Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          IsL1HDLwfYjQu4T7NU4gKDztfDIZeLbhafpN7AWzXxQ=
Subject key identifier:   28:98:01:82:87:CF:06:D7:44:E3:66:E8:60:F0:DB:5B:50:B3:EB:FB
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       019659B9434B19ADF9C78F7662A915C96061
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          AC
Signing time:             Mon 21 Apr 2025 19:00:35 +0000
Manifest this update:     Mon 21 Apr 2025 19:00:35 +0000
Manifest next update:     Tue 22 Apr 2025 19:00:35 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: 9GBAsDTp7ezAc4WB4gl1VwhkN8houc1bsuOIzDbciIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 13:46:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:59:b9:43:4b:19:ad:f9:c7:8f:76:62:a9:15:c9:60:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: Apr 21 19:00:35 2025 GMT
            Not After : Apr 22 19:00:35 2025 GMT
        Subject: CN=2898018287cf06d744e366e860f0db5b50b3ebfb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:98:d5:01:5e:f9:01:1b:5a:1a:ac:d9:6a:6a:
                    0e:c1:c7:2f:82:24:25:a0:56:c8:f1:61:64:ce:3c:
                    c5:49:7e:85:bc:ee:df:5e:d5:8f:6e:69:29:e3:65:
                    84:10:b6:3c:69:06:17:ff:15:d0:11:f2:00:b0:3d:
                    2d:2b:32:e5:04:08:b3:72:a2:fd:c7:60:af:b2:50:
                    da:92:c2:06:e1:60:3e:d0:24:ef:eb:b3:8e:be:29:
                    92:ba:db:6f:e7:13:72:29:57:18:9e:85:d1:0b:13:
                    3e:6c:fb:9a:3d:43:fa:45:aa:68:5b:32:95:f6:ea:
                    ff:e1:e4:11:3a:95:95:57:37:5d:77:c1:26:09:fe:
                    6d:55:7b:e0:d0:54:99:ed:c2:fa:9a:a8:5b:4c:f7:
                    75:76:1a:67:7c:7b:26:4d:00:2c:ac:ea:a2:cf:69:
                    f9:63:4e:aa:92:95:b5:fd:08:d2:51:3e:f7:76:c7:
                    29:d4:b9:19:a9:b7:73:6b:69:2c:19:84:69:b4:53:
                    1a:5d:02:9f:32:11:ff:d3:19:69:c4:e2:7b:59:35:
                    c7:9f:7f:e4:84:d0:32:31:99:45:36:0b:9c:45:ce:
                    35:77:cb:b1:f7:fe:14:26:2c:4d:fc:b4:a4:65:4b:
                    61:51:00:27:ae:55:3b:9d:76:e5:be:50:d5:06:dc:
                    c2:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:98:01:82:87:CF:06:D7:44:E3:66:E8:60:F0:DB:5B:50:B3:EB:FB
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:6c:f0:d4:90:71:98:34:7e:4a:5f:0e:2f:0b:82:c7:4a:cc:
         1c:97:c9:59:f9:63:93:b3:4b:55:12:19:77:1b:14:8d:c6:96:
         41:a2:a1:18:2d:04:6a:80:da:88:f0:37:bf:cf:8a:a9:c7:5a:
         a7:5f:df:5b:d1:da:d3:10:ba:3e:d8:e9:16:b1:4e:72:20:2d:
         35:46:d4:19:94:24:ea:84:00:66:76:0b:d9:c0:20:17:14:cc:
         5a:49:a8:cd:e7:81:5b:8c:82:c8:0d:25:dd:20:80:13:7b:96:
         e0:9b:11:04:d6:3f:75:dd:1d:e7:ac:3b:dd:25:a5:c7:9e:f5:
         47:76:66:8c:cb:6b:0d:63:45:f0:6f:41:ac:70:7a:5c:2c:b9:
         0f:53:c8:a2:9b:30:62:60:52:f1:22:8d:6b:85:0b:86:06:6e:
         a6:e3:40:e2:18:d8:7f:d7:22:56:06:8a:ba:67:44:5a:8d:87:
         62:0a:06:86:ac:19:e3:da:f6:0d:0d:b5:d3:e2:f3:4a:21:4b:
         21:e9:63:40:c6:cd:0f:e3:02:6b:b9:9a:38:ce:e4:1d:d9:7e:
         0b:6d:b0:c5:bd:78:dc:df:2c:ed:7d:cd:ef:cf:5e:ec:f7:a9:
         91:64:a6:73:71:cb:0b:5c:97:2e:5a:e6:bc:47:01:5b:8a:e2:
         45:84:da:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZZuUNLGa35x492YqkVyWBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjUwNDIxMTkwMDM1WhcNMjUwNDIyMTkwMDM1WjAzMTEwLwYDVQQD
EygyODk4MDE4Mjg3Y2YwNmQ3NDRlMzY2ZTg2MGYwZGI1YjUwYjNlYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55jVAV75ARtaGqzZamoOwccvgiQl
oFbI8WFkzjzFSX6FvO7fXtWPbmkp42WEELY8aQYX/xXQEfIAsD0tKzLlBAizcqL9
x2CvslDaksIG4WA+0CTv67OOvimSuttv5xNyKVcYnoXRCxM+bPuaPUP6RapoWzKV
9ur/4eQROpWVVzddd8EmCf5tVXvg0FSZ7cL6mqhbTPd1dhpnfHsmTQAsrOqiz2n5
Y06qkpW1/QjSUT73dscp1LkZqbdza2ksGYRptFMaXQKfMhH/0xlpxOJ7WTXHn3/k
hNAyMZlFNgucRc41d8ux9/4UJixN/LSkZUthUQAnrlU7nXblvlDVBtzCawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiYAYKHzwbXRONm6GDw21tQs+v7MB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB2zw1JBx
mDR+Sl8OLwuCx0rMHJfJWfljk7NLVRIZdxsUjcaWQaKhGC0EaoDaiPA3v8+Kqcda
p1/fW9Ha0xC6PtjpFrFOciAtNUbUGZQk6oQAZnYL2cAgFxTMWkmozeeBW4yCyA0l
3SCAE3uW4JsRBNY/dd0d56w73SWlx571R3ZmjMtrDWNF8G9BrHB6XCy5D1PIopsw
YmBS8SKNa4ULhgZupuNA4hjYf9ciVgaKumdEWo2HYgoGhqwZ49r2DQ210+LzSiFL
IeljQMbND+MCa7maOM7kHdl+C22wxb143N8s7X3N789e7PepkWSmc3HLC1yXLlrm
vEcBW4riRYTa7w==
-----END CERTIFICATE-----