d2:b4:08:77:a4:fb:fa:9b:1f:cd:26:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
        Validity
            Not Before: Jun 28 17:01:17 2025 GMT
            Not After : Jun 29 17:01:17 2025 GMT
        Subject: CN=bb1601df7827393f1ebd7f1dc551d61adccba044
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8e:4c:47:ac:08:14:ec:48:0b:24:14:12:f0:
                    35:a2:fc:fa:22:4f:f4:33:46:0f:66:8c:81:6b:11:
                    41:9b:dd:e3:88:92:06:cc:cb:0c:42:d2:70:eb:04:
                    e0:c5:a3:4b:66:6b:87:ba:45:d8:a6:f2:03:92:cf:
                    d3:b1:74:03:56:08:2d:9e:25:98:0f:c4:4f:dd:58:
                    b0:b5:8d:e5:6d:e7:d2:51:38:bf:1e:1b:f7:5e:7f:
                    f5:f0:ac:b6:1d:b4:db:4a:36:46:0b:db:2e:e5:30:
                    bf:ed:98:7c:c0:7d:af:1a:93:17:c6:fc:9c:30:f2:
                    9f:ff:d4:d6:87:7d:82:ac:33:f2:f4:fc:1d:ac:9b:
                    07:78:4d:2d:86:b6:68:1b:0d:f1:ca:5e:93:3a:ae:
                    38:f2:3c:9c:53:83:fd:b1:7a:44:84:c6:dd:8c:26:
                    3b:25:3e:29:04:f6:42:e4:0b:58:a8:f8:57:da:64:
                    c8:9c:ac:a4:e5:ca:45:ba:a9:57:35:65:4f:d9:aa:
                    6f:b2:c8:13:92:9c:ea:67:33:15:f1:dd:40:36:73:
                    0e:7d:32:89:88:80:ee:28:cc:53:20:03:dc:da:80:
                    8e:11:a1:6a:ff:41:04:32:f5:bb:8c:ca:6c:63:72:
                    a3:52:95:14:7a:75:d9:60:d6:7e:f9:78:33:a8:9a:
                    72:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:16:01:DF:78:27:39:3F:1E:BD:7F:1D:C5:51:D6:1A:DC:CB:A0:44
            X509v3 Authority Key Identifier:
                keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:1c:8a:8b:be:fb:0f:9c:e7:c3:b6:84:a8:d7:34:23:04:6a:
         3c:2a:0f:60:2d:1f:16:14:9f:ec:e9:ff:45:d3:96:28:0a:7d:
         69:de:62:3c:1f:72:06:ae:d8:27:a5:15:09:34:eb:72:63:69:
         c8:41:cb:47:8d:4c:38:45:20:2b:12:1b:d9:e9:7b:ef:20:38:
         68:3e:5a:a8:4a:49:a9:2e:73:97:f9:e3:12:76:77:db:c5:0d:
         b9:39:2e:ec:ea:aa:dc:d5:ac:9f:05:a3:67:f2:c3:f8:77:27:
         42:f5:15:96:93:b9:45:99:47:3f:3a:bc:b3:cf:38:b8:3e:26:
         15:47:8c:ed:23:8f:e2:8b:4c:5c:68:28:6d:95:14:98:19:af:
         9d:a0:44:2f:d3:6a:2b:c4:e3:40:46:51:f3:fb:33:37:0c:61:
         83:9f:f1:3e:ae:ab:07:77:be:07:69:f2:4e:a9:09:39:cf:e5:
         be:d7:e3:81:81:fb:25:fb:bd:9f:ae:a3:33:c9:bd:cb:d8:4b:
         38:01:bd:f4:5b:bc:74:5f:04:21:d3:d3:ca:22:c4:18:07:9d:
         e8:68:02:44:fd:b5:2c:51:25:c8:9d:25:86:cd:d1:2e:e4:06:
         2e:23:b0:39:c7:44:3c:98:4d:89:f2:58:46:20:b7:c1:96:6b:
         98:5c:92:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fHtB0rQId6T7+psfzSYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl
NGMwNjEwHhcNMjUwNjI4MTcwMTE3WhcNMjUwNjI5MTcwMTE3WjAzMTEwLwYDVQQD
EyhiYjE2MDFkZjc4MjczOTNmMWViZDdmMWRjNTUxZDYxYWRjY2JhMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo45MR6wIFOxICyQUEvA1ovz6Ik/0
M0YPZoyBaxFBm93jiJIGzMsMQtJw6wTgxaNLZmuHukXYpvIDks/TsXQDVggtniWY
D8RP3ViwtY3lbefSUTi/Hhv3Xn/18Ky2HbTbSjZGC9su5TC/7Zh8wH2vGpMXxvyc
MPKf/9TWh32CrDPy9PwdrJsHeE0thrZoGw3xyl6TOq448jycU4P9sXpEhMbdjCY7
JT4pBPZC5AtYqPhX2mTInKyk5cpFuqlXNWVP2apvssgTkpzqZzMV8d1ANnMOfTKJ
iIDuKMxTIAPc2oCOEaFq/0EEMvW7jMpsY3KjUpUUenXZYNZ++XgzqJpyBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsWAd94Jzk/Hr1/HcVR1hrcy6BEMB8GA1UdIwQY
MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt
NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2
LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALRyKi777
D5znw7aEqNc0IwRqPCoPYC0fFhSf7On/RdOWKAp9ad5iPB9yBq7YJ6UVCTTrcmNp
yEHLR41MOEUgKxIb2el77yA4aD5aqEpJqS5zl/njEnZ328UNuTku7Oqq3NWsnwWj
Z/LD+HcnQvUVlpO5RZlHPzq8s884uD4mFUeM7SOP4otMXGgobZUUmBmvnaBEL9Nq
K8TjQEZR8/szNwxhg5/xPq6rB3e+B2nyTqkJOc/lvtfjgYH7Jfu9n66jM8m9y9hL
OAG99Fu8dF8EIdPTyiLEGAed6GgCRP21LFElyJ0lhs3RLuQGLiOwOcdEPJhNifJY
RiC3wZZrmFyScQ==
-----END CERTIFICATE-----