Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
File:                     KMaADXS8QQW0DnfqCFugJtvuw18.mft (raw, json)
Hash identifier:          Njew1k34HrhGmUEVGoKNN7lkkYIlnq8kfzIM6T0S5Cs=
Subject key identifier:   96:73:2E:5C:9A:C5:E8:19:27:84:B6:CE:AF:A2:F6:DA:06:07:8B:20
Authority key identifier: 28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F
Certificate issuer:       /CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
Certificate serial:       019753105D5E4B8BBBCCCE284D6B3BC80C96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
Manifest number:          0FBF
Signing time:             Mon 09 Jun 2025 05:01:10 +0000
Manifest this update:     Mon 09 Jun 2025 05:01:10 +0000
Manifest next update:     Tue 10 Jun 2025 05:01:10 +0000
Files and hashes:         1: KMaADXS8QQW0DnfqCFugJtvuw18.crl (hash: 4s9mdFCHVli9XRvt6JTpPxOfcPQqp/wyJcap7dRu4C0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:10:5d:5e:4b:8b:bb:cc:ce:28:4d:6b:3b:c8:0c:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
        Validity
            Not Before: Jun  9 05:01:10 2025 GMT
            Not After : Jun 10 05:01:10 2025 GMT
        Subject: CN=96732e5c9ac5e8192784b6ceafa2f6da06078b20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:fc:a4:34:ce:e5:8d:5b:2d:96:a6:b2:82:55:
                    d2:38:f5:57:6d:f2:ab:2d:3d:4b:62:b3:af:38:c1:
                    93:eb:57:ef:48:aa:9e:4c:b6:1f:de:8a:46:e6:f3:
                    6a:5c:14:95:ac:a1:d0:d8:22:d2:d9:80:7f:19:50:
                    66:c8:be:8a:0f:fb:6e:6f:4e:99:46:8a:e7:dc:8d:
                    fe:77:d0:29:6a:df:6d:eb:7f:c6:15:09:18:ee:be:
                    b4:2c:56:34:4c:da:ef:4e:70:28:3f:82:d8:4c:b1:
                    39:b9:cb:01:76:f0:0f:3c:17:2e:4b:45:5d:f4:72:
                    98:6c:1a:4f:92:e3:3b:70:f8:8d:14:e8:ef:71:f4:
                    09:c7:48:8a:da:18:d6:a9:87:51:b2:79:ae:42:c1:
                    83:a4:22:e6:a0:80:01:de:08:ff:98:51:46:39:54:
                    b8:0c:1f:92:19:e9:4d:f1:7f:3e:fc:6c:d0:68:e5:
                    81:06:9a:47:12:2c:e3:c7:dd:e8:19:ba:4b:aa:36:
                    14:eb:07:3d:54:d4:2a:a6:a0:f6:35:10:73:44:56:
                    4f:c2:64:b6:3a:04:66:b8:2a:1a:0f:76:25:47:89:
                    da:29:5e:2b:2d:13:61:99:14:ce:8b:1b:41:da:a2:
                    1c:3f:dc:e2:40:de:89:ae:81:d7:cb:ca:26:9e:7a:
                    09:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:73:2E:5C:9A:C5:E8:19:27:84:B6:CE:AF:A2:F6:DA:06:07:8B:20
            X509v3 Authority Key Identifier:
                keyid:28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:41:67:7e:cf:8a:53:74:86:7a:93:8c:a7:ca:5c:3d:31:af:
         3f:97:9a:1a:51:f1:00:4b:b2:c5:39:10:4f:c6:e1:b6:a5:16:
         46:94:fa:b7:08:ca:2e:68:50:29:99:25:64:21:8b:da:79:60:
         76:6a:e4:25:95:c6:0b:9b:c5:88:a1:13:7f:23:98:32:1d:e5:
         04:ff:1d:b7:34:6e:34:f6:7e:0d:f0:c9:92:97:4c:f7:f7:dd:
         32:57:c9:1a:0d:07:bb:69:c6:88:e5:cf:b5:16:8c:3b:fe:1e:
         6b:12:22:75:2b:39:74:19:70:a1:52:98:04:e8:17:e5:46:dd:
         50:9d:e2:2b:f8:7b:f3:2f:c4:18:82:ab:31:a3:f2:ac:00:85:
         93:fa:31:6e:cf:88:c4:5e:0a:f6:f4:65:5d:7b:68:09:c6:6d:
         fa:4e:94:57:a7:e6:b7:ab:3f:70:58:4a:05:2d:fe:83:c5:f2:
         c4:48:7a:e1:ed:e8:72:18:86:f0:ef:fc:da:4e:7d:64:a2:e7:
         df:3f:35:97:7f:b4:6f:f9:c7:80:b9:89:7e:9d:91:33:f6:71:
         6d:6c:47:23:1d:08:ab:a7:e9:13:fc:82:ee:f6:ca:68:e7:0c:
         a7:a1:fa:fb:b8:5c:e9:9d:49:46:c3:1d:0f:08:33:96:ef:3d:
         f0:e8:09:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTEF1eS4u7zM4oTWs7yAyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzY4MDBkNzRiYzQxMDViNDBlNzdlYTA4NWJhMDI2ZGJl
ZWMzNWYwHhcNMjUwNjA5MDUwMTEwWhcNMjUwNjEwMDUwMTEwWjAzMTEwLwYDVQQD
Eyg5NjczMmU1YzlhYzVlODE5Mjc4NGI2Y2VhZmEyZjZkYTA2MDc4YjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/ykNM7ljVstlqayglXSOPVXbfKr
LT1LYrOvOMGT61fvSKqeTLYf3opG5vNqXBSVrKHQ2CLS2YB/GVBmyL6KD/tub06Z
Rorn3I3+d9Apat9t63/GFQkY7r60LFY0TNrvTnAoP4LYTLE5ucsBdvAPPBcuS0Vd
9HKYbBpPkuM7cPiNFOjvcfQJx0iK2hjWqYdRsnmuQsGDpCLmoIAB3gj/mFFGOVS4
DB+SGelN8X8+/GzQaOWBBppHEizjx93oGbpLqjYU6wc9VNQqpqD2NRBzRFZPwmS2
OgRmuCoaD3YlR4naKV4rLRNhmRTOixtB2qIcP9ziQN6JroHXy8omnnoJLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZzLlyaxegZJ4S2zq+i9toGB4sgMB8GA1UdIwQY
MBaAFCjGgA10vEEFtA536ghboCbb7sNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTIt
NDkzOWJiZmRmYjg2LzEvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTItNDkzOWJiZmRmYjg2
LzEvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWkFnfs+K
U3SGepOMp8pcPTGvP5eaGlHxAEuyxTkQT8bhtqUWRpT6twjKLmhQKZklZCGL2nlg
dmrkJZXGC5vFiKETfyOYMh3lBP8dtzRuNPZ+DfDJkpdM9/fdMlfJGg0Hu2nGiOXP
tRaMO/4eaxIidSs5dBlwoVKYBOgX5UbdUJ3iK/h78y/EGIKrMaPyrACFk/oxbs+I
xF4K9vRlXXtoCcZt+k6UV6fmt6s/cFhKBS3+g8XyxEh64e3ochiG8O/82k59ZKLn
3z81l3+0b/nHgLmJfp2RM/ZxbWxHIx0Iq6fpE/yC7vbKaOcMp6H6+7hc6Z1JRsMd
Dwgzlu898OgJmA==
-----END CERTIFICATE-----