Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          LThlft+cU3343Ml+aSwguAt+BkwKS+jdxNIGjVdwWWY=
Subject key identifier:   08:5F:79:70:13:2A:E0:0E:74:B6:10:4A:2C:DC:46:D7:42:42:F8:76
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       01974779D2D48AD55D2DCDB720BF70AAF149
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0B01
Signing time:             Fri 06 Jun 2025 23:00:55 +0000
Manifest this update:     Fri 06 Jun 2025 23:00:55 +0000
Manifest next update:     Sat 07 Jun 2025 23:00:55 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: 0nFd3x2zhXwbtBuq7swwPL1OVS5pkEUAzTSgDfK5HQc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 23:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:47:79:d2:d4:8a:d5:5d:2d:cd:b7:20:bf:70:aa:f1:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Jun  6 23:00:55 2025 GMT
            Not After : Jun  7 23:00:55 2025 GMT
        Subject: CN=085f7970132ae00e74b6104a2cdc46d74242f876
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:f1:60:0b:ab:c7:13:87:77:f4:74:2e:ad:c4:
                    53:27:72:25:3c:21:e6:a8:4b:a9:55:7d:7d:8d:40:
                    64:a1:26:37:ef:fd:84:6c:43:7a:97:4e:9f:f2:25:
                    d5:5e:17:78:b4:0d:2b:f7:7a:58:5b:49:e0:0c:3e:
                    0b:66:e8:56:1f:6f:a9:af:27:21:2b:39:d2:f8:60:
                    5b:99:2d:40:b8:e9:35:8c:c5:80:d1:54:7a:52:33:
                    fa:ec:d7:a3:aa:3d:95:b0:93:40:3b:1f:01:70:b1:
                    5a:c0:57:3e:fc:0d:ce:b9:1b:00:0c:45:62:0f:c8:
                    f6:6a:32:45:1f:8a:dd:ee:b6:84:54:89:6c:3a:bf:
                    57:51:d0:d3:30:7b:82:a2:0c:db:81:09:ef:e0:4d:
                    2d:0e:a7:20:8d:b0:db:35:22:5a:66:11:cd:08:83:
                    6a:9e:4b:d5:7e:2b:c7:ea:c7:5a:c7:8e:4d:87:f2:
                    10:a8:29:cd:53:9f:a0:e2:17:26:41:e0:0c:08:7e:
                    93:b2:ab:8c:51:88:e9:44:5a:1e:f3:67:58:95:10:
                    af:d8:43:f6:29:92:8d:a0:0d:01:45:81:31:c5:70:
                    04:8c:c1:27:20:e2:cc:ec:29:c9:9a:ce:01:e5:f9:
                    53:d3:d6:03:ed:13:c0:cb:3b:14:6b:f2:04:fb:8b:
                    94:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:5F:79:70:13:2A:E0:0E:74:B6:10:4A:2C:DC:46:D7:42:42:F8:76
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:07:51:20:e4:9e:3e:78:e0:a7:6d:50:ab:d1:90:60:66:5c:
         04:95:bb:c4:a6:28:59:dd:84:bd:03:ad:07:be:2f:42:7e:83:
         38:21:8a:8f:0b:16:90:2a:cd:f2:eb:f6:72:32:84:27:db:4b:
         fd:f6:32:43:ab:42:0b:b6:37:25:0b:8e:72:87:4b:a8:ae:21:
         81:2f:a4:f7:a6:ad:64:a0:9d:41:55:7d:0c:0a:18:e9:5d:e7:
         39:6d:d6:22:d7:00:17:a2:4d:e1:2d:19:0a:82:49:e2:86:e5:
         2e:05:45:81:58:01:fc:3a:2c:f0:21:91:69:86:f9:3b:d9:c3:
         56:cc:58:b1:52:10:03:e9:14:c7:58:4b:21:e2:67:cb:07:b8:
         93:61:ee:6f:71:a3:3e:4a:12:85:d0:1e:23:b6:5d:06:7d:f6:
         4d:c0:75:4f:e6:7a:7d:05:65:af:75:df:76:30:fd:8d:c6:31:
         38:31:4a:36:e0:d1:74:b7:2e:8c:39:e0:0f:da:21:fa:e2:40:
         e6:a3:5f:a4:7c:0f:b1:58:3d:ee:df:6d:dc:31:f4:a8:ab:e5:
         2a:b6:c4:c7:f5:cf:ed:f9:83:21:a6:3a:ac:89:7d:db:99:a6:
         7f:83:82:8b:da:7a:e8:d9:28:8a:a3:76:c9:cf:3d:f8:7a:97:
         f0:bd:25:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdHedLUitVdLc23IL9wqvFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUwNjA2MjMwMDU1WhcNMjUwNjA3MjMwMDU1WjAzMTEwLwYDVQQD
EygwODVmNzk3MDEzMmFlMDBlNzRiNjEwNGEyY2RjNDZkNzQyNDJmODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvFgC6vHE4d39HQurcRTJ3IlPCHm
qEupVX19jUBkoSY37/2EbEN6l06f8iXVXhd4tA0r93pYW0ngDD4LZuhWH2+prych
KznS+GBbmS1AuOk1jMWA0VR6UjP67Nejqj2VsJNAOx8BcLFawFc+/A3OuRsADEVi
D8j2ajJFH4rd7raEVIlsOr9XUdDTMHuCogzbgQnv4E0tDqcgjbDbNSJaZhHNCINq
nkvVfivH6sdax45Nh/IQqCnNU5+g4hcmQeAMCH6TsquMUYjpRFoe82dYlRCv2EP2
KZKNoA0BRYExxXAEjMEnIOLM7CnJms4B5flT09YD7RPAyzsUa/IE+4uUxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAhfeXATKuAOdLYQSizcRtdCQvh2MB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACQdRIOSe
Pnjgp21Qq9GQYGZcBJW7xKYoWd2EvQOtB74vQn6DOCGKjwsWkCrN8uv2cjKEJ9tL
/fYyQ6tCC7Y3JQuOcodLqK4hgS+k96atZKCdQVV9DAoY6V3nOW3WItcAF6JN4S0Z
CoJJ4oblLgVFgVgB/Dos8CGRaYb5O9nDVsxYsVIQA+kUx1hLIeJnywe4k2Hub3Gj
PkoShdAeI7ZdBn32TcB1T+Z6fQVlr3XfdjD9jcYxODFKNuDRdLcujDngD9oh+uJA
5qNfpHwPsVg97t9t3DH0qKvlKrbEx/XP7fmDIaY6rIl925mmf4OCi9p66NkoiqN2
yc89+HqX8L0ldA==
-----END CERTIFICATE-----