Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          kH1STv8n7+ap1No5d57vkZoXxfOYPqdz24aFO6jFIzc=
Subject key identifier:   DC:E0:EA:0F:99:05:A5:16:67:A4:58:A5:11:5A:8B:0F:0C:3D:71:93
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       019511A2E90B456CDA762E40854828A445E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0BAF
Signing time:             Mon 17 Feb 2025 02:00:43 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:43 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:43 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: k2228qNMm2V/6X+u42dYamvruqYXD+mrAdxUTEQUSK8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:e9:0b:45:6c:da:76:2e:40:85:48:28:a4:45:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Feb 17 02:00:43 2025 GMT
            Not After : Feb 18 02:00:43 2025 GMT
        Subject: CN=dce0ea0f9905a51667a458a5115a8b0f0c3d7193
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6c:91:53:bc:4c:33:cc:85:a3:c4:c0:d6:5e:
                    78:d2:8f:cb:56:9b:ee:09:b5:3c:ad:0f:76:11:71:
                    c5:e8:4c:cb:69:d7:09:07:28:d1:37:64:01:70:ed:
                    ca:9e:9b:c0:3e:a6:ee:35:c1:02:b2:ac:1f:e4:69:
                    12:77:2c:07:e9:0b:58:60:f2:36:db:8c:9a:77:37:
                    ea:88:7c:55:d0:9d:93:bd:9b:0f:60:ea:bf:d0:d9:
                    e3:c3:4c:5a:12:44:e0:c7:b5:2e:f9:40:28:61:fc:
                    2b:e6:46:b7:b8:9f:d2:24:89:49:63:60:3a:bb:be:
                    f7:f8:07:16:73:10:c7:3d:0b:c2:63:60:96:0b:8f:
                    13:91:29:18:0e:1e:e7:aa:e1:75:0f:d2:7e:14:10:
                    ce:23:43:e6:1d:f4:17:45:4c:56:4b:28:e0:a1:ef:
                    4c:bd:ca:5e:78:b2:e1:12:da:35:82:11:d3:d6:63:
                    22:3c:c5:17:7e:72:82:06:76:f1:1a:19:1a:90:25:
                    78:19:0a:60:88:1d:d6:11:7a:60:b8:e7:7e:28:4f:
                    ef:9d:81:eb:4e:4b:b2:ac:37:45:46:74:9f:58:e6:
                    3f:99:6b:dd:c7:a8:a3:66:5b:23:e7:48:3e:a9:9b:
                    36:2f:28:ee:97:13:20:03:7d:91:d8:53:21:51:e1:
                    32:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:E0:EA:0F:99:05:A5:16:67:A4:58:A5:11:5A:8B:0F:0C:3D:71:93
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:ce:01:83:91:7a:ba:b2:bf:9d:1a:51:0f:71:f6:6c:32:4c:
         1d:2c:bf:3b:36:7a:2b:a4:f8:ed:35:2a:69:9a:00:4a:5c:45:
         f2:8b:ab:f3:ea:89:5d:02:23:94:7f:1d:37:db:e2:64:51:77:
         20:73:f0:30:1a:60:f6:50:58:f3:93:99:80:02:71:c9:8f:6a:
         e1:38:c1:92:11:90:aa:81:92:f8:38:08:0f:64:6d:2c:f1:a5:
         fc:66:ec:78:26:46:b4:c0:5a:f2:91:c1:d5:58:27:b0:b0:b4:
         80:67:2a:1e:03:18:ab:a9:a5:c8:1c:ca:6c:f3:36:2e:1b:a7:
         29:d2:c5:ef:42:15:f5:fc:be:bf:9c:b2:4c:fc:e9:9d:c8:5d:
         5d:ef:8e:63:d1:83:36:77:32:1f:e6:81:df:f0:26:7a:d2:75:
         2e:84:7c:68:62:19:4d:0c:82:7c:dc:b4:b7:7f:4f:79:4e:7a:
         8f:42:44:0c:8a:06:c3:c2:50:c2:72:d4:1c:93:af:04:f7:6c:
         5f:39:27:46:47:78:cd:1b:88:be:f4:05:09:18:90:55:ec:9c:
         52:ed:90:13:8e:d5:1f:32:9b:75:ce:89:87:2c:34:52:21:f4:
         97:7f:d6:56:a1:0b:f9:1f:42:e9:fb:9b:11:37:8b:7c:64:2d:
         e4:ca:66:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURoukLRWzadi5AhUgopEXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUwMjE3MDIwMDQzWhcNMjUwMjE4MDIwMDQzWjAzMTEwLwYDVQQD
EyhkY2UwZWEwZjk5MDVhNTE2NjdhNDU4YTUxMTVhOGIwZjBjM2Q3MTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGyRU7xMM8yFo8TA1l540o/LVpvu
CbU8rQ92EXHF6EzLadcJByjRN2QBcO3KnpvAPqbuNcECsqwf5GkSdywH6QtYYPI2
24yadzfqiHxV0J2TvZsPYOq/0Nnjw0xaEkTgx7Uu+UAoYfwr5ka3uJ/SJIlJY2A6
u773+AcWcxDHPQvCY2CWC48TkSkYDh7nquF1D9J+FBDOI0PmHfQXRUxWSyjgoe9M
vcpeeLLhEto1ghHT1mMiPMUXfnKCBnbxGhkakCV4GQpgiB3WEXpguOd+KE/vnYHr
TkuyrDdFRnSfWOY/mWvdx6ijZlsj50g+qZs2LyjulxMgA32R2FMhUeEySQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNzg6g+ZBaUWZ6RYpRFaiw8MPXGTMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZs4Bg5F6
urK/nRpRD3H2bDJMHSy/OzZ6K6T47TUqaZoASlxF8our8+qJXQIjlH8dN9viZFF3
IHPwMBpg9lBY85OZgAJxyY9q4TjBkhGQqoGS+DgID2RtLPGl/GbseCZGtMBa8pHB
1VgnsLC0gGcqHgMYq6mlyBzKbPM2LhunKdLF70IV9fy+v5yyTPzpnchdXe+OY9GD
NncyH+aB3/AmetJ1LoR8aGIZTQyCfNy0t39PeU56j0JEDIoGw8JQwnLUHJOvBPds
XzknRkd4zRuIvvQFCRiQVeycUu2QE47VHzKbdc6Jhyw0UiH0l3/WVqEL+R9C6fub
ETeLfGQt5Mpm8g==
-----END CERTIFICATE-----