Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          K9utX6fBWAJad7UEpIII36JSv/JgCbvZo6fBTKU/XnU=
Subject key identifier:   79:93:6E:A3:20:25:E8:D4:2D:87:66:CC:89:92:96:0C:BD:A6:D8:11
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       019748FA6D93B49F5F334CDF043211144933
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          124E
Signing time:             Sat 07 Jun 2025 06:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:00 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: Vn2RIthXlk+RQpVlWGeuj0FCMh2xSOOyNLkB0Xw8Bv4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 00:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:6d:93:b4:9f:5f:33:4c:df:04:32:11:14:49:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Jun  7 06:01:00 2025 GMT
            Not After : Jun  8 06:01:00 2025 GMT
        Subject: CN=79936ea32025e8d42d8766cc8992960cbda6d811
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:cc:97:2f:d0:ec:57:f1:df:de:c7:4c:13:b3:
                    9c:fa:87:86:a3:b0:f7:04:06:7e:67:6d:20:55:2d:
                    b0:df:19:8f:ee:b1:09:26:57:d4:70:f5:f7:d4:b2:
                    99:60:8c:d9:69:25:74:e7:1c:f1:ce:91:53:cf:4d:
                    5f:55:05:6a:3a:22:82:67:24:59:fa:6a:5a:02:ef:
                    e6:68:5f:c1:79:24:92:c1:d9:de:45:99:33:40:df:
                    e4:bd:d0:37:90:d5:46:f2:c5:c3:7f:4f:e2:1f:32:
                    a3:bc:ff:09:2a:0a:9d:f6:8e:aa:9e:90:71:5c:4a:
                    3b:18:bb:49:8f:28:25:9e:ad:45:d8:17:e2:37:0b:
                    bc:90:d1:8b:c2:da:29:3b:30:8c:3b:fe:29:f8:d0:
                    3b:8a:74:11:e6:bd:42:7a:e5:94:52:a7:08:b5:81:
                    1c:6e:87:ac:90:4f:81:a8:66:15:2c:2a:3a:d2:a2:
                    33:bf:21:45:2a:2b:97:ee:b6:8d:7b:44:21:71:eb:
                    ce:54:83:e6:8b:fd:54:f2:ec:cf:d9:af:97:57:d7:
                    b0:20:30:f5:b7:23:4b:34:8c:71:1a:33:55:36:d7:
                    bc:5e:54:1e:4a:87:81:25:94:e0:da:2b:9c:9e:91:
                    39:16:cd:9d:f6:51:44:a2:00:cc:70:1d:ad:16:f2:
                    ba:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:93:6E:A3:20:25:E8:D4:2D:87:66:CC:89:92:96:0C:BD:A6:D8:11
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:f4:c4:1c:99:5f:a5:ae:a5:94:d3:45:f6:d0:71:bb:1b:c6:
         1c:7a:ca:c1:38:21:fc:7c:a3:dd:a2:c4:fb:b4:72:79:79:e6:
         be:64:4d:a2:c2:0d:03:86:ba:2b:3b:89:0a:e7:60:14:fb:bb:
         f1:be:3a:9f:13:26:23:e2:f0:ed:be:31:a7:18:42:c2:1b:d1:
         9a:da:bc:44:ef:8d:b3:c7:f1:20:02:8a:74:51:65:fe:4f:50:
         6f:00:bf:1f:ad:3a:14:28:50:69:8d:de:5f:16:fd:95:2d:46:
         c8:ba:ab:0e:05:4d:ef:46:1c:85:e4:7d:3e:5b:c9:3a:41:da:
         8f:ff:25:85:f5:5d:aa:b5:06:f4:f1:f6:5e:0b:c0:8a:3a:52:
         4b:37:cb:8b:52:2f:fd:ee:e9:b0:00:33:46:e3:3e:95:60:94:
         b3:26:9a:12:d0:6e:08:83:2e:4a:0d:a5:ce:aa:e5:7f:42:c7:
         d8:b7:1d:9e:f5:9f:9f:7b:8a:44:3f:81:a4:64:2a:c5:ba:94:
         ad:86:9c:3c:aa:f8:74:c4:29:61:d4:91:2a:03:e2:67:24:4f:
         a8:17:c8:19:1c:6d:7b:49:d9:db:0f:bb:f1:58:31:38:83:54:
         1b:84:8d:35:ce:9a:f5:dc:5d:f8:63:37:26:72:58:d5:14:64:
         f0:89:9d:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+m2TtJ9fM0zfBDIRFEkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjUwNjA3MDYwMTAwWhcNMjUwNjA4MDYwMTAwWjAzMTEwLwYDVQQD
Eyg3OTkzNmVhMzIwMjVlOGQ0MmQ4NzY2Y2M4OTkyOTYwY2JkYTZkODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8yXL9DsV/Hf3sdME7Oc+oeGo7D3
BAZ+Z20gVS2w3xmP7rEJJlfUcPX31LKZYIzZaSV05xzxzpFTz01fVQVqOiKCZyRZ
+mpaAu/maF/BeSSSwdneRZkzQN/kvdA3kNVG8sXDf0/iHzKjvP8JKgqd9o6qnpBx
XEo7GLtJjyglnq1F2BfiNwu8kNGLwtopOzCMO/4p+NA7inQR5r1CeuWUUqcItYEc
boeskE+BqGYVLCo60qIzvyFFKiuX7raNe0QhcevOVIPmi/1U8uzP2a+XV9ewIDD1
tyNLNIxxGjNVNte8XlQeSoeBJZTg2iucnpE5Fs2d9lFEogDMcB2tFvK6EwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmTbqMgJejULYdmzImSlgy9ptgRMB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/TEHJlf
pa6llNNF9tBxuxvGHHrKwTgh/Hyj3aLE+7RyeXnmvmRNosINA4a6KzuJCudgFPu7
8b46nxMmI+Lw7b4xpxhCwhvRmtq8RO+Ns8fxIAKKdFFl/k9QbwC/H606FChQaY3e
Xxb9lS1GyLqrDgVN70YcheR9PlvJOkHaj/8lhfVdqrUG9PH2XgvAijpSSzfLi1Iv
/e7psAAzRuM+lWCUsyaaEtBuCIMuSg2lzqrlf0LH2LcdnvWfn3uKRD+BpGQqxbqU
rYacPKr4dMQpYdSRKgPiZyRPqBfIGRxte0nZ2w+78VgxOINUG4SNNc6a9dxd+GM3
JnJY1RRk8Imdzg==
-----END CERTIFICATE-----