Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          528PLXMC1+oAm/YtuziLG6B4QKDjnmp84i3E7wDwPrQ=
Subject key identifier:   31:4D:91:20:B8:6B:C1:26:25:22:75:79:67:99:0A:CF:0D:45:2F:EC
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       0199228CB0AA0735E625F29DB41D29B80C0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0DCA
Signing time:             Sun 07 Sep 2025 05:01:09 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:09 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:09 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: iOJkuvmW0PzGIXQZy/sGmdE/O3eB0L5KlTPbO48fxm0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:01:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:b0:aa:07:35:e6:25:f2:9d:b4:1d:29:b8:0c:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Sep  7 05:01:09 2025 GMT
            Not After : Sep  8 05:01:09 2025 GMT
        Subject: CN=314d9120b86bc1262522757967990acf0d452fec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:3f:7c:8e:e7:cc:96:64:7a:6e:b7:8a:17:c2:
                    a0:ab:19:10:5c:f4:8b:87:76:7b:e6:47:37:5b:89:
                    4d:17:de:67:84:c2:f8:ad:54:5a:6e:c8:14:79:24:
                    be:24:b5:b8:c0:36:66:79:ac:d7:d3:75:cd:7e:fd:
                    da:74:43:ee:47:bf:cc:04:3a:72:ca:d1:d5:1e:5d:
                    f6:8f:76:1c:2a:e8:5f:39:04:a5:07:64:bd:f9:7b:
                    a3:48:6e:75:68:45:2d:e4:74:6a:f2:6b:7b:bd:3a:
                    23:c8:40:10:61:e6:71:ee:6e:36:02:d7:11:55:04:
                    ba:75:39:94:41:33:28:44:5d:ab:1c:b8:5d:ab:04:
                    4b:78:41:8e:8d:f4:4a:a0:22:a5:cf:28:ae:2d:32:
                    2f:19:14:d1:0b:09:5c:88:57:84:6b:84:38:c5:ac:
                    bf:a8:78:90:fd:52:c7:f8:c5:9b:e0:43:55:1c:97:
                    61:47:0d:6c:14:82:8e:c1:21:e8:1b:5a:40:4c:48:
                    98:c9:60:1f:02:23:7a:23:b3:02:70:0a:6f:a6:00:
                    90:bf:dc:65:8e:4a:2f:d7:38:f1:3b:68:85:84:86:
                    d8:82:df:8d:63:88:a4:59:4e:7c:e2:10:18:79:e0:
                    45:57:2c:6c:fe:e1:54:39:79:2b:4d:95:2d:a3:64:
                    0c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:4D:91:20:B8:6B:C1:26:25:22:75:79:67:99:0A:CF:0D:45:2F:EC
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:18:3f:8f:fd:7f:45:fb:68:a6:9f:ff:c2:ab:ae:ac:30:5e:
         ef:2e:24:2b:b9:9e:86:a3:cd:6d:b6:55:c1:08:70:5b:f6:54:
         49:89:4f:1e:6b:68:db:0f:a1:95:3d:a6:bb:bb:a5:3d:53:4a:
         ca:a4:8d:f5:cd:f3:75:2f:88:d6:4f:8d:5a:44:75:95:c3:b4:
         90:72:d0:70:be:84:81:b8:2a:00:75:62:01:41:96:a3:ec:4d:
         c2:ea:7c:b8:bd:5f:3b:52:ca:04:5a:98:29:ce:d3:d7:24:31:
         ad:3b:1d:ea:25:12:3e:b1:bc:1d:5a:02:f1:ff:b9:82:f2:74:
         25:aa:6b:aa:3d:13:5c:2e:bf:5b:55:41:9e:db:30:c0:a1:c4:
         cd:6b:0c:92:71:ac:fa:5c:f6:f1:34:a4:92:f3:c7:1e:0c:2b:
         6b:48:21:72:1d:1b:87:d0:88:34:33:3e:24:5a:31:40:74:aa:
         80:27:95:d2:9e:4f:99:63:ca:d8:2e:15:b7:8b:3a:27:d7:f0:
         e2:b3:56:cc:0f:ec:57:0e:29:9a:89:89:ee:48:43:4c:65:b7:
         9f:45:b7:84:a6:57:b9:f3:a7:a1:ae:22:76:d2:80:b8:c2:07:
         dd:cd:12:c1:36:d7:c4:2e:07:9f:d9:9e:95:88:4c:b2:2e:95:
         26:c9:0d:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijLCqBzXmJfKdtB0puAwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUwOTA3MDUwMTA5WhcNMjUwOTA4MDUwMTA5WjAzMTEwLwYDVQQD
EygzMTRkOTEyMGI4NmJjMTI2MjUyMjc1Nzk2Nzk5MGFjZjBkNDUyZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT98jufMlmR6breKF8KgqxkQXPSL
h3Z75kc3W4lNF95nhML4rVRabsgUeSS+JLW4wDZmeazX03XNfv3adEPuR7/MBDpy
ytHVHl32j3YcKuhfOQSlB2S9+XujSG51aEUt5HRq8mt7vTojyEAQYeZx7m42AtcR
VQS6dTmUQTMoRF2rHLhdqwRLeEGOjfRKoCKlzyiuLTIvGRTRCwlciFeEa4Q4xay/
qHiQ/VLH+MWb4ENVHJdhRw1sFIKOwSHoG1pATEiYyWAfAiN6I7MCcApvpgCQv9xl
jkov1zjxO2iFhIbYgt+NY4ikWU584hAYeeBFVyxs/uFUOXkrTZUto2QMRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDFNkSC4a8EmJSJ1eWeZCs8NRS/sMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbxg/j/1/
Rftopp//wquurDBe7y4kK7mehqPNbbZVwQhwW/ZUSYlPHmto2w+hlT2mu7ulPVNK
yqSN9c3zdS+I1k+NWkR1lcO0kHLQcL6EgbgqAHViAUGWo+xNwup8uL1fO1LKBFqY
Kc7T1yQxrTsd6iUSPrG8HVoC8f+5gvJ0Japrqj0TXC6/W1VBntswwKHEzWsMknGs
+lz28TSkkvPHHgwra0ghch0bh9CINDM+JFoxQHSqgCeV0p5PmWPK2C4Vt4s6J9fw
4rNWzA/sVw4pmomJ7khDTGW3n0W3hKZXufOnoa4idtKAuMIH3c0SwTbXxC4Hn9me
lYhMsi6VJskNWQ==
-----END CERTIFICATE-----