Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          vC387Gja9qQUNcjmXkHIXU/bDtsBWvO3Ry2Z2Kq2R2s=
Subject key identifier:   26:C5:7A:85:CA:BC:44:AC:EE:2D:1D:7F:F2:2D:3A:2A:98:A6:78:95
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       0198D4E0B354B86A4A76E7238EA747F366CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          0258
Signing time:             Sat 23 Aug 2025 03:02:32 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:32 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:32 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: 41e8v4PO8skwGDQJWG/T7fK6PzYpqIPctUPRzrLPg3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:b3:54:b8:6a:4a:76:e7:23:8e:a7:47:f3:66:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Aug 23 03:02:32 2025 GMT
            Not After : Aug 24 03:02:32 2025 GMT
        Subject: CN=26c57a85cabc44acee2d1d7ff22d3a2a98a67895
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:25:05:9f:b7:75:4d:5a:a0:a1:93:29:5d:ee:
                    64:fb:cd:11:4a:4f:cb:a8:51:cf:e5:16:4d:3a:c1:
                    59:71:32:e9:9f:7c:b0:9a:a3:18:2b:ed:45:5a:ec:
                    70:b2:a8:6c:4f:01:06:44:f1:8e:b8:55:fc:dc:6e:
                    dc:e1:d8:8b:22:3f:c6:6b:d4:a5:46:5a:7f:c2:a1:
                    a1:99:8b:6c:82:ff:b9:de:3c:fb:71:3b:c6:12:3c:
                    67:77:8d:9d:98:da:0c:b3:cd:7f:82:de:4e:7e:eb:
                    f9:2e:95:cf:17:a8:93:e1:ab:53:b5:81:11:3d:64:
                    43:4e:09:ba:24:4a:2e:5f:bd:ae:5d:3a:04:d9:b0:
                    02:dc:ef:cd:6f:19:63:38:e1:a9:01:c1:e1:29:42:
                    1e:5c:fd:92:5f:1b:2f:71:46:03:2a:b8:be:a0:72:
                    1e:0e:92:56:6d:e1:5d:0b:d0:02:14:67:37:05:d6:
                    f3:b2:7f:44:f4:d3:75:b2:1b:e7:a9:d6:01:c3:71:
                    ed:5b:5e:c4:78:2b:4f:2e:18:52:f7:b0:06:12:32:
                    5e:13:7c:ed:c9:c3:85:45:75:5e:d4:d9:3b:c5:e3:
                    c8:8f:fb:64:65:80:ad:ff:ea:76:ae:7a:cb:b6:9d:
                    3c:58:0f:fb:73:b5:7b:d2:dd:fa:4b:05:ba:b0:3b:
                    97:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:C5:7A:85:CA:BC:44:AC:EE:2D:1D:7F:F2:2D:3A:2A:98:A6:78:95
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:3f:9c:66:60:32:19:ae:48:73:c7:a0:db:81:45:d1:a7:5a:
         c9:d5:aa:3f:ad:d8:9b:47:00:1e:e1:2f:f1:1b:b2:de:67:23:
         d8:59:b0:3c:f6:30:de:86:4c:52:64:8f:b1:62:69:af:ca:c3:
         0f:16:f9:e5:15:d7:c0:57:37:87:0c:65:67:12:d0:9a:d9:24:
         67:24:2f:1b:4d:41:8c:86:b7:f1:65:2a:b5:4a:67:c3:d2:29:
         ca:8e:58:77:ee:78:d9:bb:55:5f:a5:84:54:21:c3:8f:de:03:
         6d:c8:de:7f:3e:a2:a7:ae:a0:33:55:29:6b:0f:b3:be:45:9b:
         c9:8d:d5:82:71:57:6d:44:27:ca:7e:82:44:38:83:95:7a:d2:
         8c:df:20:71:de:83:20:2e:1a:a0:d2:88:14:4c:72:71:67:a9:
         c6:d5:1b:72:e1:87:21:ed:d6:d7:d4:5e:db:73:d1:5d:04:30:
         dc:83:89:6e:48:bc:fa:10:07:f6:24:5f:54:33:07:46:48:1b:
         7b:b2:a4:a8:e9:a1:58:b7:95:97:1b:ee:6e:d0:0e:5e:f8:b9:
         4b:35:bb:7e:13:ad:9a:7f:49:3d:46:df:59:c0:83:ac:63:a4:
         1b:f8:b3:88:03:d7:34:89:3b:5d:78:1c:3f:c4:ed:4a:ff:6b:
         2f:88:c1:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4LNUuGpKducjjqdH82bNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjUwODIzMDMwMjMyWhcNMjUwODI0MDMwMjMyWjAzMTEwLwYDVQQD
EygyNmM1N2E4NWNhYmM0NGFjZWUyZDFkN2ZmMjJkM2EyYTk4YTY3ODk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiUFn7d1TVqgoZMpXe5k+80RSk/L
qFHP5RZNOsFZcTLpn3ywmqMYK+1FWuxwsqhsTwEGRPGOuFX83G7c4diLIj/Ga9Sl
Rlp/wqGhmYtsgv+53jz7cTvGEjxnd42dmNoMs81/gt5Ofuv5LpXPF6iT4atTtYER
PWRDTgm6JEouX72uXToE2bAC3O/NbxljOOGpAcHhKUIeXP2SXxsvcUYDKri+oHIe
DpJWbeFdC9ACFGc3Bdbzsn9E9NN1shvnqdYBw3HtW17EeCtPLhhS97AGEjJeE3zt
ycOFRXVe1Nk7xePIj/tkZYCt/+p2rnrLtp08WA/7c7V70t36SwW6sDuXvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCbFeoXKvESs7i0df/ItOiqYpniVMB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANT+cZmAy
Ga5Ic8eg24FF0adaydWqP63Ym0cAHuEv8Ruy3mcj2FmwPPYw3oZMUmSPsWJpr8rD
Dxb55RXXwFc3hwxlZxLQmtkkZyQvG01BjIa38WUqtUpnw9Ipyo5Yd+542btVX6WE
VCHDj94Dbcjefz6ip66gM1Upaw+zvkWbyY3VgnFXbUQnyn6CRDiDlXrSjN8gcd6D
IC4aoNKIFExycWepxtUbcuGHIe3W19Re23PRXQQw3IOJbki8+hAH9iRfVDMHRkgb
e7KkqOmhWLeVlxvubtAOXvi5SzW7fhOtmn9JPUbfWcCDrGOkG/iziAPXNIk7XXgc
P8TtSv9rL4jBHA==
-----END CERTIFICATE-----