Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          yGrYzrMZgBv3LIZj1m5OEX127bXf6uUDwWKBM2wPpMM=
Subject key identifier:   E1:23:45:7B:7B:12:92:28:34:C7:81:AA:86:35:55:85:A8:41:BF:32
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       0195797E32710748D1468445E4522DEFCB09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          9B
Signing time:             Sun 09 Mar 2025 06:01:08 +0000
Manifest this update:     Sun 09 Mar 2025 06:01:08 +0000
Manifest next update:     Mon 10 Mar 2025 06:01:08 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: CpLTpTRlqqJysVrEuHQFsKab3h0XKMkMG4OGGJZ31AQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 10 Mar 2025 06:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:79:7e:32:71:07:48:d1:46:84:45:e4:52:2d:ef:cb:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Mar  9 06:01:08 2025 GMT
            Not After : Mar 10 06:01:08 2025 GMT
        Subject: CN=e123457b7b12922834c781aa86355585a841bf32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:e8:03:81:c4:4d:be:f6:c9:88:98:ee:dd:15:
                    9b:df:da:ea:b7:01:05:4a:28:96:d1:e4:b8:27:03:
                    b6:d5:ba:64:e9:e2:04:1b:f5:98:60:48:e1:9c:76:
                    fd:04:38:fa:90:5b:22:2f:79:41:d0:ca:52:59:99:
                    00:e8:9f:ad:dc:c4:4e:05:7b:c9:a0:72:cf:9d:f6:
                    36:92:5e:6a:d0:bb:50:31:8f:d1:be:b1:56:a8:56:
                    1d:9b:c5:ae:a7:e0:eb:49:31:5a:a7:1d:fd:d8:c5:
                    cb:25:3f:4b:69:0b:05:4f:b9:b8:52:3b:48:67:6b:
                    8e:ac:d6:e9:44:5a:37:73:e9:24:0e:6e:82:31:8f:
                    09:84:c7:df:2a:a5:d3:e6:ba:5d:ab:00:94:d7:dc:
                    10:13:6c:a3:db:f1:3c:06:63:d4:03:58:cf:87:08:
                    da:62:4e:0a:50:83:c5:b2:6c:28:18:de:67:a4:6a:
                    b4:5f:65:04:4f:d5:15:d7:14:b5:f3:d3:97:a7:2d:
                    f1:f6:52:57:d7:61:db:bc:d9:95:1a:30:f9:da:5e:
                    a7:ee:1e:47:4b:6b:f4:03:aa:f3:93:2a:5b:56:c3:
                    40:32:7c:82:7e:11:ed:59:ad:5f:0f:49:60:a8:f8:
                    8f:d1:8d:f4:7c:b9:f2:cb:99:3d:9f:67:43:c3:8c:
                    a3:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:23:45:7B:7B:12:92:28:34:C7:81:AA:86:35:55:85:A8:41:BF:32
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:8a:11:43:a3:c4:36:b6:dd:57:3d:f7:0f:2e:40:10:bb:83:
         7f:ff:e8:5e:08:b7:0a:8e:63:5a:b5:1f:b4:e4:f2:c4:88:65:
         29:e9:71:0a:93:46:83:1c:9c:94:d3:3f:97:f9:bd:b3:4a:d4:
         0c:84:00:c1:f6:45:a2:9e:21:3c:1f:ff:da:2b:bb:00:18:97:
         26:3f:16:48:ef:1d:44:95:72:70:5e:33:c2:ff:ef:8c:77:90:
         63:d2:78:e8:7c:1c:8e:9c:50:49:fc:bf:3e:e0:63:0e:0a:cf:
         b1:0c:02:61:92:33:83:b9:17:78:7e:5d:7e:5a:09:55:a1:f0:
         63:8a:83:69:af:ce:5c:d4:05:8f:a0:fd:bc:ba:a7:a9:67:08:
         b1:14:c0:b4:5a:9b:5e:d3:e4:dd:27:89:00:f4:29:15:0e:df:
         24:52:25:60:b9:53:67:52:0e:0c:95:d4:1d:ab:ff:23:e3:b4:
         a3:80:b7:62:43:71:88:13:b3:61:a3:78:b7:1c:35:81:47:b0:
         42:7a:22:3a:20:60:d2:84:da:1c:23:38:b1:19:fe:f6:cf:12:
         1b:c8:85:00:ea:bb:ca:e6:1a:85:cc:93:43:d1:a1:79:25:09:
         d3:30:f6:32:b8:f2:7a:84:e8:64:09:56:bd:7e:0f:5b:eb:ba:
         81:67:23:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZV5fjJxB0jRRoRF5FIt78sJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjUwMzA5MDYwMTA4WhcNMjUwMzEwMDYwMTA4WjAzMTEwLwYDVQQD
EyhlMTIzNDU3YjdiMTI5MjI4MzRjNzgxYWE4NjM1NTU4NWE4NDFiZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAregDgcRNvvbJiJju3RWb39rqtwEF
SiiW0eS4JwO21bpk6eIEG/WYYEjhnHb9BDj6kFsiL3lB0MpSWZkA6J+t3MROBXvJ
oHLPnfY2kl5q0LtQMY/RvrFWqFYdm8Wup+DrSTFapx392MXLJT9LaQsFT7m4UjtI
Z2uOrNbpRFo3c+kkDm6CMY8JhMffKqXT5rpdqwCU19wQE2yj2/E8BmPUA1jPhwja
Yk4KUIPFsmwoGN5npGq0X2UET9UV1xS189OXpy3x9lJX12HbvNmVGjD52l6n7h5H
S2v0A6rzkypbVsNAMnyCfhHtWa1fD0lgqPiP0Y30fLnyy5k9n2dDw4yjLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOEjRXt7EpIoNMeBqoY1VYWoQb8yMB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALYoRQ6PE
NrbdVz33Dy5AELuDf//oXgi3Co5jWrUftOTyxIhlKelxCpNGgxyclNM/l/m9s0rU
DIQAwfZFop4hPB//2iu7ABiXJj8WSO8dRJVycF4zwv/vjHeQY9J46HwcjpxQSfy/
PuBjDgrPsQwCYZIzg7kXeH5dfloJVaHwY4qDaa/OXNQFj6D9vLqnqWcIsRTAtFqb
XtPk3SeJAPQpFQ7fJFIlYLlTZ1IODJXUHav/I+O0o4C3YkNxiBOzYaN4txw1gUew
QnoiOiBg0oTaHCM4sRn+9s8SG8iFAOq7yuYahcyTQ9GheSUJ0zD2MrjyeoToZAlW
vX4PW+u6gWcjXA==
-----END CERTIFICATE-----