Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          NMkr0K6e2Ypp0DRJt91Qq5JIMAjcN8aOiMjbSLyA++E=
Subject key identifier:   80:A2:B3:3B:11:C7:D5:41:A9:B5:1E:8E:65:83:8A:58:31:5C:C3:52
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       0197681757F504A5675416E03A92F31BDD80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          0138
Signing time:             Fri 13 Jun 2025 07:00:49 +0000
Manifest this update:     Fri 13 Jun 2025 07:00:49 +0000
Manifest next update:     Sat 14 Jun 2025 07:00:49 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: 17IxRrrOXfB7yBPEeQ5A/LpLJp8bfJ95ctT13O35jds=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 07:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:17:57:f5:04:a5:67:54:16:e0:3a:92:f3:1b:dd:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: Jun 13 07:00:49 2025 GMT
            Not After : Jun 14 07:00:49 2025 GMT
        Subject: CN=80a2b33b11c7d541a9b51e8e65838a58315cc352
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:10:e9:65:22:d1:13:af:16:3b:a9:2d:ef:d1:
                    88:c5:62:9c:1a:f5:da:b1:12:e4:80:05:5a:6a:74:
                    17:e6:a5:b8:69:39:75:33:26:04:ef:76:30:c5:ea:
                    2c:42:90:11:22:fd:25:4d:c0:7e:5c:f4:a2:fc:72:
                    e6:fc:66:92:76:cd:a6:cc:e7:88:35:b3:1d:b9:35:
                    62:f8:7b:ca:cb:50:db:54:f3:58:00:25:fd:e5:ef:
                    0e:51:6f:a7:ec:d9:bc:07:5c:53:32:c7:6a:24:e4:
                    05:be:86:98:d1:25:41:fa:b3:da:42:0f:ba:a7:f1:
                    13:75:cd:cc:23:12:2a:ad:6a:c0:a2:02:c0:42:73:
                    a1:07:66:05:92:ac:c7:a0:53:69:01:97:f5:90:38:
                    44:f9:5b:af:7a:b7:8b:8c:01:f5:bd:3f:85:e8:ec:
                    91:54:57:84:3c:05:2b:c1:78:06:93:a4:77:ca:2e:
                    ae:0a:18:41:0f:e1:b7:68:ae:9f:57:3c:e2:c8:7e:
                    6b:20:4e:51:e4:c1:46:18:68:26:e9:21:df:a4:48:
                    fd:aa:06:65:3f:e8:27:0c:88:00:34:b6:df:3c:d5:
                    4e:a3:48:16:32:b5:5e:b1:64:94:b1:47:d4:f5:4a:
                    00:25:02:12:79:15:0a:4f:10:1f:67:d2:cc:d3:b1:
                    c3:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:A2:B3:3B:11:C7:D5:41:A9:B5:1E:8E:65:83:8A:58:31:5C:C3:52
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:cd:27:83:49:d5:07:65:3c:bc:9e:54:ba:f4:10:5c:6f:c0:
         ed:d8:77:0f:83:ee:e3:3d:d9:d8:e3:88:7b:45:83:e6:b5:38:
         51:6f:f3:e9:33:80:63:b0:e0:b5:da:0f:3b:66:2f:1d:40:e5:
         4f:31:f4:71:98:8c:a0:f3:bc:51:bc:bf:89:4a:cf:3d:00:1e:
         ac:c8:3d:13:b7:be:9c:81:06:c1:b8:04:a8:c4:4e:e4:8d:7d:
         40:34:8d:6b:04:e6:d3:16:dc:5e:f4:ed:1e:d6:00:c3:d4:11:
         5d:50:fb:bc:4e:05:d2:ed:e8:cd:37:ae:64:07:85:94:d9:3d:
         a0:d8:8c:84:0c:53:d4:dc:6a:cd:47:ea:50:e8:98:ec:4a:62:
         7a:23:78:36:dd:15:8a:1b:81:49:eb:4d:c0:7a:1f:b8:2a:16:
         87:f0:f6:05:f0:98:2a:4e:4d:55:b7:ee:74:c1:13:e3:3e:de:
         0e:59:99:23:42:c2:b4:16:a7:5f:4f:1a:11:7c:17:b1:4d:0e:
         02:88:0f:86:e2:8c:81:51:3f:50:3c:2f:e8:6a:5e:76:50:36:
         d4:53:11:bb:cc:e1:4b:b0:ad:d8:fb:19:37:8c:d9:3f:d8:4b:
         f1:62:2b:42:97:e4:d9:6f:3f:6d:81:94:cf:7b:e7:1f:81:e2:
         db:6d:09:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoF1f1BKVnVBbgOpLzG92AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjUwNjEzMDcwMDQ5WhcNMjUwNjE0MDcwMDQ5WjAzMTEwLwYDVQQD
Eyg4MGEyYjMzYjExYzdkNTQxYTliNTFlOGU2NTgzOGE1ODMxNWNjMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthDpZSLRE68WO6kt79GIxWKcGvXa
sRLkgAVaanQX5qW4aTl1MyYE73YwxeosQpARIv0lTcB+XPSi/HLm/GaSds2mzOeI
NbMduTVi+HvKy1DbVPNYACX95e8OUW+n7Nm8B1xTMsdqJOQFvoaY0SVB+rPaQg+6
p/ETdc3MIxIqrWrAogLAQnOhB2YFkqzHoFNpAZf1kDhE+VuvereLjAH1vT+F6OyR
VFeEPAUrwXgGk6R3yi6uChhBD+G3aK6fVzziyH5rIE5R5MFGGGgm6SHfpEj9qgZl
P+gnDIgANLbfPNVOo0gWMrVesWSUsUfU9UoAJQISeRUKTxAfZ9LM07HDWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFICiszsRx9VBqbUejmWDilgxXMNSMB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhc0ng0nV
B2U8vJ5UuvQQXG/A7dh3D4Pu4z3Z2OOIe0WD5rU4UW/z6TOAY7DgtdoPO2YvHUDl
TzH0cZiMoPO8Uby/iUrPPQAerMg9E7e+nIEGwbgEqMRO5I19QDSNawTm0xbcXvTt
HtYAw9QRXVD7vE4F0u3ozTeuZAeFlNk9oNiMhAxT1NxqzUfqUOiY7EpieiN4Nt0V
ihuBSetNwHofuCoWh/D2BfCYKk5NVbfudMET4z7eDlmZI0LCtBanX08aEXwXsU0O
AogPhuKMgVE/UDwv6GpedlA21FMRu8zhS7Ct2PsZN4zZP9hL8WIrQpfk2W8/bYGU
z3vnH4Hi220JMg==
-----END CERTIFICATE-----