Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          xlR5oha4Iq1ZHegmeiNyOa/Dd9CR2MypZveuZCKV1bY=
Subject key identifier:   75:3E:08:D7:9D:72:33:DD:3E:D3:23:EB:D8:1F:08:EC:84:3B:A7:31
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       0197B77C4AE01E0D3C802AB096C85A65C711
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0B3B
Signing time:             Sat 28 Jun 2025 17:01:05 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:05 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:05 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: Qgw2t8Jdl8uJpNLYK3HLDGTfIP7l9Y3e6mgR6Q89Atw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:4a:e0:1e:0d:3c:80:2a:b0:96:c8:5a:65:c7:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Jun 28 17:01:05 2025 GMT
            Not After : Jun 29 17:01:05 2025 GMT
        Subject: CN=753e08d79d7233dd3ed323ebd81f08ec843ba731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:13:e0:3b:30:87:6e:77:51:1c:44:0e:bf:18:
                    b7:25:21:89:60:42:47:92:49:d5:91:2e:58:35:c7:
                    7e:27:d9:2f:e0:98:94:50:c0:50:c3:f9:a6:b5:dc:
                    53:60:fb:e5:80:91:9f:33:b3:47:f6:7c:12:7e:f2:
                    2c:24:99:1a:fb:d3:eb:29:57:74:b3:e3:63:a1:e8:
                    f5:3c:26:df:69:de:56:de:86:fd:8d:e8:55:d4:77:
                    67:28:55:7a:e1:eb:9e:29:5e:51:b8:f4:b3:dc:13:
                    c0:db:c6:1e:5f:64:2e:03:c1:cc:54:35:87:d5:e2:
                    f4:b6:5d:93:8d:9b:0c:a0:00:44:9b:e4:93:ee:85:
                    56:94:1e:b0:92:40:61:7c:ab:fe:eb:e4:d8:42:b8:
                    87:82:84:bf:c0:cf:36:ec:f3:d4:55:e9:ea:b6:8c:
                    f1:73:71:80:1d:96:70:71:11:82:c3:31:5a:9d:d4:
                    36:4d:7a:2e:55:01:96:0f:5b:d6:86:11:c8:0c:40:
                    92:e4:a7:89:b6:7f:7a:74:68:43:32:27:a8:48:9e:
                    b5:52:34:66:30:3b:e2:20:35:c1:6f:cd:4c:cb:ba:
                    4b:08:a1:e2:1f:89:eb:07:9d:c6:31:22:00:87:a8:
                    26:ac:e8:80:ad:59:0e:f5:86:eb:66:55:fb:29:52:
                    b3:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:3E:08:D7:9D:72:33:DD:3E:D3:23:EB:D8:1F:08:EC:84:3B:A7:31
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:bd:59:3a:b4:89:5c:7e:d7:2d:fa:8a:b8:aa:90:81:90:26:
         26:0a:61:6c:0d:e7:f4:8e:d4:bd:76:a2:e6:56:d9:72:e6:2c:
         9d:6b:33:d3:86:fb:5f:20:1d:5c:89:af:aa:b5:65:86:a3:a5:
         80:70:29:cb:c7:27:19:6e:03:c8:5d:7c:f6:9e:ec:53:1a:2c:
         31:ef:b3:4d:8a:be:c7:75:ff:0b:56:ae:78:3f:cb:ed:6a:b2:
         7b:bb:c1:21:58:4e:d2:d8:a4:68:dd:e3:2c:4b:06:7c:c1:84:
         2f:5b:35:ca:8e:b6:20:c3:5b:fb:4c:ca:11:f4:78:0b:35:a1:
         0b:4f:07:54:e3:9f:94:e9:3a:1b:a1:4b:32:69:2f:32:26:ac:
         d6:96:90:3b:c4:2b:99:9b:40:3b:d4:ed:b6:42:05:ab:8d:68:
         03:64:a3:23:78:fe:d2:d0:04:1b:12:8e:71:81:19:c3:b7:98:
         59:90:06:ee:1f:78:57:2e:07:e6:65:81:7e:a1:97:7a:ce:97:
         69:5f:f3:2d:0c:a1:03:09:79:23:5e:3b:b1:32:2d:fc:aa:9f:
         1f:68:74:f2:98:b5:f5:32:a8:5a:46:b6:04:92:bc:1c:f4:f8:
         59:d6:71:62:f1:43:22:18:06:60:3d:b8:bf:58:7c:c9:53:25:
         3b:cf:ee:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fErgHg08gCqwlshaZccRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUwNjI4MTcwMTA1WhcNMjUwNjI5MTcwMTA1WjAzMTEwLwYDVQQD
Eyg3NTNlMDhkNzlkNzIzM2RkM2VkMzIzZWJkODFmMDhlYzg0M2JhNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8hPgOzCHbndRHEQOvxi3JSGJYEJH
kknVkS5YNcd+J9kv4JiUUMBQw/mmtdxTYPvlgJGfM7NH9nwSfvIsJJka+9PrKVd0
s+Njoej1PCbfad5W3ob9jehV1HdnKFV64eueKV5RuPSz3BPA28YeX2QuA8HMVDWH
1eL0tl2TjZsMoABEm+ST7oVWlB6wkkBhfKv+6+TYQriHgoS/wM827PPUVenqtozx
c3GAHZZwcRGCwzFandQ2TXouVQGWD1vWhhHIDECS5KeJtn96dGhDMieoSJ61UjRm
MDviIDXBb81My7pLCKHiH4nrB53GMSIAh6gmrOiArVkO9YbrZlX7KVKz2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHU+CNedcjPdPtMj69gfCOyEO6cxMB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh71ZOrSJ
XH7XLfqKuKqQgZAmJgphbA3n9I7UvXai5lbZcuYsnWsz04b7XyAdXImvqrVlhqOl
gHApy8cnGW4DyF189p7sUxosMe+zTYq+x3X/C1aueD/L7Wqye7vBIVhO0tikaN3j
LEsGfMGEL1s1yo62IMNb+0zKEfR4CzWhC08HVOOflOk6G6FLMmkvMias1paQO8Qr
mZtAO9TttkIFq41oA2SjI3j+0tAEGxKOcYEZw7eYWZAG7h94Vy4H5mWBfqGXes6X
aV/zLQyhAwl5I147sTIt/KqfH2h08pi19TKoWka2BJK8HPT4WdZxYvFDIhgGYD24
v1h8yVMlO8/u8g==
-----END CERTIFICATE-----