Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
File:                     KMWxDr1MOSkgFDB-h_prHJtCFn0.mft (raw, json)
Hash identifier:          O4SmosSRFbPdU09dhzBnbF0gkijhcodp03AyqFp+YXo=
Subject key identifier:   1A:95:9F:27:6A:71:D1:AF:D0:16:2F:13:6C:72:E2:A8:D1:91:0D:0E
Authority key identifier: 28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D
Certificate issuer:       /CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
Certificate serial:       0198D65F1DBCF30151D4C928149EF854B3A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
Manifest number:          06E9
Signing time:             Sat 23 Aug 2025 10:00:14 +0000
Manifest this update:     Sat 23 Aug 2025 10:00:14 +0000
Manifest next update:     Sun 24 Aug 2025 10:00:14 +0000
Files and hashes:         1: KMWxDr1MOSkgFDB-h_prHJtCFn0.crl (hash: NO00KXatGLLLJzq6yas7TtA+/Is6khUdK46B/ef629Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:5f:1d:bc:f3:01:51:d4:c9:28:14:9e:f8:54:b3:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
        Validity
            Not Before: Aug 23 10:00:14 2025 GMT
            Not After : Aug 24 10:00:14 2025 GMT
        Subject: CN=1a959f276a71d1afd0162f136c72e2a8d1910d0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:7c:c2:f9:ec:e9:0b:c8:ef:ff:96:1a:a7:57:
                    e6:04:91:a5:86:ac:e4:8e:16:9d:e0:81:26:7e:eb:
                    64:0f:9b:2a:d1:a4:03:49:00:a0:5a:0c:d9:20:12:
                    b2:ef:7f:f0:27:44:47:1f:2a:b8:84:f9:23:b9:14:
                    39:b5:3f:63:54:ca:3c:ec:ef:b8:85:86:df:f3:fa:
                    e5:4f:af:b6:70:ef:6f:1a:0a:e0:44:c8:ff:25:30:
                    76:16:b2:7d:f9:29:d6:90:fb:8c:7f:44:4b:45:0d:
                    78:2e:85:a9:36:73:d3:c1:33:ed:c9:a0:ce:21:0d:
                    bb:56:46:e3:c6:a6:eb:00:ec:35:e8:50:5c:0f:25:
                    68:c0:9f:3d:fe:64:f6:3b:4a:10:29:3f:11:4a:78:
                    14:44:05:3a:d6:4a:2c:99:9a:93:78:b2:8c:66:89:
                    18:a8:5d:18:ba:9a:e2:22:39:f9:30:1a:2d:3e:87:
                    e3:bf:c2:24:62:02:18:9b:98:1e:51:11:73:f6:db:
                    48:b7:46:b2:fa:21:4c:79:89:e8:32:5e:e0:76:b6:
                    ab:d4:09:eb:1b:4c:d6:a6:d2:04:6b:7d:fa:ad:e6:
                    bc:8d:a2:7d:97:f6:fe:fd:60:f9:f9:a0:61:81:ae:
                    93:ae:30:e4:f7:a2:4d:27:79:3b:17:ce:6b:ef:fa:
                    5c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:95:9F:27:6A:71:D1:AF:D0:16:2F:13:6C:72:E2:A8:D1:91:0D:0E
            X509v3 Authority Key Identifier:
                keyid:28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:54:50:79:d1:af:50:f1:f1:6c:3b:bb:a3:65:3b:2e:6b:ab:
         28:87:c1:09:f8:9c:83:89:db:a2:e1:11:7c:2e:0d:a4:26:c4:
         2a:16:fd:de:ce:d5:7d:7f:56:33:92:55:d8:28:41:ab:c6:97:
         84:cb:14:e0:d6:ff:90:d3:68:c8:72:c6:ee:38:84:95:5c:fa:
         dd:fe:40:01:07:8a:80:06:d3:1b:f1:89:a8:78:59:2a:6b:a8:
         f1:08:79:b9:05:04:0d:9f:c9:27:43:a8:b4:4c:11:12:b8:66:
         da:7c:0c:46:02:ff:4b:91:f1:d1:df:20:81:db:8c:9d:4e:5e:
         f9:fc:2d:23:cc:cf:94:b5:1e:d1:37:e3:e4:62:e0:37:b6:a6:
         b5:e2:22:c2:09:2c:54:cf:1e:99:ae:1d:a2:db:29:d5:4d:85:
         e2:67:f5:18:98:8c:22:33:a9:b3:3d:a5:47:0c:d2:a0:2f:fe:
         56:2a:9c:00:4d:ae:94:0f:af:59:41:c0:a9:de:c7:87:44:ef:
         93:0f:51:5f:70:bf:86:d3:42:b0:f8:2c:3d:a5:85:ef:c0:ab:
         86:fe:87:b2:15:e6:21:44:06:af:2b:c6:55:77:a5:ec:f7:30:
         1e:88:37:3c:76:9b:40:4f:d3:df:35:0e:a0:ca:29:c0:37:b1:
         2d:39:91:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWXx288wFR1MkoFJ74VLOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzViMTBlYmQ0YzM5MjkyMDE0MzA3ZTg3ZmE2YjFjOWI0
MjE2N2QwHhcNMjUwODIzMTAwMDE0WhcNMjUwODI0MTAwMDE0WjAzMTEwLwYDVQQD
EygxYTk1OWYyNzZhNzFkMWFmZDAxNjJmMTM2YzcyZTJhOGQxOTEwZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnzC+ezpC8jv/5Yap1fmBJGlhqzk
jhad4IEmfutkD5sq0aQDSQCgWgzZIBKy73/wJ0RHHyq4hPkjuRQ5tT9jVMo87O+4
hYbf8/rlT6+2cO9vGgrgRMj/JTB2FrJ9+SnWkPuMf0RLRQ14LoWpNnPTwTPtyaDO
IQ27VkbjxqbrAOw16FBcDyVowJ89/mT2O0oQKT8RSngURAU61kosmZqTeLKMZokY
qF0YupriIjn5MBotPofjv8IkYgIYm5geURFz9ttIt0ay+iFMeYnoMl7gdrar1Anr
G0zWptIEa336rea8jaJ9l/b+/WD5+aBhga6TrjDk96JNJ3k7F85r7/pcTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBqVnydqcdGv0BYvE2xy4qjRkQ0OMB8GA1UdIwQY
MBaAFCjFsQ69TDkpIBQwfof6axybQhZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2Mt
YTYyOWQxOTc2ZWEzLzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2MtYTYyOWQxOTc2ZWEz
LzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAklRQedGv
UPHxbDu7o2U7LmurKIfBCficg4nbouERfC4NpCbEKhb93s7VfX9WM5JV2ChBq8aX
hMsU4Nb/kNNoyHLG7jiElVz63f5AAQeKgAbTG/GJqHhZKmuo8Qh5uQUEDZ/JJ0Oo
tEwRErhm2nwMRgL/S5Hx0d8ggduMnU5e+fwtI8zPlLUe0Tfj5GLgN7amteIiwgks
VM8ema4dotsp1U2F4mf1GJiMIjOpsz2lRwzSoC/+ViqcAE2ulA+vWUHAqd7Hh0Tv
kw9RX3C/htNCsPgsPaWF78Crhv6HshXmIUQGryvGVXel7PcwHog3PHabQE/T3zUO
oMopwDexLTmRYA==
-----END CERTIFICATE-----