Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          6N4OX81SESOUBNlMj8rz7hu6RWDUWN592RgZGDCYKKk=
Subject key identifier:   3E:D4:8E:17:BE:AB:E5:6A:1E:61:0E:B8:44:19:94:E5:53:D1:B4:84
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       01975E6F4EE9ECD89BD31714D70C67A325B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          0133
Signing time:             Wed 11 Jun 2025 10:00:42 +0000
Manifest this update:     Wed 11 Jun 2025 10:00:42 +0000
Manifest next update:     Thu 12 Jun 2025 10:00:42 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: dyestHtdKTiR94sxnDFYOR/57uKmfaP0hl70HeM0ETk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 12 Jun 2025 08:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:5e:6f:4e:e9:ec:d8:9b:d3:17:14:d7:0c:67:a3:25:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: Jun 11 10:00:42 2025 GMT
            Not After : Jun 12 10:00:42 2025 GMT
        Subject: CN=3ed48e17beabe56a1e610eb8441994e553d1b484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:22:fd:71:d3:85:e9:85:4d:ac:fb:98:2d:01:
                    74:ed:12:e0:66:c2:c8:bd:41:bb:f2:d3:e2:56:0b:
                    38:71:b5:9a:f6:f3:50:f7:23:d5:22:a8:26:3a:da:
                    0c:b1:a5:b8:cf:e3:fd:ac:ab:61:f3:1e:36:44:63:
                    8a:26:b9:37:1f:bd:cd:ed:f7:78:ac:6d:1a:34:76:
                    b5:ed:e5:43:33:0d:29:8f:34:91:82:25:08:3f:6e:
                    c7:d2:07:1d:0e:e5:7d:aa:56:17:e5:a7:20:19:5e:
                    cf:2c:1f:c2:af:69:b2:65:90:1b:a5:71:eb:5c:90:
                    dd:a2:68:6b:57:3f:b6:97:77:5e:76:80:25:cb:68:
                    40:66:bd:cb:5c:2d:fe:3b:99:53:e2:0f:2d:ef:e7:
                    b9:b3:3a:27:8d:c6:df:a9:81:5f:93:5e:2f:9d:42:
                    fd:cb:8b:45:fd:3e:8d:52:2d:09:c9:32:6c:b7:87:
                    cd:00:ad:f1:68:c9:90:7e:3f:47:2b:01:d2:92:1a:
                    a2:1f:0e:65:2a:e1:ae:c6:42:73:9c:3b:d6:f7:bb:
                    13:76:65:48:b4:98:15:a0:11:6c:f4:68:c0:95:cc:
                    21:d5:58:d2:06:9f:14:cd:80:70:26:74:83:2e:ae:
                    72:75:1e:b0:a5:3c:41:51:06:34:46:4a:9c:19:52:
                    dc:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D4:8E:17:BE:AB:E5:6A:1E:61:0E:B8:44:19:94:E5:53:D1:B4:84
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:8b:64:54:1f:9e:49:cd:a1:0e:8c:dc:9e:23:51:e4:9e:a7:
         f8:b3:69:43:f5:48:39:c1:b8:09:01:9f:e2:1d:74:5d:8d:cd:
         49:d4:e1:fd:ec:51:fe:85:a2:95:71:fb:77:55:35:3c:74:cb:
         31:4c:6f:2e:d0:9e:84:71:94:34:ad:25:85:7f:af:05:8b:51:
         24:bd:85:06:68:b2:93:da:4f:27:9b:b6:e5:d5:46:c6:11:ad:
         44:c6:fd:78:66:71:8e:c9:73:f1:17:55:b0:f9:85:37:d4:d2:
         ce:0f:1f:60:d1:cb:f0:39:bd:65:6c:fd:78:1e:fd:f5:bc:d6:
         07:fa:dd:8a:bd:35:d0:42:01:43:fd:f3:d6:57:e2:fe:43:a6:
         53:d0:59:12:6b:4c:e9:0b:b2:e5:23:b5:05:a6:48:63:b7:46:
         d3:31:20:ec:2f:f6:6b:77:19:8c:3c:0f:0a:ab:40:cd:94:87:
         7a:d9:c6:bc:e4:d7:81:2c:41:ec:27:0f:01:5d:7a:89:c2:bd:
         94:d6:54:9f:90:7e:c2:f2:9f:7a:d1:d4:90:5c:9a:c0:3b:79:
         85:9d:f2:c9:9c:15:d9:10:9d:3a:14:4b:93:86:4a:6a:30:b0:
         29:ce:5f:0a:12:6e:4b:fb:d5:97:80:c3:1e:82:d2:57:5d:fa:
         14:f0:36:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdeb07p7Nib0xcU1wxnoyW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjUwNjExMTAwMDQyWhcNMjUwNjEyMTAwMDQyWjAzMTEwLwYDVQQD
EygzZWQ0OGUxN2JlYWJlNTZhMWU2MTBlYjg0NDE5OTRlNTUzZDFiNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiL9cdOF6YVNrPuYLQF07RLgZsLI
vUG78tPiVgs4cbWa9vNQ9yPVIqgmOtoMsaW4z+P9rKth8x42RGOKJrk3H73N7fd4
rG0aNHa17eVDMw0pjzSRgiUIP27H0gcdDuV9qlYX5acgGV7PLB/Cr2myZZAbpXHr
XJDdomhrVz+2l3dedoAly2hAZr3LXC3+O5lT4g8t7+e5szonjcbfqYFfk14vnUL9
y4tF/T6NUi0JyTJst4fNAK3xaMmQfj9HKwHSkhqiHw5lKuGuxkJznDvW97sTdmVI
tJgVoBFs9GjAlcwh1VjSBp8UzYBwJnSDLq5ydR6wpTxBUQY0RkqcGVLclQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7Ujhe+q+VqHmEOuEQZlOVT0bSEMB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPYtkVB+e
Sc2hDozcniNR5J6n+LNpQ/VIOcG4CQGf4h10XY3NSdTh/exR/oWilXH7d1U1PHTL
MUxvLtCehHGUNK0lhX+vBYtRJL2FBmiyk9pPJ5u25dVGxhGtRMb9eGZxjslz8RdV
sPmFN9TSzg8fYNHL8Dm9ZWz9eB799bzWB/rdir010EIBQ/3z1lfi/kOmU9BZEmtM
6Quy5SO1BaZIY7dG0zEg7C/2a3cZjDwPCqtAzZSHetnGvOTXgSxB7CcPAV16icK9
lNZUn5B+wvKfetHUkFyawDt5hZ3yyZwV2RCdOhRLk4ZKajCwKc5fChJuS/vVl4DD
HoLSV136FPA2xw==
-----END CERTIFICATE-----