Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
File:                     KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft (raw, json)
Hash identifier:          P8ySWYNsL0W3bNQT+yybtbUmcVS1IeYR+Nfs/gd6g94=
Subject key identifier:   77:A1:54:0A:61:E2:33:6E:BB:73:18:5D:08:8A:6E:8D:81:5C:27:A8
Authority key identifier: 2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66
Certificate issuer:       /CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
Certificate serial:       01985420082DBFE48A7E532B5727B15D5AB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
Manifest number:          0797
Signing time:             Tue 29 Jul 2025 03:00:41 +0000
Manifest this update:     Tue 29 Jul 2025 03:00:41 +0000
Manifest next update:     Wed 30 Jul 2025 03:00:41 +0000
Files and hashes:         1: KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl (hash: TMLbuqcFNQdFY9b0lAywFALKCL6GDnfguNzz2t6OeA4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 29 Jul 2025 23:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:54:20:08:2d:bf:e4:8a:7e:53:2b:57:27:b1:5d:5a:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766
        Validity
            Not Before: Jul 29 03:00:41 2025 GMT
            Not After : Jul 30 03:00:41 2025 GMT
        Subject: CN=77a1540a61e2336ebb73185d088a6e8d815c27a8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:e9:ce:9d:46:12:43:68:d9:2c:b9:bf:05:f0:
                    4d:96:4b:ca:0d:d5:8f:e2:e6:22:b0:20:8e:9f:f5:
                    24:36:b4:a8:c9:ce:38:e8:43:53:5b:e4:6b:8c:29:
                    c8:ee:52:70:e0:33:99:2c:5e:f7:8e:27:51:09:d0:
                    69:c0:fc:4f:c8:57:99:d5:87:63:30:ef:32:08:c0:
                    6c:86:fb:5b:31:53:d6:7a:9f:fa:d1:c0:24:a0:51:
                    64:16:f0:2c:3b:f5:c4:de:4f:95:14:dc:bd:7f:a2:
                    f0:8a:1f:26:9a:ce:78:a1:ac:38:eb:76:14:59:f9:
                    90:18:31:c9:4d:93:34:04:34:18:2a:af:90:d9:a9:
                    54:52:29:6e:70:a1:0f:0a:17:2f:38:da:be:28:25:
                    aa:4d:4f:92:32:8c:75:9a:92:4c:12:cd:fa:d0:1c:
                    38:4b:89:76:96:9b:a6:bb:c1:75:e3:56:ba:47:80:
                    14:4d:50:69:8d:93:8b:08:e0:47:c6:d3:e8:18:e6:
                    23:a4:34:d7:b2:ad:51:86:b2:1b:22:b9:41:a7:8a:
                    fb:6d:11:2f:04:e2:d8:3a:a4:9c:0a:ac:23:d9:2c:
                    98:55:f7:8e:10:21:9b:63:7c:e9:cc:2d:8b:6e:c6:
                    a8:d1:88:4c:cc:55:50:d9:8e:66:61:d6:64:ef:7a:
                    09:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:A1:54:0A:61:E2:33:6E:BB:73:18:5D:08:8A:6E:8D:81:5C:27:A8
            X509v3 Authority Key Identifier:
                keyid:2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:94:8b:b3:2e:d2:b3:a0:4a:69:5b:39:db:b1:c5:b1:e6:01:
         b3:8d:6c:02:d2:49:be:2d:2a:f3:7a:88:67:bb:9a:9f:0b:69:
         f0:35:e7:aa:e0:55:1d:8f:2e:08:69:55:70:53:6d:4e:85:f9:
         f0:df:b6:82:9b:90:62:51:0d:48:5e:19:ab:22:1b:68:10:63:
         1d:b8:dc:ce:c2:6c:c9:6b:ea:19:ce:3b:5a:c8:f7:32:76:d4:
         46:9e:27:bf:2f:d3:27:7b:f3:8d:bb:03:b6:fc:af:6e:16:73:
         fd:cd:ec:a7:5b:86:43:12:39:09:ef:1f:48:8a:51:ff:e2:4e:
         42:54:5f:94:09:0d:44:11:d3:b1:3e:80:f4:73:10:99:77:56:
         41:a9:7b:76:fa:69:df:0d:26:90:e4:25:d9:af:48:db:7a:e0:
         f4:f4:c9:51:88:b8:25:40:e8:8a:50:5e:8c:6b:8d:27:4c:0e:
         d8:06:e2:ca:a6:57:c9:9d:10:e8:96:f7:60:ff:cd:81:11:3d:
         86:da:b1:23:e5:3d:88:e6:2d:1d:21:21:49:50:93:b3:2f:55:
         b4:d2:23:5e:2f:fa:f4:a6:36:27:8a:36:b3:a3:21:19:c0:50:
         ef:6e:7d:67:2d:7d:9e:07:0d:66:0f:08:b9:5b:26:0c:01:7e:
         e5:5d:95:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhUIAgtv+SKflMrVyexXVq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzM3OGI2M2JjYTQ4N2MzMmU4Y2U4MTJmNGY4NWQ3YzZl
Zjg3NjYwHhcNMjUwNzI5MDMwMDQxWhcNMjUwNzMwMDMwMDQxWjAzMTEwLwYDVQQD
Eyg3N2ExNTQwYTYxZTIzMzZlYmI3MzE4NWQwODhhNmU4ZDgxNWMyN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOnOnUYSQ2jZLLm/BfBNlkvKDdWP
4uYisCCOn/UkNrSoyc446ENTW+RrjCnI7lJw4DOZLF73jidRCdBpwPxPyFeZ1Ydj
MO8yCMBshvtbMVPWep/60cAkoFFkFvAsO/XE3k+VFNy9f6Lwih8mms54oaw463YU
WfmQGDHJTZM0BDQYKq+Q2alUUilucKEPChcvONq+KCWqTU+SMox1mpJMEs360Bw4
S4l2lpumu8F141a6R4AUTVBpjZOLCOBHxtPoGOYjpDTXsq1RhrIbIrlBp4r7bREv
BOLYOqScCqwj2SyYVfeOECGbY3zpzC2Lbsao0YhMzFVQ2Y5mYdZk73oJ3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHehVAph4jNuu3MYXQiKbo2BXCeoMB8GA1UdIwQY
MBaAFCrDeLY7ykh8MujOgS9PhdfG74dmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDkt
MDc3ZDUyZWFiNzBkLzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDktMDc3ZDUyZWFiNzBk
LzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACpSLsy7S
s6BKaVs527HFseYBs41sAtJJvi0q83qIZ7uanwtp8DXnquBVHY8uCGlVcFNtToX5
8N+2gpuQYlENSF4ZqyIbaBBjHbjczsJsyWvqGc47Wsj3MnbURp4nvy/TJ3vzjbsD
tvyvbhZz/c3sp1uGQxI5Ce8fSIpR/+JOQlRflAkNRBHTsT6A9HMQmXdWQal7dvpp
3w0mkOQl2a9I23rg9PTJUYi4JUDoilBejGuNJ0wO2AbiyqZXyZ0Q6Jb3YP/NgRE9
htqxI+U9iOYtHSEhSVCTsy9VtNIjXi/69KY2J4o2s6MhGcBQ7259Zy19ngcNZg8I
uVsmDAF+5V2VVg==
-----END CERTIFICATE-----