Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
File:                     KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json)
Hash identifier:          V0GlFTcfct5K89mAwidpLQ2NGCKR9OphnnXTtkoiStM=
Subject key identifier:   A4:A0:C6:E0:A3:8D:75:44:B1:99:DC:3D:4B:35:19:8B:B7:DD:D4:03
Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D
Certificate issuer:       /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
Certificate serial:       0197B88FBC8E8980BE9AE4ECE685FF228B0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
Manifest number:          0EDE
Signing time:             Sat 28 Jun 2025 22:01:56 +0000
Manifest this update:     Sat 28 Jun 2025 22:01:56 +0000
Manifest next update:     Sun 29 Jun 2025 22:01:56 +0000
Files and hashes:         1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: MQIYpQZWIsN9b+Prtyhd78t3JcHYVjKQNNKGSfiyrMw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:bc:8e:89:80:be:9a:e4:ec:e6:85:ff:22:8b:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
        Validity
            Not Before: Jun 28 22:01:56 2025 GMT
            Not After : Jun 29 22:01:56 2025 GMT
        Subject: CN=a4a0c6e0a38d7544b199dc3d4b35198bb7ddd403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:10:9a:a6:8c:3a:09:b3:c2:e7:92:61:0d:05:
                    34:88:48:8a:a3:37:25:cd:cd:45:69:7b:84:a5:d7:
                    a3:50:35:a7:10:79:6a:d0:bd:63:f1:1d:c0:ee:76:
                    b6:2c:ee:d8:e2:60:b2:35:36:7b:d6:31:6d:4e:54:
                    ab:46:1d:5c:57:50:48:2f:f3:b1:1f:7e:2d:29:2c:
                    52:01:0f:7f:f7:cc:0c:c9:e1:24:06:f5:04:c9:c8:
                    34:bc:c5:8e:0c:f3:b9:17:d4:ae:9f:30:94:94:77:
                    c9:44:06:36:8d:ff:9b:a5:38:11:3a:24:61:f9:9c:
                    d4:bd:58:3e:20:25:bd:08:23:d4:fe:23:b5:bc:f3:
                    88:40:01:f1:e2:2b:e3:8c:01:3e:d3:6f:8c:72:e0:
                    f8:55:aa:34:79:a7:ab:17:3f:6a:b8:cb:15:e5:c2:
                    41:32:cd:b2:66:37:a7:92:d5:e1:d8:d1:01:23:8e:
                    39:67:ef:6d:54:56:a9:a4:c5:49:f5:f8:1e:2e:bb:
                    3d:cb:ee:6a:16:8e:09:c8:b4:bc:02:12:fa:34:63:
                    cd:88:5d:72:f0:06:c9:bf:6f:fa:a6:88:6f:e0:15:
                    62:c9:f5:3f:a0:1e:eb:72:41:c8:5c:dc:45:48:27:
                    35:3c:e8:8e:cb:8d:45:94:6c:a2:af:3e:2f:9d:ff:
                    5d:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:A0:C6:E0:A3:8D:75:44:B1:99:DC:3D:4B:35:19:8B:B7:DD:D4:03
            X509v3 Authority Key Identifier:
                keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:6e:90:b6:7f:12:9c:bd:ef:b3:88:d5:5d:68:7c:ee:3e:5d:
         e1:f6:c0:5c:09:ac:c8:fb:c3:45:c8:3f:38:2f:13:59:ef:c2:
         4a:12:fd:d6:3e:6d:25:1c:ed:4a:f6:8f:98:1b:8c:0f:d3:d2:
         fa:5b:89:8b:ec:96:3d:78:d6:c4:1b:41:39:2e:db:50:f1:f2:
         71:3e:96:31:2e:92:89:b3:a4:58:2a:63:83:28:03:a0:14:b7:
         73:bd:30:b0:d9:b0:e5:18:6e:9f:cd:13:f8:73:53:b2:ec:e7:
         9a:bf:6f:4e:ad:1c:9a:a0:5e:f6:4b:aa:97:ee:2f:c2:cf:ee:
         b3:c5:5e:86:71:a2:c3:af:91:37:16:c8:e5:45:5d:dd:8a:b1:
         2a:fc:35:4f:bf:eb:c4:27:6e:87:af:31:39:ab:26:08:da:3e:
         da:3b:79:f3:8f:83:07:2c:f1:9f:76:80:2c:d8:cc:3e:a4:54:
         43:34:89:c6:65:05:54:fe:c3:f5:7f:b6:ab:f3:bd:c1:d0:bd:
         62:d4:07:dd:93:4e:63:7c:68:70:ea:9f:77:a3:42:fa:49:f7:
         82:a0:05:6b:b2:07:5e:c5:d1:68:10:fc:0e:df:71:dc:9f:ae:
         35:3a:1b:f9:23:2d:16:50:94:c1:03:36:7a:19:d6:5a:d2:16:
         e0:1f:f0:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j7yOiYC+muTs5oX/IosKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz
YWYyM2QwHhcNMjUwNjI4MjIwMTU2WhcNMjUwNjI5MjIwMTU2WjAzMTEwLwYDVQQD
EyhhNGEwYzZlMGEzOGQ3NTQ0YjE5OWRjM2Q0YjM1MTk4YmI3ZGRkNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxCapow6CbPC55JhDQU0iEiKozcl
zc1FaXuEpdejUDWnEHlq0L1j8R3A7na2LO7Y4mCyNTZ71jFtTlSrRh1cV1BIL/Ox
H34tKSxSAQ9/98wMyeEkBvUEycg0vMWODPO5F9SunzCUlHfJRAY2jf+bpTgROiRh
+ZzUvVg+ICW9CCPU/iO1vPOIQAHx4ivjjAE+02+McuD4Vao0eaerFz9quMsV5cJB
Ms2yZjenktXh2NEBI445Z+9tVFappMVJ9fgeLrs9y+5qFo4JyLS8AhL6NGPNiF1y
8AbJv2/6pohv4BViyfU/oB7rckHIXNxFSCc1POiOy41FlGyirz4vnf9diwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKSgxuCjjXVEsZncPUs1GYu33dQDMB8GA1UdIwQY
MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct
ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh
LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANG6Qtn8S
nL3vs4jVXWh87j5d4fbAXAmsyPvDRcg/OC8TWe/CShL91j5tJRztSvaPmBuMD9PS
+luJi+yWPXjWxBtBOS7bUPHycT6WMS6SibOkWCpjgygDoBS3c70wsNmw5Rhun80T
+HNTsuznmr9vTq0cmqBe9kuql+4vws/us8VehnGiw6+RNxbI5UVd3YqxKvw1T7/r
xCduh68xOasmCNo+2jt584+DByzxn3aALNjMPqRUQzSJxmUFVP7D9X+2q/O9wdC9
YtQH3ZNOY3xocOqfd6NC+kn3gqAFa7IHXsXRaBD8Dt9x3J+uNTob+SMtFlCUwQM2
ehnWWtIW4B/wug==
-----END CERTIFICATE-----