Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
File:                     KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json)
Hash identifier:          EsZ6zldgVS1+d9AiXnJUzpv8C+n8AlXPlA5pSDMKs64=
Subject key identifier:   6D:16:A8:04:D6:5D:BB:E0:87:BD:DE:7B:AB:88:E3:92:91:1A:7B:2D
Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61
Certificate issuer:       /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
Certificate serial:       0197530F9492C7497A764D58C8F0D09AAC21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
Manifest number:          56
Signing time:             Mon 09 Jun 2025 05:00:19 +0000
Manifest this update:     Mon 09 Jun 2025 05:00:19 +0000
Manifest next update:     Tue 10 Jun 2025 05:00:19 +0000
Files and hashes:         1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: CHYFUayqZkUCDz5rVROJSQ+20fJ5EIQULfOIbI5G/J4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:0f:94:92:c7:49:7a:76:4d:58:c8:f0:d0:9a:ac:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
        Validity
            Not Before: Jun  9 05:00:19 2025 GMT
            Not After : Jun 10 05:00:19 2025 GMT
        Subject: CN=6d16a804d65dbbe087bdde7bab88e392911a7b2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:27:5d:00:85:32:07:6c:a6:61:25:ca:99:b7:
                    6c:15:56:bc:66:fa:eb:6c:6b:b3:ac:a5:49:6f:aa:
                    f2:d2:ae:5f:2e:4e:4e:13:30:ae:fd:16:28:a2:34:
                    b7:a8:74:5b:88:81:51:b5:ae:40:04:ef:af:97:35:
                    16:33:64:31:b8:e2:d0:70:dc:29:82:a8:83:43:ef:
                    91:f7:51:a4:a5:29:5b:40:10:0b:c0:0c:18:a7:d3:
                    2c:9c:69:e3:5e:89:5d:f2:72:06:68:a0:ca:0e:4a:
                    32:c0:24:a6:1f:8f:a8:0d:4e:ae:26:49:f9:4c:66:
                    a3:28:10:a7:c7:ce:6d:79:9f:90:e4:64:72:26:29:
                    15:60:9e:29:31:f1:be:4c:88:bf:60:4d:7f:2e:f3:
                    23:73:68:de:3a:f6:89:70:d5:f9:de:54:0b:e7:ea:
                    ab:b8:03:d9:6b:68:22:d9:11:3e:9f:1e:1b:69:77:
                    d5:a8:c9:90:38:43:19:75:e2:0b:d3:4d:c6:9f:cf:
                    c9:e1:33:e2:8b:fc:be:75:f1:fc:03:0e:8a:3a:2b:
                    14:3d:82:72:2e:08:b2:5f:39:88:65:5d:bd:b8:9e:
                    98:d4:e5:b9:78:96:7f:86:89:2d:a4:95:68:d3:e8:
                    73:b8:80:15:a0:8a:fa:0c:3e:41:c3:48:ec:e7:ac:
                    35:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:16:A8:04:D6:5D:BB:E0:87:BD:DE:7B:AB:88:E3:92:91:1A:7B:2D
            X509v3 Authority Key Identifier:
                keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:27:22:6a:c8:13:e9:01:0a:68:01:9c:22:b9:14:5c:d1:17:
         3f:f4:63:21:83:34:c8:25:e4:bc:9b:9d:fc:e3:fc:b6:22:95:
         d9:59:fa:ed:51:d5:40:b9:6b:2b:57:ee:c4:c7:aa:b7:88:03:
         77:5e:68:fc:71:83:42:8d:6d:a8:39:e8:19:ce:af:56:b8:b2:
         35:c6:2d:be:48:94:55:54:33:35:81:2e:94:5f:2d:97:7c:59:
         3b:81:8d:74:14:a3:ce:36:6c:d2:97:37:85:9d:a1:1b:e1:9c:
         0c:98:dd:95:f6:78:82:93:9b:41:37:fe:f4:08:20:61:5b:f0:
         68:6a:08:0f:ac:ce:a6:73:79:75:e2:91:1f:20:d9:4c:ba:c5:
         76:ea:c2:f5:82:e6:13:cb:08:c7:87:31:2f:e1:50:82:7e:c1:
         03:3b:d5:21:e4:19:3b:b6:f1:45:c5:e1:90:6f:c9:b6:f1:e5:
         33:dc:31:dd:a2:2d:37:cb:c2:7a:f3:60:fe:f7:8f:d9:49:66:
         ab:35:55:25:c1:a1:dd:05:f6:cf:3b:a6:4c:b4:ba:b5:aa:9b:
         b5:cd:ac:cc:52:c0:24:d4:a6:1a:e4:c9:ad:46:eb:82:39:54:
         da:77:cb:48:cd:1d:00:df:25:9d:57:0b:fb:0a:6a:91:9b:d8:
         8a:e6:fe:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTD5SSx0l6dk1YyPDQmqwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl
NGMwNjEwHhcNMjUwNjA5MDUwMDE5WhcNMjUwNjEwMDUwMDE5WjAzMTEwLwYDVQQD
Eyg2ZDE2YTgwNGQ2NWRiYmUwODdiZGRlN2JhYjg4ZTM5MjkxMWE3YjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyddAIUyB2ymYSXKmbdsFVa8Zvrr
bGuzrKVJb6ry0q5fLk5OEzCu/RYoojS3qHRbiIFRta5ABO+vlzUWM2QxuOLQcNwp
gqiDQ++R91GkpSlbQBALwAwYp9MsnGnjXold8nIGaKDKDkoywCSmH4+oDU6uJkn5
TGajKBCnx85teZ+Q5GRyJikVYJ4pMfG+TIi/YE1/LvMjc2jeOvaJcNX53lQL5+qr
uAPZa2gi2RE+nx4baXfVqMmQOEMZdeIL003Gn8/J4TPii/y+dfH8Aw6KOisUPYJy
LgiyXzmIZV29uJ6Y1OW5eJZ/hoktpJVo0+hzuIAVoIr6DD5Bw0js56w1iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0WqATWXbvgh73ee6uI45KRGnstMB8GA1UdIwQY
MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt
NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2
LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHSciasgT
6QEKaAGcIrkUXNEXP/RjIYM0yCXkvJud/OP8tiKV2Vn67VHVQLlrK1fuxMeqt4gD
d15o/HGDQo1tqDnoGc6vVriyNcYtvkiUVVQzNYEulF8tl3xZO4GNdBSjzjZs0pc3
hZ2hG+GcDJjdlfZ4gpObQTf+9AggYVvwaGoID6zOpnN5deKRHyDZTLrFdurC9YLm
E8sIx4cxL+FQgn7BAzvVIeQZO7bxRcXhkG/JtvHlM9wx3aItN8vCevNg/veP2Ulm
qzVVJcGh3QX2zzumTLS6taqbtc2szFLAJNSmGuTJrUbrgjlU2nfLSM0dAN8lnVcL
+wpqkZvYiub+eg==
-----END CERTIFICATE-----