Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          7G35mX+ASKOBBLvy45+AVWii/pI6oTBo/+IRIQqTteo=
Subject key identifier:   07:27:7B:F9:72:A3:BF:3D:0C:20:5A:F3:F5:EA:0D:45:00:BF:D2:07
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       01964D7F12371FD5402C30661C3FF1C31004
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          0E0E
Signing time:             Sat 19 Apr 2025 10:01:35 +0000
Manifest this update:     Sat 19 Apr 2025 10:01:35 +0000
Manifest next update:     Sun 20 Apr 2025 10:01:35 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: p+a5cGdlQrzFH4CfGo51ufLNeKEXHLIH7BWSh9djR0w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4d:7f:12:37:1f:d5:40:2c:30:66:1c:3f:f1:c3:10:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Apr 19 10:01:35 2025 GMT
            Not After : Apr 20 10:01:35 2025 GMT
        Subject: CN=07277bf972a3bf3d0c205af3f5ea0d4500bfd207
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:58:e0:4f:eb:7e:5a:45:4f:f8:04:91:db:82:
                    d1:38:41:19:07:a8:7a:60:fb:3e:fa:d2:fb:67:5b:
                    78:28:5d:39:39:8d:b0:15:52:ef:3e:20:a3:22:60:
                    7d:4c:b6:b2:bc:6d:57:e7:f6:75:a8:a9:e0:16:85:
                    af:26:4b:c0:e3:b4:a9:0d:4d:2b:12:73:58:8f:a1:
                    97:8e:a6:41:f4:81:73:d0:b5:5a:da:be:df:ce:e2:
                    e2:48:19:8e:7e:96:cf:94:b9:35:7b:1a:57:c8:e9:
                    32:c4:41:c2:bb:f6:3b:67:bb:62:a2:07:9a:72:7f:
                    45:bd:99:70:3c:28:24:94:af:96:76:ab:ae:78:92:
                    97:70:d8:f2:97:3a:06:0a:5f:ea:7c:2a:dd:2a:fd:
                    02:a0:eb:b6:8b:79:40:37:ae:c8:71:0c:ce:82:b8:
                    2b:dd:8b:73:89:f2:47:36:36:f7:40:bc:ce:ca:8b:
                    e7:c2:14:19:19:81:1a:49:e2:b3:29:39:b2:29:60:
                    7f:1d:ab:ef:43:40:55:17:bd:42:f8:39:e8:fd:de:
                    8e:07:83:01:9b:43:5e:fc:92:77:66:b2:28:21:0f:
                    69:fe:b1:e8:94:62:a0:85:8c:86:67:34:3e:9a:17:
                    e3:b6:2f:90:75:59:53:7e:9f:47:56:0d:cb:f3:0a:
                    6a:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:27:7B:F9:72:A3:BF:3D:0C:20:5A:F3:F5:EA:0D:45:00:BF:D2:07
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:f2:af:b1:d7:29:6b:c3:44:43:f8:74:2e:11:9d:1b:cb:14:
         e0:30:4f:dd:d3:6b:7b:48:f0:48:b4:59:94:c1:e0:73:4e:d6:
         e8:48:1d:da:f9:82:19:75:59:a5:72:ad:21:71:58:87:3e:21:
         05:e1:46:13:66:d0:c3:40:16:eb:b3:a1:4a:9b:db:7d:e0:59:
         80:de:f2:5a:ab:81:33:cd:6c:02:d8:b1:1b:76:be:e1:90:a8:
         c0:ae:66:b0:90:19:46:50:9f:04:66:f8:9d:2b:c4:3c:2b:f4:
         40:ea:b0:40:da:62:48:af:7c:94:5e:17:d9:38:81:de:e1:ae:
         74:4c:0e:23:fe:12:c7:ef:64:1e:ea:28:31:61:4d:b3:9c:17:
         49:3d:0d:52:92:ff:48:cd:bb:d3:ea:0c:be:77:bc:8e:e8:bc:
         e9:e9:df:44:55:0a:fe:99:b8:be:cb:c6:3f:e6:66:76:d5:d9:
         87:1d:98:f8:0b:50:31:43:a5:d9:0b:ec:1f:b5:b6:f4:c8:71:
         df:d9:1b:20:97:f0:92:96:a8:3c:31:3c:3d:9d:44:1c:4c:06:
         c4:e6:87:65:3f:9b:9f:b9:78:0b:98:74:90:5b:5b:0f:1b:b9:
         fe:56:47:f0:c4:8c:b9:3e:fe:06:32:e8:f0:4a:0d:66:43:23:
         1a:a6:53:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZNfxI3H9VALDBmHD/xwxAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjUwNDE5MTAwMTM1WhcNMjUwNDIwMTAwMTM1WjAzMTEwLwYDVQQD
EygwNzI3N2JmOTcyYTNiZjNkMGMyMDVhZjNmNWVhMGQ0NTAwYmZkMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFjgT+t+WkVP+ASR24LROEEZB6h6
YPs++tL7Z1t4KF05OY2wFVLvPiCjImB9TLayvG1X5/Z1qKngFoWvJkvA47SpDU0r
EnNYj6GXjqZB9IFz0LVa2r7fzuLiSBmOfpbPlLk1expXyOkyxEHCu/Y7Z7tiogea
cn9FvZlwPCgklK+WdquueJKXcNjylzoGCl/qfCrdKv0CoOu2i3lAN67IcQzOgrgr
3YtzifJHNjb3QLzOyovnwhQZGYEaSeKzKTmyKWB/HavvQ0BVF71C+Dno/d6OB4MB
m0Ne/JJ3ZrIoIQ9p/rHolGKghYyGZzQ+mhfjti+QdVlTfp9HVg3L8wpq4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAcne/lyo789DCBa8/XqDUUAv9IHMB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkPKvsdcp
a8NEQ/h0LhGdG8sU4DBP3dNre0jwSLRZlMHgc07W6Egd2vmCGXVZpXKtIXFYhz4h
BeFGE2bQw0AW67OhSpvbfeBZgN7yWquBM81sAtixG3a+4ZCowK5msJAZRlCfBGb4
nSvEPCv0QOqwQNpiSK98lF4X2TiB3uGudEwOI/4Sx+9kHuooMWFNs5wXST0NUpL/
SM270+oMvne8jui86enfRFUK/pm4vsvGP+ZmdtXZhx2Y+AtQMUOl2QvsH7W29Mhx
39kbIJfwkpaoPDE8PZ1EHEwGxOaHZT+bn7l4C5h0kFtbDxu5/lZH8MSMuT7+BjLo
8EoNZkMjGqZTow==
-----END CERTIFICATE-----