Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          qmSciZoKNffDA9i8aBw8rVvlwitCrj7dOBGsYKEfR84=
Subject key identifier:   D3:24:90:9B:EE:26:A8:B6:DF:FC:28:D4:DB:06:33:93:2D:1B:7F:B0
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       0199221F01800310F5D286937139F0619E3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          0280
Signing time:             Sun 07 Sep 2025 03:01:21 +0000
Manifest this update:     Sun 07 Sep 2025 03:01:21 +0000
Manifest next update:     Mon 08 Sep 2025 03:01:21 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: F7nymJ2NTD6wUrAlyErK2qsKlzqlBeJqJNFl2NcPw6M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1f:01:80:03:10:f5:d2:86:93:71:39:f0:61:9e:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Sep  7 03:01:21 2025 GMT
            Not After : Sep  8 03:01:21 2025 GMT
        Subject: CN=d324909bee26a8b6dffc28d4db0633932d1b7fb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e3:bf:69:41:9c:6e:b5:da:e9:0e:21:b3:26:
                    cf:94:fd:ad:a6:73:07:4a:a9:f4:60:28:4e:f7:cb:
                    af:e7:e2:53:85:58:e5:1a:44:de:b8:68:98:08:9c:
                    75:8a:cb:a6:cb:61:eb:b3:90:23:10:70:4f:d0:80:
                    ac:05:7c:c3:d1:f2:db:24:69:31:86:28:aa:05:60:
                    ba:d6:bb:82:90:5b:b0:25:c3:78:4f:00:8d:1c:fa:
                    ad:8c:8c:d6:b1:5e:3c:4f:cb:ec:54:ad:72:7b:5e:
                    22:96:30:cc:70:a7:77:56:a2:34:2a:92:f7:56:b9:
                    9c:cb:24:e6:99:14:ec:5b:b8:7b:95:98:9e:01:e4:
                    9d:0d:09:33:2c:1e:cd:35:02:61:f0:d6:2c:06:f6:
                    ba:71:ff:c6:55:70:7b:07:dd:66:26:98:bd:1e:17:
                    0c:d9:79:06:86:31:36:aa:e2:bf:d8:53:86:40:b6:
                    35:65:4c:78:f8:bc:8e:2c:b8:53:ea:03:66:b2:5d:
                    6d:93:37:a3:9d:99:85:e7:e9:85:ca:a4:98:e8:85:
                    49:0a:a9:9e:be:e1:06:50:12:d9:a6:05:39:7d:0b:
                    2b:d1:9b:30:6a:56:f0:3f:8b:41:89:29:e5:c2:af:
                    0b:d6:a6:bc:25:31:3d:1f:dc:47:8c:58:5b:21:ef:
                    8b:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:24:90:9B:EE:26:A8:B6:DF:FC:28:D4:DB:06:33:93:2D:1B:7F:B0
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:63:f6:80:65:fc:cd:58:a7:af:07:5e:29:94:73:b8:c7:84:
         c1:03:18:b6:68:dd:88:b8:96:ff:3a:e6:66:35:c0:da:54:f2:
         16:27:15:e3:e2:c1:b0:41:a3:4f:af:c4:1c:1a:4d:96:ec:a6:
         30:c6:51:b1:9f:21:8e:eb:76:40:d9:33:10:92:63:cf:79:67:
         58:60:ac:a9:82:03:1d:0c:6a:7b:0a:07:ee:91:e7:06:54:16:
         61:23:b4:ac:4b:82:7b:c7:d4:80:77:67:f8:00:ff:98:43:12:
         c6:b1:4e:e3:5e:cc:7b:42:6e:4c:4b:0e:06:cf:31:8d:e7:0f:
         6c:c4:95:87:d0:57:32:10:60:45:f4:cf:d0:70:25:12:14:6b:
         80:0c:43:8d:c0:65:12:ad:4a:87:80:1e:50:a2:25:ac:b3:e5:
         b0:a6:2f:90:c7:b4:67:03:03:70:9a:ab:be:13:9b:29:69:ba:
         44:54:12:d8:1c:49:6b:cf:1b:df:06:74:72:51:6b:8d:77:16:
         3c:be:a9:70:b3:1b:77:f0:02:3f:ec:40:5b:b8:72:53:65:51:
         02:ee:f8:50:1b:fc:54:55:e7:77:73:32:5e:e6:38:6a:e9:35:
         75:6f:2c:44:92:de:ea:5e:74:c4:51:1b:a6:60:40:61:64:93:
         c4:e2:4c:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHwGAAxD10oaTcTnwYZ46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjUwOTA3MDMwMTIxWhcNMjUwOTA4MDMwMTIxWjAzMTEwLwYDVQQD
EyhkMzI0OTA5YmVlMjZhOGI2ZGZmYzI4ZDRkYjA2MzM5MzJkMWI3ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOO/aUGcbrXa6Q4hsybPlP2tpnMH
Sqn0YChO98uv5+JThVjlGkTeuGiYCJx1isumy2Hrs5AjEHBP0ICsBXzD0fLbJGkx
hiiqBWC61ruCkFuwJcN4TwCNHPqtjIzWsV48T8vsVK1ye14iljDMcKd3VqI0KpL3
VrmcyyTmmRTsW7h7lZieAeSdDQkzLB7NNQJh8NYsBva6cf/GVXB7B91mJpi9HhcM
2XkGhjE2quK/2FOGQLY1ZUx4+LyOLLhT6gNmsl1tkzejnZmF5+mFyqSY6IVJCqme
vuEGUBLZpgU5fQsr0ZswalbwP4tBiSnlwq8L1qa8JTE9H9xHjFhbIe+LnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMkkJvuJqi23/wo1NsGM5MtG3+wMB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbmP2gGX8
zVinrwdeKZRzuMeEwQMYtmjdiLiW/zrmZjXA2lTyFicV4+LBsEGjT6/EHBpNluym
MMZRsZ8hjut2QNkzEJJjz3lnWGCsqYIDHQxqewoH7pHnBlQWYSO0rEuCe8fUgHdn
+AD/mEMSxrFO417Me0JuTEsOBs8xjecPbMSVh9BXMhBgRfTP0HAlEhRrgAxDjcBl
Eq1Kh4AeUKIlrLPlsKYvkMe0ZwMDcJqrvhObKWm6RFQS2BxJa88b3wZ0clFrjXcW
PL6pcLMbd/ACP+xAW7hyU2VRAu74UBv8VFXnd3MyXuY4auk1dW8sRJLe6l50xFEb
pmBAYWSTxOJMSw==
-----END CERTIFICATE-----