Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
File:                     KMWxDr1MOSkgFDB-h_prHJtCFn0.mft (raw, json)
Hash identifier:          k08lOaacJM7PuNJyBiqtdXYQrywVXj9z4WewpIVtOEI=
Subject key identifier:   D8:57:6C:D1:EE:1B:F1:BE:13:7F:41:89:CA:0C:23:B3:DD:AD:C8:82
Authority key identifier: 28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D
Certificate issuer:       /CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
Certificate serial:       0197B6A150A251FAF7381146AE535A9D0160
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
Manifest number:          0654
Signing time:             Sat 28 Jun 2025 13:01:54 +0000
Manifest this update:     Sat 28 Jun 2025 13:01:54 +0000
Manifest next update:     Sun 29 Jun 2025 13:01:54 +0000
Files and hashes:         1: KMWxDr1MOSkgFDB-h_prHJtCFn0.crl (hash: kWZLzXBg8e/MgStJQKwk4CDsvLoO3s4ORqW2MTghlM4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b6:a1:50:a2:51:fa:f7:38:11:46:ae:53:5a:9d:01:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
        Validity
            Not Before: Jun 28 13:01:54 2025 GMT
            Not After : Jun 29 13:01:54 2025 GMT
        Subject: CN=d8576cd1ee1bf1be137f4189ca0c23b3ddadc882
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:c6:b7:de:82:ea:9a:e1:31:e4:fa:99:34:9c:
                    b2:a1:ed:9d:a3:f8:dc:02:06:63:f4:86:e6:71:07:
                    a4:89:b3:85:b4:a1:c9:7c:67:ee:09:b2:a6:30:a5:
                    2e:27:8f:48:8a:a4:77:2f:8a:80:3e:31:05:2c:28:
                    bc:e5:61:c3:25:0f:84:8b:09:47:44:c7:3f:32:f5:
                    ea:19:12:24:c8:b5:3b:41:da:c2:47:63:a3:0f:2c:
                    52:60:c3:79:eb:f1:aa:71:07:f0:b9:2f:f7:24:0b:
                    7b:d8:a6:41:56:9f:29:11:33:81:b4:c6:66:e9:c4:
                    cc:52:95:ba:fe:f6:e0:ac:f1:21:85:51:4e:1e:66:
                    de:a0:3f:b6:5a:06:ca:3c:eb:91:bc:9d:62:25:84:
                    6b:15:f2:0d:dd:a7:e8:dc:2f:3c:18:11:75:dd:a4:
                    95:62:fb:8e:45:ca:91:0f:ed:25:5d:5c:02:df:9e:
                    99:e4:e4:c8:54:2b:df:bf:9f:85:4d:5e:9f:ec:f9:
                    f1:78:45:12:5c:b3:c8:aa:4d:95:f4:c6:a2:bc:99:
                    0d:60:94:0d:da:7e:8e:2d:df:09:db:e5:fd:98:a3:
                    39:e8:bb:30:3d:cb:d5:73:dc:82:eb:7a:84:64:4c:
                    73:43:63:19:7f:4d:4a:91:9d:53:83:71:c0:81:25:
                    22:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:57:6C:D1:EE:1B:F1:BE:13:7F:41:89:CA:0C:23:B3:DD:AD:C8:82
            X509v3 Authority Key Identifier:
                keyid:28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:50:1a:ed:91:e5:7f:dd:df:bb:8b:32:47:c8:e6:a1:7f:de:
         07:1c:99:04:ce:4b:98:34:17:ff:2b:10:a5:e5:4f:6d:e8:d9:
         d8:76:f0:64:b5:25:dc:9d:d4:39:d4:db:cd:ac:4e:c9:72:97:
         6a:b1:e8:24:07:1b:c5:ac:97:4d:55:42:d8:fe:5d:a7:e9:84:
         c2:10:98:06:37:5a:0e:e4:5b:33:03:7c:6f:4c:37:da:67:8f:
         a1:09:81:35:c4:df:c6:5b:0a:6a:ad:1c:21:ea:d5:a3:30:b9:
         5e:56:11:e5:74:43:70:75:32:6c:79:b4:65:4c:d7:c1:6c:99:
         f2:34:29:2d:89:b0:86:b3:63:0d:47:71:c3:f0:6f:dc:88:94:
         77:76:88:6b:bb:49:4f:d1:c0:75:f6:b6:1e:53:43:1c:67:41:
         2e:e2:e5:47:92:b6:fa:c8:3a:7a:9a:f2:d9:1f:98:92:3c:fd:
         af:bb:7d:56:55:85:3a:45:e0:8f:cf:65:ed:cc:6e:71:44:31:
         a9:85:01:95:88:c2:30:ba:13:6c:3d:40:c7:44:76:c2:c3:11:
         e9:85:78:7c:8f:3b:94:6b:9b:40:6b:0e:5a:99:93:73:7a:8b:
         a3:9a:e1:ac:01:ef:58:11:6f:ed:29:86:d8:aa:0e:eb:a0:a6:
         82:c6:1c:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe2oVCiUfr3OBFGrlNanQFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzViMTBlYmQ0YzM5MjkyMDE0MzA3ZTg3ZmE2YjFjOWI0
MjE2N2QwHhcNMjUwNjI4MTMwMTU0WhcNMjUwNjI5MTMwMTU0WjAzMTEwLwYDVQQD
EyhkODU3NmNkMWVlMWJmMWJlMTM3ZjQxODljYTBjMjNiM2RkYWRjODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ca33oLqmuEx5PqZNJyyoe2do/jc
AgZj9IbmcQekibOFtKHJfGfuCbKmMKUuJ49IiqR3L4qAPjEFLCi85WHDJQ+EiwlH
RMc/MvXqGRIkyLU7QdrCR2OjDyxSYMN56/GqcQfwuS/3JAt72KZBVp8pETOBtMZm
6cTMUpW6/vbgrPEhhVFOHmbeoD+2WgbKPOuRvJ1iJYRrFfIN3afo3C88GBF13aSV
YvuORcqRD+0lXVwC356Z5OTIVCvfv5+FTV6f7PnxeEUSXLPIqk2V9MaivJkNYJQN
2n6OLd8J2+X9mKM56LswPcvVc9yC63qEZExzQ2MZf01KkZ1Tg3HAgSUi9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhXbNHuG/G+E39BicoMI7PdrciCMB8GA1UdIwQY
MBaAFCjFsQ69TDkpIBQwfof6axybQhZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2Mt
YTYyOWQxOTc2ZWEzLzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2MtYTYyOWQxOTc2ZWEz
LzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeVAa7ZHl
f93fu4syR8jmoX/eBxyZBM5LmDQX/ysQpeVPbejZ2HbwZLUl3J3UOdTbzaxOyXKX
arHoJAcbxayXTVVC2P5dp+mEwhCYBjdaDuRbMwN8b0w32mePoQmBNcTfxlsKaq0c
IerVozC5XlYR5XRDcHUybHm0ZUzXwWyZ8jQpLYmwhrNjDUdxw/Bv3IiUd3aIa7tJ
T9HAdfa2HlNDHGdBLuLlR5K2+sg6epry2R+Ykjz9r7t9VlWFOkXgj89l7cxucUQx
qYUBlYjCMLoTbD1Ax0R2wsMR6YV4fI87lGubQGsOWpmTc3qLo5rhrAHvWBFv7SmG
2KoO66CmgsYcoQ==
-----END CERTIFICATE-----