Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          MfCSt2AFCeBe/5AcfZebhZxZIMoA863KcJowi0nnnPw=
Subject key identifier:   3C:8B:44:BB:3A:93:50:73:DD:43:D6:C6:63:57:F5:8E:34:EB:99:FE
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       01992255A30C7F203965763CA3A4EC4C62EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          021D
Signing time:             Sun 07 Sep 2025 04:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 04:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 04:01:01 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: Ec0iib3dhmycbmzUjXAwoTD7L2x8n5mMTcJby2McEtY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:a3:0c:7f:20:39:65:76:3c:a3:a4:ec:4c:62:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: Sep  7 04:01:01 2025 GMT
            Not After : Sep  8 04:01:01 2025 GMT
        Subject: CN=3c8b44bb3a935073dd43d6c66357f58e34eb99fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:83:06:f1:db:d3:91:db:b9:21:8d:c0:7d:6b:
                    06:08:ab:f1:92:8c:0f:e7:15:77:8a:8f:4f:90:d6:
                    c6:90:3c:25:1c:ce:c9:a5:b7:dc:43:b5:0c:98:e4:
                    45:7b:79:9d:8e:66:ec:e3:4d:c4:29:e8:91:04:9f:
                    61:55:9b:67:a4:59:cf:ca:f0:0c:78:bf:b0:ab:ad:
                    5c:78:c4:30:f6:97:ad:e1:aa:ae:4e:97:7d:dd:f8:
                    8b:64:d0:81:76:60:a0:dd:13:c3:00:ca:96:d7:0b:
                    90:78:a6:b5:20:db:5e:d9:c0:4e:21:f9:c8:4f:39:
                    e1:25:af:96:6d:9b:dc:d1:a1:4e:65:a4:75:01:ea:
                    2d:35:a6:24:be:bc:64:22:f2:e4:5c:78:28:01:e3:
                    14:45:ad:bf:59:33:b2:9d:a0:90:55:b1:6c:85:8c:
                    89:66:41:0c:8b:a7:44:dc:b3:cb:7f:7d:0d:70:e5:
                    ff:09:d9:d6:2e:17:38:a5:2e:ab:22:d9:ee:1e:eb:
                    8d:21:0e:3d:63:be:f3:d9:cb:bb:90:da:5d:86:42:
                    8a:94:02:07:93:bf:0b:04:22:90:dd:39:fb:3f:07:
                    c9:41:31:bd:c9:9f:d1:6e:ad:04:c5:a9:21:de:5c:
                    c1:b2:ca:3c:49:6d:4c:1b:eb:00:84:b8:69:1a:9a:
                    6d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:8B:44:BB:3A:93:50:73:DD:43:D6:C6:63:57:F5:8E:34:EB:99:FE
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:ec:31:af:fc:2b:06:c9:06:eb:f4:4c:b9:1e:ed:21:17:41:
         47:b2:c8:83:7c:a6:97:8b:6d:8b:13:3d:42:ab:55:96:87:44:
         7e:85:f1:50:4c:d4:c6:4e:9a:fb:be:4c:c4:c3:6e:9f:04:92:
         3b:4f:c0:bc:36:10:aa:32:49:39:8a:38:60:0a:31:59:85:85:
         c5:1a:d1:59:e5:11:2a:17:68:cc:9b:da:f0:f3:66:d3:64:fd:
         cc:f4:de:06:5d:18:9c:58:a4:44:0c:7c:31:55:4f:8d:af:9a:
         4e:b9:ae:ba:3d:00:9e:45:67:f3:c4:fd:c0:db:93:46:85:d0:
         0b:b2:5a:e3:37:0d:06:f2:8f:71:a4:86:94:00:90:b6:1a:5a:
         2d:99:f5:f2:3f:11:f8:e5:9b:3b:b3:d9:05:a3:46:53:4d:92:
         a7:f7:ec:f8:b5:17:81:94:be:04:e9:b2:5b:d9:c4:a3:94:fe:
         2b:57:a0:b5:64:6c:26:70:2c:85:8b:1d:ce:49:f6:78:85:97:
         86:42:19:d8:ff:5c:9d:92:3e:b8:88:a9:6f:78:34:62:40:18:
         dd:e4:38:61:4f:8d:1d:56:8e:a3:23:64:a3:1f:18:c7:ae:ce:
         32:1c:fb:bd:ff:5c:2e:df:58:10:5a:0d:70:da:8b:56:5f:d0:
         80:69:85:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVaMMfyA5ZXY8o6TsTGLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjUwOTA3MDQwMTAxWhcNMjUwOTA4MDQwMTAxWjAzMTEwLwYDVQQD
EygzYzhiNDRiYjNhOTM1MDczZGQ0M2Q2YzY2MzU3ZjU4ZTM0ZWI5OWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoMG8dvTkdu5IY3AfWsGCKvxkowP
5xV3io9PkNbGkDwlHM7JpbfcQ7UMmORFe3mdjmbs403EKeiRBJ9hVZtnpFnPyvAM
eL+wq61ceMQw9pet4aquTpd93fiLZNCBdmCg3RPDAMqW1wuQeKa1INte2cBOIfnI
TznhJa+WbZvc0aFOZaR1AeotNaYkvrxkIvLkXHgoAeMURa2/WTOynaCQVbFshYyJ
ZkEMi6dE3LPLf30NcOX/CdnWLhc4pS6rItnuHuuNIQ49Y77z2cu7kNpdhkKKlAIH
k78LBCKQ3Tn7PwfJQTG9yZ/Rbq0Exakh3lzBsso8SW1MG+sAhLhpGpptaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyLRLs6k1Bz3UPWxmNX9Y4065n+MB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGuwxr/wr
BskG6/RMuR7tIRdBR7LIg3yml4ttixM9QqtVlodEfoXxUEzUxk6a+75MxMNunwSS
O0/AvDYQqjJJOYo4YAoxWYWFxRrRWeURKhdozJva8PNm02T9zPTeBl0YnFikRAx8
MVVPja+aTrmuuj0AnkVn88T9wNuTRoXQC7Ja4zcNBvKPcaSGlACQthpaLZn18j8R
+OWbO7PZBaNGU02Sp/fs+LUXgZS+BOmyW9nEo5T+K1egtWRsJnAshYsdzkn2eIWX
hkIZ2P9cnZI+uIipb3g0YkAY3eQ4YU+NHVaOoyNkox8Yx67OMhz7vf9cLt9YEFoN
cNqLVl/QgGmFQA==
-----END CERTIFICATE-----