Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          rgyquDwyB3cxzx8AAW5lLqjVcLaaBYeaUnbYXErU4nU=
Subject key identifier:   72:9C:3B:DA:E9:45:AB:F6:E4:E4:6D:81:5A:9A:9C:D0:FA:D9:42:EB
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       0197B70F0F015E0280D0E8C91BD284F90C2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          15B2
Signing time:             Sat 28 Jun 2025 15:01:46 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:46 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:46 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: WOIzs45cPSKEFsboiialfu4WH2agxP0eGxS1AMEheF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0f:0f:01:5e:02:80:d0:e8:c9:1b:d2:84:f9:0c:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: Jun 28 15:01:46 2025 GMT
            Not After : Jun 29 15:01:46 2025 GMT
        Subject: CN=729c3bdae945abf6e4e46d815a9a9cd0fad942eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:61:72:9c:5d:c9:7e:d3:b9:9d:1c:1a:0b:37:
                    e1:81:28:f0:bd:05:07:24:8d:bb:7f:66:9f:08:90:
                    94:a0:66:06:8c:62:50:d4:97:6b:74:c8:16:09:d0:
                    5f:10:4b:7c:43:e3:7e:55:11:f9:55:8d:24:59:67:
                    e5:19:2b:38:1f:e7:11:9b:b9:fc:d8:70:5a:58:01:
                    46:51:27:61:a1:89:95:4e:26:45:3b:f8:32:db:6a:
                    fc:9b:cf:b8:ff:37:0a:1f:8e:c3:8a:1e:ab:64:5c:
                    47:b4:8a:aa:48:fe:f9:6e:d9:45:e4:8a:fc:5a:5b:
                    7a:ee:c8:f2:36:26:fc:6d:c9:de:85:f7:64:a8:46:
                    75:94:9a:02:ba:1f:8d:c8:eb:b6:03:12:74:6c:88:
                    f7:7f:66:24:f8:74:a2:02:ac:2f:b3:3a:64:4d:dd:
                    5f:25:07:51:c9:8e:75:22:10:a3:f7:d5:90:5d:ef:
                    36:de:65:73:ea:9a:99:1d:d8:25:2a:55:e3:56:77:
                    37:f5:76:94:65:5f:a9:27:17:63:5a:bb:c7:2b:6d:
                    48:27:e1:75:d4:91:96:e9:11:fc:f9:23:e6:64:51:
                    04:26:08:08:2c:38:8f:2e:32:2c:11:d4:49:3b:8e:
                    fe:8f:ca:de:ca:87:c3:94:4f:a1:68:dd:5f:c5:f4:
                    34:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:9C:3B:DA:E9:45:AB:F6:E4:E4:6D:81:5A:9A:9C:D0:FA:D9:42:EB
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:25:5d:87:57:32:05:42:b2:bb:bb:ef:07:ec:f9:a3:64:97:
         c6:38:9d:5f:6f:12:2f:54:02:f7:76:16:08:41:24:08:5d:fd:
         37:8e:75:ef:54:fd:c8:7c:59:88:60:de:bb:1c:77:19:7b:06:
         7d:87:4f:1e:6e:fd:90:6b:17:f9:6d:19:43:a0:58:0b:0a:bf:
         72:47:51:a7:c2:ed:e1:06:6a:8e:b1:45:7d:a6:47:fd:a2:70:
         e8:51:9c:6e:df:f8:af:f7:d4:57:f8:17:f6:e4:94:18:2d:3a:
         49:e0:58:2a:52:70:b6:d1:0f:dd:ff:c3:4a:f3:77:3b:59:c2:
         97:02:52:80:04:a1:51:63:f7:51:00:64:92:c0:66:46:14:cd:
         cd:30:26:0a:35:02:03:9f:d9:2a:dc:c2:ad:2f:1c:c5:97:50:
         ae:ff:6b:32:7e:3d:b3:2f:2a:88:c4:e6:72:20:46:03:82:3d:
         eb:9f:54:b9:c7:86:7e:8e:5a:5a:bb:e2:52:aa:6c:68:b3:55:
         ab:50:56:8b:6e:a3:6f:00:d9:5b:9b:86:82:60:90:7e:ce:e2:
         d0:82:4d:f6:3c:70:89:ef:f8:ed:ac:f3:0a:ff:1f:1a:40:2a:
         83:b4:f5:05:8b:a6:72:5e:cb:85:d8:bf:b9:99:a4:4c:24:b8:
         ea:86:9b:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3Dw8BXgKA0OjJG9KE+QwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjUwNjI4MTUwMTQ2WhcNMjUwNjI5MTUwMTQ2WjAzMTEwLwYDVQQD
Eyg3MjljM2JkYWU5NDVhYmY2ZTRlNDZkODE1YTlhOWNkMGZhZDk0MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmFynF3JftO5nRwaCzfhgSjwvQUH
JI27f2afCJCUoGYGjGJQ1JdrdMgWCdBfEEt8Q+N+VRH5VY0kWWflGSs4H+cRm7n8
2HBaWAFGUSdhoYmVTiZFO/gy22r8m8+4/zcKH47Dih6rZFxHtIqqSP75btlF5Ir8
Wlt67sjyNib8bcnehfdkqEZ1lJoCuh+NyOu2AxJ0bIj3f2Yk+HSiAqwvszpkTd1f
JQdRyY51IhCj99WQXe823mVz6pqZHdglKlXjVnc39XaUZV+pJxdjWrvHK21IJ+F1
1JGW6RH8+SPmZFEEJggILDiPLjIsEdRJO47+j8reyofDlE+haN1fxfQ0nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKcO9rpRav25ORtgVqanND62ULrMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuSVdh1cy
BUKyu7vvB+z5o2SXxjidX28SL1QC93YWCEEkCF39N45171T9yHxZiGDeuxx3GXsG
fYdPHm79kGsX+W0ZQ6BYCwq/ckdRp8Lt4QZqjrFFfaZH/aJw6FGcbt/4r/fUV/gX
9uSUGC06SeBYKlJwttEP3f/DSvN3O1nClwJSgAShUWP3UQBkksBmRhTNzTAmCjUC
A5/ZKtzCrS8cxZdQrv9rMn49sy8qiMTmciBGA4I9659UuceGfo5aWrviUqpsaLNV
q1BWi26jbwDZW5uGgmCQfs7i0IJN9jxwie/47azzCv8fGkAqg7T1BYumcl7Lhdi/
uZmkTCS46oabqg==
-----END CERTIFICATE-----