Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          w6iBPO672/bpqbVuPUXSAD9M+rhslDmlDNv9qkdNxCk=
Subject key identifier:   4E:CB:F3:73:66:46:DE:75:8B:85:38:AF:1F:90:47:9E:66:D9:76:CE
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       0196D174DA2FA930869A417948E9D31DDDDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          EA
Signing time:             Thu 15 May 2025 01:00:18 +0000
Manifest this update:     Thu 15 May 2025 01:00:18 +0000
Manifest next update:     Fri 16 May 2025 01:00:18 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: 7vgLNHGJ+x7zTlMWIE114HDLVvSb9rJOr82Xj1dZYkE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 15 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:d1:74:da:2f:a9:30:86:9a:41:79:48:e9:d3:1d:dd:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: May 15 01:00:18 2025 GMT
            Not After : May 16 01:00:18 2025 GMT
        Subject: CN=4ecbf3736646de758b8538af1f90479e66d976ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3f:a7:b7:a2:4c:38:96:77:d5:34:bf:f0:6f:
                    66:93:68:74:74:9d:ff:51:85:29:3d:74:92:5d:98:
                    70:29:1f:23:e0:94:ac:bb:53:d6:06:13:61:b3:ed:
                    aa:b3:9f:53:06:41:5a:61:40:f0:a1:07:5c:92:26:
                    eb:f6:6e:13:a5:2e:39:56:94:8a:a3:49:2d:75:d5:
                    6d:91:ad:de:d7:b0:8a:3f:75:5b:53:78:1e:ff:00:
                    7b:d1:17:01:e0:7e:64:56:5a:aa:98:36:43:81:2f:
                    38:bc:4e:a9:77:dc:e7:8b:2a:36:44:9e:26:0e:d5:
                    88:ab:17:39:3c:fb:d7:bd:36:b3:f4:d9:43:56:0d:
                    4b:4f:cc:4b:11:d6:f6:17:1e:ae:ae:4a:58:5b:12:
                    d9:3a:fb:58:c3:9a:7d:39:47:9f:b3:f0:76:e7:8e:
                    67:c3:65:0d:b4:22:75:29:96:10:37:56:c1:e2:67:
                    18:95:47:41:1f:07:e8:f4:9a:ae:ee:93:2b:ca:ed:
                    38:ab:df:ad:83:2f:67:bb:99:e3:99:90:ff:89:08:
                    7c:d5:5e:6b:ff:5a:44:a6:5a:bf:63:48:db:b8:eb:
                    3d:cd:39:10:cf:c6:ae:cc:bd:26:9b:1f:cb:ef:59:
                    c2:26:af:b7:a3:77:ec:ae:30:bd:71:25:7d:25:c1:
                    f9:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:CB:F3:73:66:46:DE:75:8B:85:38:AF:1F:90:47:9E:66:D9:76:CE
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:e1:28:ad:7d:c3:09:f0:cd:e3:65:a9:66:f2:21:6d:58:6e:
         1d:c7:86:47:54:9e:d8:b5:54:18:73:68:c1:b2:a2:0a:80:2b:
         40:e6:96:96:90:84:5d:2c:4e:ef:22:db:d1:98:b0:8f:ed:92:
         cd:df:ff:d6:25:1d:80:a4:7e:2a:7f:8d:45:a3:ab:91:64:8e:
         05:fa:3d:18:bd:0a:0b:77:cf:55:44:34:38:93:d3:bf:b3:f4:
         10:97:66:44:fb:1b:e6:42:0f:d0:9b:cb:fc:08:5d:9c:1b:14:
         4a:46:7b:73:dd:45:95:29:25:40:b5:0c:a0:62:1e:92:35:2a:
         c3:20:5b:c5:e2:f6:59:01:e0:9c:50:c5:f3:89:4c:ff:65:e9:
         e9:ac:9e:64:c7:15:c2:3f:a4:89:8f:57:d5:f6:27:1d:3a:ae:
         4d:f2:46:c1:73:41:c1:f7:b6:32:02:10:84:99:2c:fe:87:39:
         60:d7:26:95:8d:67:e7:11:76:c5:09:db:89:00:4e:36:2c:ff:
         f1:b8:b1:3c:da:e3:ff:6e:5e:47:bb:b0:0a:40:8a:5f:aa:65:
         2c:59:02:55:41:dd:d9:7a:c1:e9:66:02:29:70:a6:aa:a0:da:
         ff:09:08:40:eb:b6:b1:38:77:a9:d4:f2:d1:a3:fb:78:21:9c:
         03:54:aa:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbRdNovqTCGmkF5SOnTHd3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjUwNTE1MDEwMDE4WhcNMjUwNTE2MDEwMDE4WjAzMTEwLwYDVQQD
Eyg0ZWNiZjM3MzY2NDZkZTc1OGI4NTM4YWYxZjkwNDc5ZTY2ZDk3NmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz+nt6JMOJZ31TS/8G9mk2h0dJ3/
UYUpPXSSXZhwKR8j4JSsu1PWBhNhs+2qs59TBkFaYUDwoQdckibr9m4TpS45VpSK
o0ktddVtka3e17CKP3VbU3ge/wB70RcB4H5kVlqqmDZDgS84vE6pd9zniyo2RJ4m
DtWIqxc5PPvXvTaz9NlDVg1LT8xLEdb2Fx6urkpYWxLZOvtYw5p9OUefs/B2545n
w2UNtCJ1KZYQN1bB4mcYlUdBHwfo9Jqu7pMryu04q9+tgy9nu5njmZD/iQh81V5r
/1pEplq/Y0jbuOs9zTkQz8auzL0mmx/L71nCJq+3o3fsrjC9cSV9JcH5jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE7L83NmRt51i4U4rx+QR55m2XbOMB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYuEorX3D
CfDN42WpZvIhbVhuHceGR1Se2LVUGHNowbKiCoArQOaWlpCEXSxO7yLb0Ziwj+2S
zd//1iUdgKR+Kn+NRaOrkWSOBfo9GL0KC3fPVUQ0OJPTv7P0EJdmRPsb5kIP0JvL
/AhdnBsUSkZ7c91FlSklQLUMoGIekjUqwyBbxeL2WQHgnFDF84lM/2Xp6ayeZMcV
wj+kiY9X1fYnHTquTfJGwXNBwfe2MgIQhJks/oc5YNcmlY1n5xF2xQnbiQBONiz/
8bixPNrj/25eR7uwCkCKX6plLFkCVUHd2XrB6WYCKXCmqqDa/wkIQOu2sTh3qdTy
0aP7eCGcA1Sq7g==
-----END CERTIFICATE-----