Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
File:                     KpTH34VXtlNEfD4G-0s3LVEgoiI.mft (raw, json)
Hash identifier:          COm9jQ4JwhRM+N3+ACvg1AL/KKYXbCGDcJzptWV78Vg=
Subject key identifier:   A9:96:56:14:16:FF:18:72:7A:40:79:88:84:06:74:CF:E8:21:87:19
Authority key identifier: 2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22
Certificate issuer:       /CN=2a94c7df8557b653447c3e06fb4b372d5120a222
Certificate serial:       0197B6A236E27DFFDB1CAFDBAED1842ED821
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 13:02:53 +0000
Manifest this update:     Sat 28 Jun 2025 13:02:53 +0000
Manifest next update:     Sun 29 Jun 2025 13:02:53 +0000
Files and hashes:         1: KpTH34VXtlNEfD4G-0s3LVEgoiI.crl (hash: vRTuDdwcgL8jB4tQejP08hO8KVaKx+WR4kZMY2CsM8Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a2:36:e2:7d:ff:db:1c:af:db:ae:d1:84:2e:d8:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94c7df8557b653447c3e06fb4b372d5120a222
        Validity
            Not Before: Jun 28 13:02:53 2025 GMT
            Not After : Jun 29 13:02:53 2025 GMT
        Subject: CN=a996561416ff18727a407988840674cfe8218719
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:3c:d3:10:2f:bc:e5:f9:2e:8b:45:4d:76:67:
                    13:9e:2a:19:c6:c3:a1:60:b5:a3:26:bb:c5:36:19:
                    50:58:c0:7c:fb:c8:61:56:38:29:9b:39:8b:98:30:
                    d6:1f:e9:62:c2:6b:23:e2:62:40:0a:a7:5a:1a:0c:
                    ee:6c:18:11:c7:f1:b4:e3:62:cf:4d:70:20:37:6a:
                    59:a5:49:a8:42:c9:df:5e:f8:92:f0:e6:92:1d:6c:
                    80:d2:7b:de:26:01:39:06:d3:be:bf:0f:ce:0b:ad:
                    c3:4d:7b:b2:68:95:5f:64:12:76:0d:e8:d6:34:93:
                    83:55:29:f2:0c:90:b1:86:19:fb:4a:a5:62:79:d4:
                    8e:65:22:87:df:22:18:a3:70:3f:d7:76:ac:09:90:
                    82:87:3c:df:1f:7c:8a:b9:20:f5:3e:61:f9:66:7f:
                    b3:43:5b:70:f7:ff:47:71:e3:c2:94:ff:64:4c:d2:
                    2b:75:0b:77:46:0d:3f:4a:0b:8a:f1:f1:69:ad:c5:
                    86:f6:16:5c:18:cd:f3:47:35:8e:2d:60:5a:6c:93:
                    92:b1:d4:ac:ff:5c:08:9a:48:f6:97:1b:78:0f:8c:
                    24:a9:0d:35:65:4f:b0:27:7a:dd:ec:0f:c2:ac:64:
                    8b:f1:66:b9:14:84:30:41:2f:4f:7f:07:58:3d:00:
                    15:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:96:56:14:16:FF:18:72:7A:40:79:88:84:06:74:CF:E8:21:87:19
            X509v3 Authority Key Identifier:
                keyid:2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:b2:2b:ce:c9:2a:b7:80:e2:2b:14:8a:69:6a:09:92:c8:3f:
         52:29:f0:98:07:40:df:6b:33:8b:5d:14:c7:e5:08:8a:c0:98:
         26:2d:4f:6f:48:94:d4:4f:fc:be:f6:46:ef:3b:4a:33:df:6e:
         ec:da:02:9d:21:33:17:4e:ee:35:ec:f7:a8:07:78:26:f5:d1:
         a3:fb:24:7d:72:d5:69:0f:28:58:fd:6d:23:9c:77:4b:44:bf:
         b5:7c:f7:13:3e:80:44:9a:47:5f:86:b6:2e:7c:84:7e:2e:66:
         23:19:3e:7a:72:8b:43:5a:de:67:19:61:d9:35:c9:b4:ce:b5:
         30:2d:53:bd:8f:c7:39:e1:11:5c:4d:e1:e6:f8:22:16:4f:7e:
         5f:8a:45:c3:59:e9:38:9d:3a:bf:61:c2:b1:60:94:f9:21:28:
         f0:9a:37:62:f4:a2:f6:14:1d:cb:0b:9b:82:dd:6d:bc:04:7b:
         e2:e1:2b:74:25:27:94:d3:34:7f:32:8e:1c:53:8e:98:c9:f8:
         60:be:0a:a5:d8:7d:51:68:bb:f3:17:4c:b3:07:b9:93:cd:73:
         10:80:40:16:5d:fe:8d:be:e0:f0:31:26:70:a0:ad:c9:7f:84:
         b1:e5:9d:cb:23:d5:44:aa:04:6a:f0:f5:b6:c0:a4:0f:98:70:
         69:5a:92:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2ojbiff/bHK/brtGELtghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRjN2RmODU1N2I2NTM0NDdjM2UwNmZiNGIzNzJkNTEy
MGEyMjIwHhcNMjUwNjI4MTMwMjUzWhcNMjUwNjI5MTMwMjUzWjAzMTEwLwYDVQQD
EyhhOTk2NTYxNDE2ZmYxODcyN2E0MDc5ODg4NDA2NzRjZmU4MjE4NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTzTEC+85fkui0VNdmcTnioZxsOh
YLWjJrvFNhlQWMB8+8hhVjgpmzmLmDDWH+liwmsj4mJACqdaGgzubBgRx/G042LP
TXAgN2pZpUmoQsnfXviS8OaSHWyA0nveJgE5BtO+vw/OC63DTXuyaJVfZBJ2DejW
NJODVSnyDJCxhhn7SqViedSOZSKH3yIYo3A/13asCZCChzzfH3yKuSD1PmH5Zn+z
Q1tw9/9HcePClP9kTNIrdQt3Rg0/SguK8fFprcWG9hZcGM3zRzWOLWBabJOSsdSs
/1wImkj2lxt4D4wkqQ01ZU+wJ3rd7A/CrGSL8Wa5FIQwQS9PfwdYPQAV6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmWVhQW/xhyekB5iIQGdM/oIYcZMB8GA1UdIwQY
MBaAFCqUx9+FV7ZTRHw+BvtLNy1RIKIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMt
NTUxOGIwZTg2NTY2LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMtNTUxOGIwZTg2NTY2
LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq7Irzskq
t4DiKxSKaWoJksg/UinwmAdA32szi10Ux+UIisCYJi1Pb0iU1E/8vvZG7ztKM99u
7NoCnSEzF07uNez3qAd4JvXRo/skfXLVaQ8oWP1tI5x3S0S/tXz3Ez6ARJpHX4a2
LnyEfi5mIxk+enKLQ1reZxlh2TXJtM61MC1TvY/HOeERXE3h5vgiFk9+X4pFw1np
OJ06v2HCsWCU+SEo8Jo3YvSi9hQdywubgt1tvAR74uErdCUnlNM0fzKOHFOOmMn4
YL4Kpdh9UWi78xdMswe5k81zEIBAFl3+jb7g8DEmcKCtyX+EseWdyyPVRKoEavD1
tsCkD5hwaVqSLQ==
-----END CERTIFICATE-----