Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          B56q22XIzeV2wMTI0fjoqydfg1qJAOMTDQ8/7fI+gOM=
Subject key identifier:   26:C2:B5:9A:19:4E:AF:20:99:AA:FA:6B:3E:A8:F0:82:1A:E0:F3:C5
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       019658020C7E8ED21B6C0F990370C4E00CED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          05E4
Signing time:             Mon 21 Apr 2025 11:00:51 +0000
Manifest this update:     Mon 21 Apr 2025 11:00:51 +0000
Manifest next update:     Tue 22 Apr 2025 11:00:51 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: lxlmwmpC0h4qTzVy4Z1u29wIy6YHB8mPBYU6SG6FPrI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:58:02:0c:7e:8e:d2:1b:6c:0f:99:03:70:c4:e0:0c:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Apr 21 11:00:51 2025 GMT
            Not After : Apr 22 11:00:51 2025 GMT
        Subject: CN=26c2b59a194eaf2099aafa6b3ea8f0821ae0f3c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:cb:5f:0e:98:8b:91:3f:fd:19:18:bb:34:25:
                    50:93:4c:cd:c9:c9:78:7b:db:6f:52:f4:9e:d2:8c:
                    61:08:74:0e:8e:35:0d:39:15:d5:2c:8f:4e:4b:44:
                    9e:11:93:3f:87:b2:37:52:7f:ac:ac:8f:b3:57:27:
                    d3:e3:8d:ab:fe:8c:0a:ec:73:e0:78:db:6b:1f:1f:
                    a6:5f:68:78:c3:7b:b1:7f:1f:0e:ea:67:0c:bf:97:
                    cb:df:c6:dd:31:59:de:26:80:13:46:6e:a5:91:83:
                    ce:c7:55:b5:b2:8b:51:34:f4:a6:08:24:ff:1f:3d:
                    90:c5:bf:51:a3:bf:0b:2d:f0:76:76:f1:12:72:e2:
                    bb:69:24:3b:56:3e:e5:58:75:f6:f6:ab:ed:ec:5f:
                    78:e2:f5:50:8e:e2:cc:89:cf:5f:8f:13:46:40:a3:
                    03:58:2d:c1:55:8a:16:41:c8:dd:21:fc:8b:c9:2f:
                    78:08:db:90:f4:f7:f4:74:fe:22:27:eb:7f:ff:e8:
                    ea:ab:28:aa:e6:fb:5a:69:2e:9c:ff:fd:c8:de:89:
                    3c:b1:c5:f6:b2:80:64:c0:52:40:2e:fe:f9:1c:7d:
                    f5:49:a8:4f:29:83:cf:81:d7:79:4a:07:19:77:38:
                    af:0d:5f:14:1e:76:33:5e:6e:e3:e1:75:d4:a4:54:
                    a6:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:C2:B5:9A:19:4E:AF:20:99:AA:FA:6B:3E:A8:F0:82:1A:E0:F3:C5
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:a2:15:8b:0b:fb:6e:8d:e4:6c:f5:9d:69:8d:8e:49:e3:6d:
         64:e2:d1:5d:93:1f:86:2d:c4:16:b1:17:48:48:88:78:3a:98:
         e1:7c:3c:93:be:87:78:6a:6a:49:0a:e6:23:22:52:a3:62:af:
         d0:d0:f2:69:70:02:94:60:6b:d6:73:8a:21:1e:6d:2f:dd:69:
         46:8a:46:37:63:4c:6d:74:dd:53:9d:ce:10:31:be:09:9d:68:
         74:fc:9a:ad:3a:29:24:e5:45:66:4c:dc:94:36:0e:25:1e:7e:
         97:ba:4a:bf:12:e2:3c:86:15:f3:3f:eb:ba:c7:b0:fa:3c:06:
         e0:9a:de:78:47:9e:0d:1a:2f:8f:4b:1a:f4:36:c1:06:ff:5e:
         2c:3b:dc:e7:3b:2a:0b:18:43:f8:3d:7f:17:6c:54:9d:62:80:
         e9:9b:87:a6:32:0f:81:88:bd:bb:93:e3:e2:8b:bf:82:b7:74:
         83:e6:83:ce:89:ec:76:70:57:ba:71:eb:cc:dc:dc:ed:8e:79:
         46:8e:98:2d:07:53:5d:b9:03:a5:44:b5:3d:b8:40:97:29:06:
         9e:80:84:2c:af:4d:fb:08:89:37:92:06:46:89:db:73:13:8e:
         f4:e3:41:e0:34:65:27:85:6e:b7:ff:7d:9b:0c:b0:92:1a:dd:
         7b:ac:7b:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZYAgx+jtIbbA+ZA3DE4AztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjUwNDIxMTEwMDUxWhcNMjUwNDIyMTEwMDUxWjAzMTEwLwYDVQQD
EygyNmMyYjU5YTE5NGVhZjIwOTlhYWZhNmIzZWE4ZjA4MjFhZTBmM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8tfDpiLkT/9GRi7NCVQk0zNycl4
e9tvUvSe0oxhCHQOjjUNORXVLI9OS0SeEZM/h7I3Un+srI+zVyfT442r/owK7HPg
eNtrHx+mX2h4w3uxfx8O6mcMv5fL38bdMVneJoATRm6lkYPOx1W1sotRNPSmCCT/
Hz2Qxb9Ro78LLfB2dvEScuK7aSQ7Vj7lWHX29qvt7F944vVQjuLMic9fjxNGQKMD
WC3BVYoWQcjdIfyLyS94CNuQ9Pf0dP4iJ+t//+jqqyiq5vtaaS6c//3I3ok8scX2
soBkwFJALv75HH31SahPKYPPgdd5SgcZdzivDV8UHnYzXm7j4XXUpFSmjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCbCtZoZTq8gmar6az6o8IIa4PPFMB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGqIViwv7
bo3kbPWdaY2OSeNtZOLRXZMfhi3EFrEXSEiIeDqY4Xw8k76HeGpqSQrmIyJSo2Kv
0NDyaXAClGBr1nOKIR5tL91pRopGN2NMbXTdU53OEDG+CZ1odPyarTopJOVFZkzc
lDYOJR5+l7pKvxLiPIYV8z/rusew+jwG4JreeEeeDRovj0sa9DbBBv9eLDvc5zsq
CxhD+D1/F2xUnWKA6ZuHpjIPgYi9u5Pj4ou/grd0g+aDzonsdnBXunHrzNzc7Y55
Ro6YLQdTXbkDpUS1PbhAlykGnoCELK9N+wiJN5IGRonbcxOO9ONB4DRlJ4Vut/99
mwywkhrde6x74w==
-----END CERTIFICATE-----