Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
File:                     KhQFaUht0XjbWDoKHklt8iMYXTU.mft (raw, json)
Hash identifier:          y7nMteMhEdUAgrnHwq6OeXZD1h24CHs7aIGQcYHU1jI=
Subject key identifier:   33:49:7F:D6:45:3F:8F:B7:D4:2C:26:83:15:9B:D8:FB:C7:05:16:5B
Authority key identifier: 2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35
Certificate issuer:       /CN=2a140569486dd178db583a0a1e496df223185d35
Certificate serial:       0197B70EB4D0521D462856788D914A853396
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
Manifest number:          07FB
Signing time:             Sat 28 Jun 2025 15:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:23 +0000
Files and hashes:         1: KhQFaUht0XjbWDoKHklt8iMYXTU.crl (hash: mkEtAdsFHgXiFDwYaUU7vGoriIt9S+fbYWj1Lk047cE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:b4:d0:52:1d:46:28:56:78:8d:91:4a:85:33:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a140569486dd178db583a0a1e496df223185d35
        Validity
            Not Before: Jun 28 15:01:23 2025 GMT
            Not After : Jun 29 15:01:23 2025 GMT
        Subject: CN=33497fd6453f8fb7d42c2683159bd8fbc705165b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:87:3a:01:4c:b0:0a:62:33:3a:83:d4:eb:2e:
                    56:a5:ce:3b:83:d6:9f:b7:f0:14:28:a8:3d:ad:cd:
                    43:ac:9f:7f:27:9a:f1:36:ed:cf:47:b9:42:48:75:
                    5f:3b:24:05:4e:53:27:b0:12:c8:cc:d2:48:85:69:
                    33:1b:2b:4a:b3:df:e5:df:5d:97:ab:15:b5:f9:90:
                    c7:b5:f6:a0:cb:01:70:58:dd:e5:59:53:55:2e:2d:
                    ac:1b:17:e3:27:90:54:db:e9:6f:06:68:41:a8:ff:
                    20:39:c8:8f:16:88:80:2b:65:a7:6e:9f:25:a0:94:
                    15:e8:95:84:6e:de:bc:e6:eb:32:dc:da:e3:5b:23:
                    2a:84:ed:aa:a6:f3:1c:c6:7e:ea:93:a2:af:e1:c8:
                    fd:4d:d7:3b:13:6c:61:8a:be:e3:76:ac:68:56:60:
                    93:da:ac:79:41:bb:f6:cd:37:ea:88:a7:32:80:68:
                    4f:c7:53:27:cd:82:70:21:83:06:4a:d5:53:36:f5:
                    ea:0e:a9:e4:1b:9a:a6:06:60:e2:4e:7a:08:94:86:
                    62:08:a9:1c:a4:01:c2:e0:48:d2:3f:14:0a:8b:e2:
                    a0:b8:6e:61:8a:04:e3:7f:18:fb:d2:67:e1:e9:1a:
                    54:51:19:ed:6a:a4:52:c0:2f:3e:cf:a9:9f:da:2e:
                    c0:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:49:7F:D6:45:3F:8F:B7:D4:2C:26:83:15:9B:D8:FB:C7:05:16:5B
            X509v3 Authority Key Identifier:
                keyid:2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:ea:15:87:bc:5d:73:fd:31:3f:a8:59:15:12:a9:67:9b:3e:
         a0:c6:34:b2:af:75:ee:0b:6e:41:0e:74:4e:91:4a:e2:a2:8e:
         f8:e3:f7:08:86:9d:81:79:fb:9f:c6:b4:bf:de:93:e0:e3:f7:
         5e:95:b7:b1:41:8a:e4:ac:d3:65:82:38:f9:03:b3:8e:da:aa:
         95:8f:af:0d:b4:ae:ad:29:06:4f:ac:a2:f1:30:81:9b:93:eb:
         e4:9d:ce:f1:01:96:a6:9f:0f:f7:55:60:1f:33:f7:28:f9:6a:
         a6:30:93:f5:7c:51:93:e2:1e:65:78:82:a0:5b:f4:7a:05:28:
         29:63:b0:5f:ca:6c:6f:d7:c6:fb:50:77:1f:f3:e4:28:d0:f4:
         d5:cb:f1:69:e2:8f:79:ee:01:b1:e1:91:a0:ad:0b:08:4a:c6:
         cf:b3:3b:10:73:07:c6:2b:6d:3b:bb:98:f4:eb:e4:9e:8a:0d:
         4a:69:f5:ab:c7:2b:38:63:f7:09:2b:d8:bd:8d:87:b4:d2:fa:
         79:f9:1b:2e:52:74:d6:ea:97:08:50:39:3a:66:c6:52:27:52:
         2d:57:e9:7a:af:3f:f0:29:f6:02:c1:ba:aa:cb:f0:7d:23:3f:
         aa:46:03:ff:c4:78:05:9c:6d:84:05:3e:1e:9c:15:d9:c7:73:
         9e:20:e2:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DrTQUh1GKFZ4jZFKhTOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTQwNTY5NDg2ZGQxNzhkYjU4M2EwYTFlNDk2ZGYyMjMx
ODVkMzUwHhcNMjUwNjI4MTUwMTIzWhcNMjUwNjI5MTUwMTIzWjAzMTEwLwYDVQQD
EygzMzQ5N2ZkNjQ1M2Y4ZmI3ZDQyYzI2ODMxNTliZDhmYmM3MDUxNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ic6AUywCmIzOoPU6y5Wpc47g9af
t/AUKKg9rc1DrJ9/J5rxNu3PR7lCSHVfOyQFTlMnsBLIzNJIhWkzGytKs9/l312X
qxW1+ZDHtfagywFwWN3lWVNVLi2sGxfjJ5BU2+lvBmhBqP8gOciPFoiAK2Wnbp8l
oJQV6JWEbt685usy3NrjWyMqhO2qpvMcxn7qk6Kv4cj9Tdc7E2xhir7jdqxoVmCT
2qx5Qbv2zTfqiKcygGhPx1MnzYJwIYMGStVTNvXqDqnkG5qmBmDiTnoIlIZiCKkc
pAHC4EjSPxQKi+KguG5higTjfxj70mfh6RpUURntaqRSwC8+z6mf2i7ArwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDNJf9ZFP4+31CwmgxWb2PvHBRZbMB8GA1UdIwQY
MBaAFCoUBWlIbdF421g6Ch5JbfIjGF01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2Yt
NTRiZDY0OWI0ODUyLzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2YtNTRiZDY0OWI0ODUy
LzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANeoVh7xd
c/0xP6hZFRKpZ5s+oMY0sq917gtuQQ50TpFK4qKO+OP3CIadgXn7n8a0v96T4OP3
XpW3sUGK5KzTZYI4+QOzjtqqlY+vDbSurSkGT6yi8TCBm5Pr5J3O8QGWpp8P91Vg
HzP3KPlqpjCT9XxRk+IeZXiCoFv0egUoKWOwX8psb9fG+1B3H/PkKND01cvxaeKP
ee4BseGRoK0LCErGz7M7EHMHxittO7uY9OvknooNSmn1q8crOGP3CSvYvY2HtNL6
efkbLlJ01uqXCFA5OmbGUidSLVfpeq8/8Cn2AsG6qsvwfSM/qkYD/8R4BZxthAU+
HpwV2cdzniDiTQ==
-----END CERTIFICATE-----