Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          fGfVYe1rreMA97/cvJDfdVnLbOK9cD5nJ5QIVzY461o=
Subject key identifier:   DA:30:B4:83:74:B5:05:C3:87:6D:A1:71:09:31:C2:E7:35:0D:20:88
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       0197628306B724678DEF4E7DB8232D0893A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0CE2
Signing time:             Thu 12 Jun 2025 05:00:43 +0000
Manifest this update:     Thu 12 Jun 2025 05:00:43 +0000
Manifest next update:     Fri 13 Jun 2025 05:00:43 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: lhocnmUN7aUEWKzP27kJAbN350JeqqTTq74n43vOIbY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 05:00:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:62:83:06:b7:24:67:8d:ef:4e:7d:b8:23:2d:08:93:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Jun 12 05:00:43 2025 GMT
            Not After : Jun 13 05:00:43 2025 GMT
        Subject: CN=da30b48374b505c3876da1710931c2e7350d2088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:4e:24:2b:be:f2:4a:04:62:82:5b:47:25:17:
                    fd:81:63:f2:3e:1d:16:67:3f:f3:da:5b:b4:21:db:
                    7c:34:25:fc:49:f3:da:64:2c:c1:97:d8:46:6d:56:
                    63:ff:5d:b6:b0:fc:dc:05:c8:9c:b0:fa:70:7f:c5:
                    bc:6e:65:20:19:93:30:48:46:9d:26:a8:cd:e8:0b:
                    0a:b3:0e:cf:a7:e9:ce:14:24:ec:b0:d8:63:c2:4b:
                    e1:15:b2:c1:98:56:34:81:ef:54:e5:ff:53:d4:44:
                    98:f9:dc:f0:82:57:6b:3f:1d:89:ec:9a:c2:81:ab:
                    6c:cc:05:d6:4f:14:37:5e:c9:4a:43:aa:63:49:29:
                    2c:c4:6f:9f:11:ec:b1:99:a7:2d:9f:ae:97:39:b2:
                    aa:96:15:06:15:23:91:ae:ea:40:9d:f4:5b:b3:4e:
                    08:aa:9d:e6:d3:53:3b:c7:98:8f:a8:1f:98:5b:ac:
                    b0:e6:f7:be:78:0c:e6:c8:26:f2:98:38:27:1d:0a:
                    05:23:09:34:01:27:aa:22:73:03:d9:30:21:7e:ff:
                    83:d3:84:48:dc:e9:09:be:1c:22:ba:d5:cb:b7:61:
                    63:8a:ec:4e:58:2c:29:6f:17:d9:cb:43:4c:1c:ef:
                    91:8c:35:48:0b:ef:3e:65:dc:49:10:e3:df:87:96:
                    6d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:30:B4:83:74:B5:05:C3:87:6D:A1:71:09:31:C2:E7:35:0D:20:88
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:08:e8:df:7e:e0:72:20:61:80:a8:ab:3f:87:77:b1:11:80:
         63:c6:cb:51:18:8a:bb:cc:7c:62:80:19:b9:39:ca:1e:bb:80:
         3e:a5:9f:83:d0:8c:fb:f0:e3:30:c2:52:76:9a:50:e6:8b:0f:
         19:3b:ca:ca:64:90:77:42:ef:fd:1e:5c:89:9f:f2:0c:f5:6d:
         82:80:a1:82:ce:95:dd:6e:4b:34:e0:fc:d1:07:fd:54:5c:f0:
         6f:61:6c:30:34:da:48:27:a6:87:5b:82:c5:91:e0:ea:15:af:
         dc:46:09:29:37:3c:a3:3f:eb:10:6e:74:3c:61:19:55:1e:bc:
         d6:49:75:fb:da:62:02:ec:5b:06:a2:05:2c:4d:f3:fe:cf:58:
         9c:b6:c9:0d:38:32:6c:30:45:ee:ef:e5:dd:e7:fb:51:50:1e:
         3b:11:b7:d0:4b:e4:f1:01:3a:27:52:b7:80:a8:02:2e:7c:39:
         78:a7:da:5b:62:cf:3b:1b:21:04:a8:83:a2:3c:1a:2e:54:1f:
         0e:00:55:74:92:7e:19:8e:79:b5:40:cf:0b:ab:4c:45:e0:07:
         b6:58:16:a8:e0:75:90:c3:f3:ef:6c:2d:65:ca:ec:07:85:73:
         6a:43:2e:35:32:19:a3:4f:3c:64:b0:84:35:3e:64:2c:2c:19:
         f6:35:3b:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdigwa3JGeN7059uCMtCJOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUwNjEyMDUwMDQzWhcNMjUwNjEzMDUwMDQzWjAzMTEwLwYDVQQD
EyhkYTMwYjQ4Mzc0YjUwNWMzODc2ZGExNzEwOTMxYzJlNzM1MGQyMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9E4kK77ySgRigltHJRf9gWPyPh0W
Zz/z2lu0Idt8NCX8SfPaZCzBl9hGbVZj/122sPzcBcicsPpwf8W8bmUgGZMwSEad
JqjN6AsKsw7Pp+nOFCTssNhjwkvhFbLBmFY0ge9U5f9T1ESY+dzwgldrPx2J7JrC
gatszAXWTxQ3XslKQ6pjSSksxG+fEeyxmactn66XObKqlhUGFSORrupAnfRbs04I
qp3m01M7x5iPqB+YW6yw5ve+eAzmyCbymDgnHQoFIwk0ASeqInMD2TAhfv+D04RI
3OkJvhwiutXLt2FjiuxOWCwpbxfZy0NMHO+RjDVIC+8+ZdxJEOPfh5ZtaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNowtIN0tQXDh22hcQkxwuc1DSCIMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQjo337g
ciBhgKirP4d3sRGAY8bLURiKu8x8YoAZuTnKHruAPqWfg9CM+/DjMMJSdppQ5osP
GTvKymSQd0Lv/R5ciZ/yDPVtgoChgs6V3W5LNOD80Qf9VFzwb2FsMDTaSCemh1uC
xZHg6hWv3EYJKTc8oz/rEG50PGEZVR681kl1+9piAuxbBqIFLE3z/s9YnLbJDTgy
bDBF7u/l3ef7UVAeOxG30Evk8QE6J1K3gKgCLnw5eKfaW2LPOxshBKiDojwaLlQf
DgBVdJJ+GY55tUDPC6tMReAHtlgWqOB1kMPz72wtZcrsB4VzakMuNTIZo088ZLCE
NT5kLCwZ9jU7mQ==
-----END CERTIFICATE-----