Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          4vRQm2WSt1QJjcQA+6wAsPZBhqRMWQ9JKYGy1JhxQnw=
Subject key identifier:   88:3B:71:AD:C3:89:07:18:3D:DB:E4:F8:8B:D7:55:BE:84:D1:49:3C
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       01965FBC0002E9BADE7D2E98B6ED51A965C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0C5C
Signing time:             Tue 22 Apr 2025 23:01:18 +0000
Manifest this update:     Tue 22 Apr 2025 23:01:18 +0000
Manifest next update:     Wed 23 Apr 2025 23:01:18 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: 1O1FMx8GxnpiRIUlAhtRt0VzKedb0U33xwzVF6eDl4g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 23 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:5f:bc:00:02:e9:ba:de:7d:2e:98:b6:ed:51:a9:65:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Apr 22 23:01:18 2025 GMT
            Not After : Apr 23 23:01:18 2025 GMT
        Subject: CN=883b71adc38907183ddbe4f88bd755be84d1493c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:7c:46:c8:97:12:6e:5f:bc:61:a4:63:1c:f4:
                    20:3b:45:11:5e:25:e8:9e:21:4d:cf:c2:0d:0c:28:
                    58:4f:fd:e8:2e:4b:c3:3c:20:0a:f1:06:84:bb:8a:
                    dc:34:dc:40:40:0b:fe:3f:d3:aa:3b:c5:12:ac:e3:
                    cf:9c:bc:50:96:be:a7:04:3b:00:c5:81:f5:54:a9:
                    61:92:61:42:2e:aa:69:68:a5:dd:7e:6c:11:41:db:
                    11:61:39:07:05:46:df:13:b2:b5:22:59:f9:88:ea:
                    07:e0:eb:ff:5d:f4:9d:cd:bc:e6:12:4a:78:92:70:
                    d4:1e:33:a4:45:ba:4a:40:3c:7a:87:f5:4d:44:07:
                    ec:06:87:6f:2f:7c:c5:33:3a:2c:5b:98:58:a9:57:
                    69:8b:52:14:13:f8:62:75:b7:06:ba:8e:ae:d8:05:
                    88:fa:22:85:d5:82:c8:5f:0e:99:be:e4:16:99:d2:
                    eb:38:fe:23:08:6a:38:b1:61:52:84:3c:86:3c:54:
                    41:58:6f:98:f4:9f:10:20:17:7b:ef:72:2a:d2:0d:
                    55:c9:8f:cf:8f:f9:ee:6d:ed:9a:19:c4:81:14:c2:
                    41:b1:32:1a:bb:f3:9e:1d:c0:06:87:99:d9:bc:87:
                    f2:46:d7:33:cc:20:46:16:d3:89:68:9c:a3:7e:c4:
                    da:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:3B:71:AD:C3:89:07:18:3D:DB:E4:F8:8B:D7:55:BE:84:D1:49:3C
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:fc:10:e4:bb:4d:4c:dc:95:9b:50:fe:dd:40:e3:bf:be:ac:
         0d:d7:3a:b3:24:30:e6:2c:2b:92:25:3b:3a:45:e2:16:57:22:
         0e:bd:72:00:a6:f0:c9:ab:ff:41:6c:d1:0a:81:a4:e4:11:44:
         a3:3d:68:e8:f8:c5:9e:e8:a3:ed:41:bc:32:b7:70:fe:75:1b:
         c6:a7:da:7a:44:76:00:ec:ad:a9:c3:2c:b7:4e:d1:a5:a3:e3:
         b8:3d:9c:53:77:7c:00:b8:e3:28:d3:4f:e8:1a:f2:5a:04:e7:
         e9:8d:b5:b0:4d:79:9b:7b:1f:9b:b0:42:a7:d1:b9:1a:3c:d2:
         a7:be:1c:c3:b5:31:97:f6:1d:7c:bf:a8:18:4c:b1:68:8c:ca:
         73:3f:80:06:94:46:8e:1a:37:bf:41:ed:ca:9d:33:42:0a:82:
         ad:d7:07:ab:a5:5b:ff:8c:fd:6e:96:f8:3c:07:ad:59:49:83:
         45:69:f9:5b:22:be:a7:6f:49:01:9d:6c:e7:a8:1a:a3:1f:68:
         ea:a5:af:17:0a:cc:ef:9d:b9:9d:f1:0f:33:b5:15:b3:f1:ad:
         cf:a5:a4:aa:47:69:8f:58:d8:5a:b5:19:22:67:3c:99:78:96:
         bd:75:a8:af:00:78:98:5e:ce:83:c2:a5:9e:13:b8:6d:ff:4c:
         e1:ad:95:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZfvAAC6brefS6Ytu1RqWXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUwNDIyMjMwMTE4WhcNMjUwNDIzMjMwMTE4WjAzMTEwLwYDVQQD
Eyg4ODNiNzFhZGMzODkwNzE4M2RkYmU0Zjg4YmQ3NTViZTg0ZDE0OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3xGyJcSbl+8YaRjHPQgO0URXiXo
niFNz8INDChYT/3oLkvDPCAK8QaEu4rcNNxAQAv+P9OqO8USrOPPnLxQlr6nBDsA
xYH1VKlhkmFCLqppaKXdfmwRQdsRYTkHBUbfE7K1Iln5iOoH4Ov/XfSdzbzmEkp4
knDUHjOkRbpKQDx6h/VNRAfsBodvL3zFMzosW5hYqVdpi1IUE/hidbcGuo6u2AWI
+iKF1YLIXw6ZvuQWmdLrOP4jCGo4sWFShDyGPFRBWG+Y9J8QIBd773Iq0g1VyY/P
j/nube2aGcSBFMJBsTIau/OeHcAGh5nZvIfyRtczzCBGFtOJaJyjfsTaSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIg7ca3DiQcYPdvk+IvXVb6E0Uk8MB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEfwQ5LtN
TNyVm1D+3UDjv76sDdc6syQw5iwrkiU7OkXiFlciDr1yAKbwyav/QWzRCoGk5BFE
oz1o6PjFnuij7UG8Mrdw/nUbxqfaekR2AOytqcMst07RpaPjuD2cU3d8ALjjKNNP
6BryWgTn6Y21sE15m3sfm7BCp9G5GjzSp74cw7Uxl/YdfL+oGEyxaIzKcz+ABpRG
jho3v0Htyp0zQgqCrdcHq6Vb/4z9bpb4PAetWUmDRWn5WyK+p29JAZ1s56gaox9o
6qWvFwrM7525nfEPM7UVs/Gtz6Wkqkdpj1jYWrUZImc8mXiWvXWorwB4mF7Og8Kl
nhO4bf9M4a2VJA==
-----END CERTIFICATE-----