Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          6hX9ZWX7n1Hc+j4C5Rfxmje8YN0nNLaGFujOkTcOL6k=
Subject key identifier:   9B:8D:BE:91:DF:27:63:F9:B5:72:F1:C5:DF:66:D3:2C:8B:2C:A3:D0
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       0198D6CD884A51AAFB5FF6FCC18A32D64970
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 12:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:50 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: IAiBfgYUSt+j58SLuL8kG+efuANHI5BUbHOomfeXmMI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:88:4a:51:aa:fb:5f:f6:fc:c1:8a:32:d6:49:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: Aug 23 12:00:50 2025 GMT
            Not After : Aug 24 12:00:50 2025 GMT
        Subject: CN=9b8dbe91df2763f9b572f1c5df66d32c8b2ca3d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:50:19:e0:e7:e9:14:3c:da:54:5f:3e:10:b5:
                    44:3c:bf:0c:c3:3f:a3:69:14:e0:c7:9a:c9:72:41:
                    cf:d9:ff:62:89:8e:39:5a:5f:e7:69:7c:be:11:0a:
                    1d:ae:02:5b:eb:72:f0:a6:f5:0d:cf:ea:06:27:0d:
                    2b:44:52:c5:27:e5:ed:6c:3d:69:3c:88:64:de:d9:
                    45:3a:3e:16:52:f3:9d:6f:a2:8d:45:ea:5b:8c:4b:
                    26:d2:5e:9b:5d:ea:09:0a:24:a6:d2:a3:c3:f6:49:
                    a8:b1:95:d3:21:a6:64:69:b4:bd:d6:65:3b:60:89:
                    f0:46:48:6d:b2:cc:ce:9c:f6:4c:ff:a2:e5:27:0e:
                    18:b2:02:83:42:2c:99:09:63:ea:52:2a:62:99:70:
                    b7:8a:73:a3:28:69:8c:6c:49:06:6b:49:16:27:3c:
                    11:74:d8:9e:2a:41:08:7f:49:35:cb:d8:7e:2f:12:
                    ab:ec:ea:d1:b9:eb:97:2d:19:f2:85:36:7d:bb:33:
                    87:f8:52:2a:81:51:fc:f5:7f:2c:bc:75:12:5e:24:
                    f4:7b:30:ac:0f:a5:57:95:ee:7a:59:3d:c9:23:a4:
                    cb:c5:b6:c6:ba:f8:a0:de:46:32:6e:9a:4a:0e:a8:
                    7d:6a:7f:67:2e:8d:e5:30:05:77:cd:c8:d8:1b:01:
                    9e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:8D:BE:91:DF:27:63:F9:B5:72:F1:C5:DF:66:D3:2C:8B:2C:A3:D0
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d0:db:1d:f3:92:38:78:ec:0b:ec:05:67:c1:de:d6:55:84:b3:
         cb:90:64:81:32:a8:55:73:c6:1d:60:a2:dd:8a:31:24:2c:cb:
         24:2d:86:b0:eb:cf:4b:8d:4d:1e:10:81:81:30:70:2c:08:6f:
         08:c5:0e:fa:63:6e:5e:32:c1:05:a5:92:39:08:8a:5e:31:ba:
         64:ae:76:19:2d:e0:49:9a:b8:c5:4f:c8:81:67:61:c9:2f:9e:
         04:72:b5:b2:cd:fb:77:0b:c2:16:c7:f4:07:6d:2f:25:96:3c:
         65:95:b8:6b:07:57:05:8f:4c:45:78:36:85:4b:b2:d8:1f:51:
         71:ec:52:84:ac:57:bb:17:bf:b0:79:b1:88:fa:d7:c0:8d:f8:
         52:4d:d1:70:40:d8:70:87:0b:66:6e:64:71:78:9f:38:40:b8:
         55:ae:d2:df:fa:91:e1:5e:52:35:d6:ac:22:c6:06:ec:12:52:
         ee:f7:9c:02:03:80:a3:2e:8c:a4:57:da:14:2b:44:43:23:8d:
         7a:9a:b6:72:9d:4e:ce:4a:c6:30:a0:40:d5:55:34:72:be:43:
         48:83:7a:47:85:4a:43:04:25:db:f0:5a:5b:30:f6:de:93:4c:
         ed:74:1a:a8:44:8a:ee:ee:eb:a3:c1:12:6d:68:15:7d:ed:5f:
         ee:ed:09:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzYhKUar7X/b8wYoy1klwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjUwODIzMTIwMDUwWhcNMjUwODI0MTIwMDUwWjAzMTEwLwYDVQQD
Eyg5YjhkYmU5MWRmMjc2M2Y5YjU3MmYxYzVkZjY2ZDMyYzhiMmNhM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5lAZ4OfpFDzaVF8+ELVEPL8Mwz+j
aRTgx5rJckHP2f9iiY45Wl/naXy+EQodrgJb63LwpvUNz+oGJw0rRFLFJ+XtbD1p
PIhk3tlFOj4WUvOdb6KNRepbjEsm0l6bXeoJCiSm0qPD9kmosZXTIaZkabS91mU7
YInwRkhtsszOnPZM/6LlJw4YsgKDQiyZCWPqUipimXC3inOjKGmMbEkGa0kWJzwR
dNieKkEIf0k1y9h+LxKr7OrRueuXLRnyhTZ9uzOH+FIqgVH89X8svHUSXiT0ezCs
D6VXle56WT3JI6TLxbbGuvig3kYybppKDqh9an9nLo3lMAV3zcjYGwGeawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuNvpHfJ2P5tXLxxd9m0yyLLKPQMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0Nsd85I4
eOwL7AVnwd7WVYSzy5BkgTKoVXPGHWCi3YoxJCzLJC2GsOvPS41NHhCBgTBwLAhv
CMUO+mNuXjLBBaWSOQiKXjG6ZK52GS3gSZq4xU/IgWdhyS+eBHK1ss37dwvCFsf0
B20vJZY8ZZW4awdXBY9MRXg2hUuy2B9RcexShKxXuxe/sHmxiPrXwI34Uk3RcEDY
cIcLZm5kcXifOEC4Va7S3/qR4V5SNdasIsYG7BJS7vecAgOAoy6MpFfaFCtEQyON
epq2cp1OzkrGMKBA1VU0cr5DSIN6R4VKQwQl2/BaWzD23pNM7XQaqESK7u7ro8ES
bWgVfe1f7u0JJw==
-----END CERTIFICATE-----