Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          pEnMcYB8E3rxYyZatD6EDDhQ+VfjPrq7+fkozmUdfSg=
Subject key identifier:   77:CC:9A:1A:F5:A8:C3:D9:33:B1:21:3B:2C:33:EA:DD:86:81:9A:DD
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       0196CF4FAED173EE36E37061E76CD85C9F43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          014C
Signing time:             Wed 14 May 2025 15:00:27 +0000
Manifest this update:     Wed 14 May 2025 15:00:27 +0000
Manifest next update:     Thu 15 May 2025 15:00:27 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: Cd0vLdTMfQJQ8QkYp5l8uhe3u66YclVSyLxdbyfBaqY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 15:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:cf:4f:ae:d1:73:ee:36:e3:70:61:e7:6c:d8:5c:9f:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: May 14 15:00:27 2025 GMT
            Not After : May 15 15:00:27 2025 GMT
        Subject: CN=77cc9a1af5a8c3d933b1213b2c33eadd86819add
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:82:9a:19:98:b8:8f:ac:7f:b8:e3:b6:bd:83:
                    5d:ef:2f:30:c7:0a:72:06:f8:cb:08:f9:60:03:7c:
                    ad:89:6e:d0:5e:29:00:c7:51:40:b2:3f:49:bb:8e:
                    ba:b6:49:af:a9:6e:9b:c5:05:2c:93:6c:38:ec:bf:
                    4d:c5:35:05:84:fd:6f:30:27:dc:ed:53:86:fe:04:
                    26:da:48:65:ec:b3:24:cd:5a:5f:32:be:f3:06:ad:
                    df:a6:49:16:f3:a5:13:2f:13:63:f4:e0:f2:74:c3:
                    94:40:4e:08:08:33:d7:b3:61:7f:81:d8:e6:3d:34:
                    f5:e8:4e:f4:d1:c1:83:10:e2:3c:48:fa:1c:04:87:
                    4f:72:66:cd:01:24:51:6a:e8:61:27:9a:45:b7:7b:
                    9d:44:e0:e4:c1:c5:d8:6f:7a:06:9a:7a:7d:2f:f7:
                    d9:b4:ef:da:dc:5a:e7:22:df:4c:22:60:d6:ef:82:
                    6f:7e:c8:2a:ec:7c:a7:a7:54:7c:0d:fc:9f:03:64:
                    23:6d:2e:ca:d2:2a:db:a7:97:3d:ab:51:2b:23:23:
                    91:46:41:31:bf:a7:f5:75:a9:92:07:4c:50:b4:d7:
                    de:6b:77:56:72:b4:29:4b:b4:9d:71:0d:76:3f:ae:
                    d9:f7:e5:c1:2c:4e:6b:b9:59:4a:27:dc:80:d5:b7:
                    75:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:CC:9A:1A:F5:A8:C3:D9:33:B1:21:3B:2C:33:EA:DD:86:81:9A:DD
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:dc:cd:b5:ac:29:0a:d5:f1:3c:44:fc:20:f7:11:35:fb:c9:
         0a:0b:b1:27:5b:44:92:04:91:07:25:72:c3:0e:7e:25:46:0b:
         4f:96:76:f3:8d:d3:e6:aa:0d:02:f1:5e:59:65:55:1e:e0:87:
         e0:64:cf:e1:52:d7:29:bb:48:32:7e:ed:fc:12:34:87:24:b3:
         93:2b:0b:cb:e0:21:5f:d5:90:0d:76:d4:2f:aa:6a:d5:34:83:
         a8:cf:3c:ed:74:b6:c3:5b:bc:05:dd:0a:15:4e:9c:c9:0f:ef:
         8d:1f:a0:07:cc:1c:08:35:e1:9c:f2:74:71:f3:22:90:1e:ab:
         49:9e:5d:84:9e:58:fa:a2:b9:47:59:9a:22:af:92:37:dc:c4:
         5d:0b:91:15:d9:ed:23:46:47:01:7c:f8:ae:88:5b:f9:f5:df:
         ca:ab:40:a3:20:14:d7:1b:6c:a0:85:03:81:91:a3:cd:0d:c6:
         17:27:e3:ea:39:ec:b9:e5:e4:4a:7a:ae:1b:d2:c1:9b:a7:8f:
         bb:ac:b5:fe:91:4d:a2:43:8b:e4:59:c9:e9:88:d7:53:05:3c:
         4d:93:16:f3:52:7c:66:74:d9:cf:4d:87:34:3d:8a:79:bb:bc:
         22:e8:20:7e:fb:cb:5e:f4:c5:c0:bc:c7:84:02:a7:42:c9:77:
         3a:68:8a:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbPT67Rc+4243Bh52zYXJ9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjUwNTE0MTUwMDI3WhcNMjUwNTE1MTUwMDI3WjAzMTEwLwYDVQQD
Eyg3N2NjOWExYWY1YThjM2Q5MzNiMTIxM2IyYzMzZWFkZDg2ODE5YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24KaGZi4j6x/uOO2vYNd7y8wxwpy
BvjLCPlgA3ytiW7QXikAx1FAsj9Ju466tkmvqW6bxQUsk2w47L9NxTUFhP1vMCfc
7VOG/gQm2khl7LMkzVpfMr7zBq3fpkkW86UTLxNj9ODydMOUQE4ICDPXs2F/gdjm
PTT16E700cGDEOI8SPocBIdPcmbNASRRauhhJ5pFt3udRODkwcXYb3oGmnp9L/fZ
tO/a3FrnIt9MImDW74Jvfsgq7Hynp1R8DfyfA2QjbS7K0irbp5c9q1ErIyORRkEx
v6f1damSB0xQtNfea3dWcrQpS7SdcQ12P67Z9+XBLE5ruVlKJ9yA1bd1hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfMmhr1qMPZM7EhOywz6t2GgZrdMB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr9zNtawp
CtXxPET8IPcRNfvJCguxJ1tEkgSRByVyww5+JUYLT5Z2843T5qoNAvFeWWVVHuCH
4GTP4VLXKbtIMn7t/BI0hySzkysLy+AhX9WQDXbUL6pq1TSDqM887XS2w1u8Bd0K
FU6cyQ/vjR+gB8wcCDXhnPJ0cfMikB6rSZ5dhJ5Y+qK5R1maIq+SN9zEXQuRFdnt
I0ZHAXz4rohb+fXfyqtAoyAU1xtsoIUDgZGjzQ3GFyfj6jnsueXkSnquG9LBm6eP
u6y1/pFNokOL5FnJ6YjXUwU8TZMW81J8ZnTZz02HND2Kebu8IuggfvvLXvTFwLzH
hAKnQsl3OmiKBw==
-----END CERTIFICATE-----