Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
File:                     KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json)
Hash identifier:          A0diYJbB9Df95oiIjUYQ7VCJ/V5uz36QzA6evMyoOtQ=
Subject key identifier:   6B:CC:A0:05:66:53:0C:7D:E1:42:ED:06:DB:D9:51:4A:3B:88:85:5F
Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61
Certificate issuer:       /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
Certificate serial:       0199228C3C63B933197B25307943B9E8C50F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
Manifest number:          0146
Signing time:             Sun 07 Sep 2025 05:00:39 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:39 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:39 +0000
Files and hashes:         1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: k9wP3bCLcxnr6PdPCV/oUTXwIwgnDcYwgBBq+fpXRWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:3c:63:b9:33:19:7b:25:30:79:43:b9:e8:c5:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
        Validity
            Not Before: Sep  7 05:00:39 2025 GMT
            Not After : Sep  8 05:00:39 2025 GMT
        Subject: CN=6bcca00566530c7de142ed06dbd9514a3b88855f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:06:56:64:1c:2c:a7:22:a7:06:29:35:cc:bb:
                    71:10:a9:d2:c5:90:59:3a:6b:99:64:c6:60:80:80:
                    3f:0d:14:62:6b:94:5d:41:cb:6a:f3:67:3e:02:91:
                    79:0d:c3:24:20:ba:3f:91:1e:7d:67:10:14:82:8b:
                    3a:10:8e:3a:0d:2a:61:ba:a1:29:e2:5a:60:32:5d:
                    5a:ad:99:c5:a1:5e:fd:db:61:51:4f:b1:eb:0b:31:
                    26:cd:a3:84:a9:44:80:62:28:4a:71:73:c3:4e:dd:
                    0d:c8:d6:9e:59:e0:c9:b8:33:2c:46:cd:6c:0a:ea:
                    cc:88:67:86:ba:45:51:bc:75:4d:cd:1d:42:4e:fc:
                    df:48:29:cd:fc:97:8a:8e:eb:7f:06:34:02:77:e7:
                    a3:0c:cb:ea:85:1f:65:99:b4:41:e7:ce:2e:e2:bd:
                    aa:5a:f9:13:a3:0b:6f:7e:ed:62:09:91:9f:b8:10:
                    34:f7:6e:1a:5f:0f:bc:7a:cf:7d:92:5e:46:da:b2:
                    cb:f0:93:3c:72:a4:46:26:00:5d:7b:5a:28:13:c1:
                    5f:fb:2f:14:d5:2b:2b:7d:b7:1e:c7:ee:11:ae:c9:
                    47:3b:b9:d7:e3:bb:54:00:39:74:49:0b:bc:20:22:
                    4d:81:c6:59:70:d4:0b:a8:5a:62:43:9d:c5:3f:18:
                    cd:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:CC:A0:05:66:53:0C:7D:E1:42:ED:06:DB:D9:51:4A:3B:88:85:5F
            X509v3 Authority Key Identifier:
                keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:50:22:c7:ad:fa:b1:37:99:8a:3b:75:39:f9:a8:b7:4d:d8:
         92:f8:27:cc:ca:60:bb:08:b9:32:d3:f7:65:da:4a:b8:6b:07:
         87:2a:e6:71:25:66:64:ee:6f:f1:9c:dd:4e:d6:51:e9:7f:8b:
         fb:6c:55:c0:09:c9:73:2e:72:2a:22:26:68:71:1e:eb:71:64:
         a9:82:71:92:35:a0:6a:73:0f:b2:cf:bd:15:f8:3a:c2:d3:80:
         b8:99:3d:62:f0:76:4e:15:4b:4c:76:9c:df:43:0d:82:62:68:
         0c:ce:53:ba:ae:c8:ab:b5:92:1a:46:fd:f6:a3:36:76:17:2a:
         6c:cd:d3:75:5e:a8:14:ed:b7:07:92:62:51:13:6d:fe:fc:a0:
         df:e6:c6:d3:19:27:2e:e6:97:4a:7c:1c:43:17:96:4e:72:75:
         26:74:c0:ec:2c:b9:46:9e:e4:1b:b3:b9:92:3a:b5:83:ae:39:
         35:ba:f2:ac:02:b1:86:59:5b:64:f8:85:d7:c6:33:64:31:f1:
         40:c4:a6:61:d8:5b:1c:13:53:4f:8d:3c:62:20:05:9a:e3:8f:
         53:ee:31:2f:45:20:ce:df:55:b6:28:d5:57:f2:a1:7f:0a:b8:
         4f:ed:17:ee:56:d3:b6:bc:14:77:d8:1b:77:74:f1:e0:c1:62:
         00:19:0e:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijDxjuTMZeyUweUO56MUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl
NGMwNjEwHhcNMjUwOTA3MDUwMDM5WhcNMjUwOTA4MDUwMDM5WjAzMTEwLwYDVQQD
Eyg2YmNjYTAwNTY2NTMwYzdkZTE0MmVkMDZkYmQ5NTE0YTNiODg4NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAZWZBwspyKnBik1zLtxEKnSxZBZ
OmuZZMZggIA/DRRia5RdQctq82c+ApF5DcMkILo/kR59ZxAUgos6EI46DSphuqEp
4lpgMl1arZnFoV7922FRT7HrCzEmzaOEqUSAYihKcXPDTt0NyNaeWeDJuDMsRs1s
CurMiGeGukVRvHVNzR1CTvzfSCnN/JeKjut/BjQCd+ejDMvqhR9lmbRB584u4r2q
WvkTowtvfu1iCZGfuBA0924aXw+8es99kl5G2rLL8JM8cqRGJgBde1ooE8Ff+y8U
1Ssrfbcex+4RrslHO7nX47tUADl0SQu8ICJNgcZZcNQLqFpiQ53FPxjNLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvMoAVmUwx94ULtBtvZUUo7iIVfMB8GA1UdIwQY
MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt
NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2
LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXFAix636
sTeZijt1Ofmot03YkvgnzMpguwi5MtP3ZdpKuGsHhyrmcSVmZO5v8ZzdTtZR6X+L
+2xVwAnJcy5yKiImaHEe63FkqYJxkjWganMPss+9Ffg6wtOAuJk9YvB2ThVLTHac
30MNgmJoDM5Tuq7Iq7WSGkb99qM2dhcqbM3TdV6oFO23B5JiURNt/vyg3+bG0xkn
LuaXSnwcQxeWTnJ1JnTA7Cy5Rp7kG7O5kjq1g645NbryrAKxhllbZPiF18YzZDHx
QMSmYdhbHBNTT408YiAFmuOPU+4xL0Ugzt9VtijVV/Khfwq4T+0X7lbTtrwUd9gb
d3Tx4MFiABkOXA==
-----END CERTIFICATE-----