Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          mYKECLSgb180w2L3DbRPK7EhSnxncacp85mdhZ5cfjQ=
Subject key identifier:   86:12:E5:E4:13:71:3D:5A:51:CD:31:47:36:6F:D3:A6:18:B5:CE:9B
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       01958B4DCE9B3DDC4F95D328BC60EF8F0761
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0BEE
Signing time:             Wed 12 Mar 2025 17:01:26 +0000
Manifest this update:     Wed 12 Mar 2025 17:01:26 +0000
Manifest next update:     Thu 13 Mar 2025 17:01:26 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: 6BzNHDsCfftoPzesNZFL/wfmqo4wTicuLs0Ghp6oU8M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 17:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8b:4d:ce:9b:3d:dc:4f:95:d3:28:bc:60:ef:8f:07:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Mar 12 17:01:26 2025 GMT
            Not After : Mar 13 17:01:26 2025 GMT
        Subject: CN=8612e5e413713d5a51cd3147366fd3a618b5ce9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:9e:dc:09:ab:3f:55:73:bc:ab:7e:9e:3b:07:
                    dd:72:b9:3d:23:00:e0:40:b1:c5:40:8e:a8:df:8b:
                    75:1c:40:99:69:73:90:f5:25:85:b8:d2:68:7a:cf:
                    e2:42:60:23:b7:e2:8d:a0:be:c7:26:f8:8b:00:76:
                    e2:da:b3:ff:ee:4d:b7:68:fd:58:c1:03:cf:81:32:
                    08:09:f3:d0:9c:8a:a8:2a:26:aa:b6:30:50:26:08:
                    f8:17:09:cc:c9:50:1e:50:18:bc:4f:c9:9c:3a:db:
                    94:8d:cf:aa:03:e5:6b:ef:ba:16:61:bc:32:ea:39:
                    6e:75:c4:ad:94:bc:cc:e7:45:b3:9e:35:94:04:cf:
                    0a:9f:1b:c1:b1:a1:34:34:de:a5:07:6e:21:61:09:
                    f8:c5:79:86:d1:bf:3e:cc:de:0a:b2:1c:20:b2:13:
                    6b:18:b5:c0:ab:c0:d9:a1:fe:0c:09:64:55:d0:e0:
                    8b:5b:86:23:8c:68:c4:73:4e:a1:2b:f4:13:72:96:
                    aa:e7:fc:84:58:37:f6:28:05:d9:60:6e:48:9b:10:
                    0a:62:2c:05:6c:9e:41:c4:cb:86:6a:2f:b6:98:ba:
                    0c:ef:71:7c:bf:c8:a8:64:da:df:97:d9:ed:c8:d2:
                    06:e9:e8:d4:ed:e4:4c:98:de:89:89:49:e4:cf:6c:
                    59:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:12:E5:E4:13:71:3D:5A:51:CD:31:47:36:6F:D3:A6:18:B5:CE:9B
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:1b:4a:cf:a6:2c:2d:23:d0:c8:47:a2:26:9c:59:36:e9:1e:
         47:24:2e:47:bf:a7:ec:cc:39:21:bd:ae:5b:17:db:7f:ad:c1:
         71:bd:b0:8c:22:7f:bc:ed:8f:5a:1e:75:53:55:29:b8:a9:89:
         50:3a:32:3a:24:b9:61:f6:93:4d:1f:51:86:86:63:a5:21:86:
         c1:66:22:0b:cc:fa:49:7b:bb:69:3b:99:53:7e:c3:33:77:37:
         4a:ab:db:e7:14:dc:5d:4e:ee:61:93:1d:e6:2f:af:b5:ca:34:
         3a:65:51:8a:5f:c1:07:be:7c:8b:36:e8:4e:00:95:6a:72:f6:
         b1:4e:10:bd:e5:ef:3b:63:f7:a2:2e:40:22:fd:3b:2c:92:c5:
         c4:a7:26:53:ec:50:96:1b:9c:95:0f:0b:f8:e3:e5:c8:68:bd:
         6b:e1:28:6d:c6:31:d0:4e:cc:59:90:70:ad:5d:3b:84:41:87:
         13:67:6e:3d:11:4a:dc:20:f0:f9:a6:c8:73:c5:a6:69:af:47:
         f0:bc:29:31:1b:3c:ce:d2:72:30:7f:3b:2a:02:1a:53:5a:fa:
         f3:c8:60:32:13:4c:2a:21:58:8a:d0:b5:91:40:c1:bb:8a:1f:
         dc:d6:92:5d:bf:37:25:38:e8:87:f7:77:dd:4d:51:d1:8e:a8:
         e9:74:18:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWLTc6bPdxPldMovGDvjwdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUwMzEyMTcwMTI2WhcNMjUwMzEzMTcwMTI2WjAzMTEwLwYDVQQD
Eyg4NjEyZTVlNDEzNzEzZDVhNTFjZDMxNDczNjZmZDNhNjE4YjVjZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3p7cCas/VXO8q36eOwfdcrk9IwDg
QLHFQI6o34t1HECZaXOQ9SWFuNJoes/iQmAjt+KNoL7HJviLAHbi2rP/7k23aP1Y
wQPPgTIICfPQnIqoKiaqtjBQJgj4FwnMyVAeUBi8T8mcOtuUjc+qA+Vr77oWYbwy
6jludcStlLzM50WznjWUBM8KnxvBsaE0NN6lB24hYQn4xXmG0b8+zN4KshwgshNr
GLXAq8DZof4MCWRV0OCLW4YjjGjEc06hK/QTcpaq5/yEWDf2KAXZYG5ImxAKYiwF
bJ5BxMuGai+2mLoM73F8v8ioZNrfl9ntyNIG6ejU7eRMmN6JiUnkz2xZTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYS5eQTcT1aUc0xRzZv06YYtc6bMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALhtKz6Ys
LSPQyEeiJpxZNukeRyQuR7+n7Mw5Ib2uWxfbf63Bcb2wjCJ/vO2PWh51U1UpuKmJ
UDoyOiS5YfaTTR9RhoZjpSGGwWYiC8z6SXu7aTuZU37DM3c3Sqvb5xTcXU7uYZMd
5i+vtco0OmVRil/BB758izboTgCVanL2sU4QveXvO2P3oi5AIv07LJLFxKcmU+xQ
lhuclQ8L+OPlyGi9a+EobcYx0E7MWZBwrV07hEGHE2duPRFK3CDw+abIc8Wmaa9H
8LwpMRs8ztJyMH87KgIaU1r688hgMhNMKiFYitC1kUDBu4of3NaSXb83JTjoh/d3
3U1R0Y6o6XQYkQ==
-----END CERTIFICATE-----