Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          G9EOV5Q6xGLJbiyCN8M2BnWgApDIE9PjpvLTQpkFRnk=
Subject key identifier:   76:9E:F9:6E:ED:E7:05:05:75:F8:E5:D0:EE:60:39:D8:1C:9A:4A:60
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       0199228C6CD624665AA095549FEB9031A839
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0BF7
Signing time:             Sun 07 Sep 2025 05:00:52 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:52 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:52 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: 15I8934op9gHaIBHnZnK1UxF3vHOMvRSNbvaEERRxNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:6c:d6:24:66:5a:a0:95:54:9f:eb:90:31:a8:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Sep  7 05:00:52 2025 GMT
            Not After : Sep  8 05:00:52 2025 GMT
        Subject: CN=769ef96eede7050575f8e5d0ee6039d81c9a4a60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2f:a7:cd:29:96:6e:13:4e:f8:c9:0f:91:2c:
                    60:fc:bb:df:19:06:43:73:5b:d9:79:80:d2:e6:10:
                    76:50:c2:e6:1c:1a:34:cf:36:01:2a:4a:35:5e:4e:
                    2b:cf:0a:bf:7f:d3:74:56:45:94:b2:3a:e1:de:94:
                    47:59:cc:bf:31:46:38:dd:92:4e:99:40:c2:72:51:
                    ee:22:e3:c9:c3:7d:9c:bc:cf:41:04:cc:f0:65:68:
                    08:7c:53:75:c0:03:d2:25:d8:17:e4:a4:42:ef:0d:
                    f5:69:04:6e:23:cd:89:b5:09:0a:c7:8f:e6:66:77:
                    ba:b4:aa:be:e6:f6:2a:2b:f2:1d:58:be:d8:f6:f8:
                    d2:4b:3f:12:0d:b0:ea:f0:53:a2:08:06:1e:3d:86:
                    de:2f:da:95:0d:bc:d7:3f:f4:21:2a:a6:ab:e6:4f:
                    80:4d:04:91:75:9e:19:95:93:2b:42:ae:19:9a:df:
                    7d:00:f3:ca:8e:3d:d5:d4:e6:d2:bf:fa:9a:2d:e5:
                    b2:98:3b:eb:cc:83:a9:ee:52:50:03:16:73:7d:07:
                    02:62:22:e0:82:54:83:af:bb:80:fb:e7:71:3e:b2:
                    63:4c:97:5e:26:7e:00:34:df:21:ea:1f:82:d1:80:
                    2e:67:52:40:21:39:e5:98:40:7a:11:d4:df:89:c3:
                    db:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:9E:F9:6E:ED:E7:05:05:75:F8:E5:D0:EE:60:39:D8:1C:9A:4A:60
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:81:25:de:fa:93:07:07:01:f1:88:ed:da:bf:c7:0e:b1:a5:
         9d:7c:d9:dd:1f:dc:e6:f9:41:5d:74:94:90:3e:5b:f5:8e:bf:
         cb:bb:82:29:d3:53:f3:79:5b:ab:f3:8f:5a:37:36:ab:64:77:
         51:68:09:48:1d:6b:c5:94:9b:15:ef:3f:46:ce:c9:9f:3a:6f:
         1d:e6:87:8c:4c:d5:50:44:57:15:d6:5a:49:cd:b0:5c:7a:cd:
         5b:57:72:6e:50:74:6a:da:c0:93:9e:89:6b:8b:e0:31:27:a5:
         b8:2b:0e:fe:fc:f0:11:70:85:7b:d2:c1:a5:fb:a6:da:2a:14:
         35:bb:8b:4b:1e:15:23:08:09:ee:90:9c:82:a8:62:91:e8:00:
         77:e4:ab:38:d8:95:8a:b2:e0:79:cf:1d:9e:b0:b3:5c:2f:b1:
         6e:2c:ad:bc:13:22:62:61:c6:ea:c9:b0:56:10:8e:14:63:7e:
         f4:2a:3f:c4:61:cd:20:ff:27:47:c4:83:72:79:bd:c2:31:f4:
         29:99:e8:b1:2d:7f:00:bd:31:0f:7b:2b:03:56:4e:c3:e5:3a:
         e4:2c:40:ad:24:20:60:96:a3:ea:75:43:8d:ab:77:48:8b:b2:
         68:e2:d4:5b:ed:15:96:ba:c0:84:f2:cf:58:50:86:e9:10:6c:
         d3:71:d0:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijGzWJGZaoJVUn+uQMag5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUwOTA3MDUwMDUyWhcNMjUwOTA4MDUwMDUyWjAzMTEwLwYDVQQD
Eyg3NjllZjk2ZWVkZTcwNTA1NzVmOGU1ZDBlZTYwMzlkODFjOWE0YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwy+nzSmWbhNO+MkPkSxg/LvfGQZD
c1vZeYDS5hB2UMLmHBo0zzYBKko1Xk4rzwq/f9N0VkWUsjrh3pRHWcy/MUY43ZJO
mUDCclHuIuPJw32cvM9BBMzwZWgIfFN1wAPSJdgX5KRC7w31aQRuI82JtQkKx4/m
Zne6tKq+5vYqK/IdWL7Y9vjSSz8SDbDq8FOiCAYePYbeL9qVDbzXP/QhKqar5k+A
TQSRdZ4ZlZMrQq4Zmt99APPKjj3V1ObSv/qaLeWymDvrzIOp7lJQAxZzfQcCYiLg
glSDr7uA++dxPrJjTJdeJn4ANN8h6h+C0YAuZ1JAITnlmEB6EdTficPbawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHae+W7t5wUFdfjl0O5gOdgcmkpgMB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaIEl3vqT
BwcB8Yjt2r/HDrGlnXzZ3R/c5vlBXXSUkD5b9Y6/y7uCKdNT83lbq/OPWjc2q2R3
UWgJSB1rxZSbFe8/Rs7JnzpvHeaHjEzVUERXFdZaSc2wXHrNW1dyblB0atrAk56J
a4vgMSeluCsO/vzwEXCFe9LBpfum2ioUNbuLSx4VIwgJ7pCcgqhikegAd+SrONiV
irLgec8dnrCzXC+xbiytvBMiYmHG6smwVhCOFGN+9Co/xGHNIP8nR8SDcnm9wjH0
KZnosS1/AL0xD3srA1ZOw+U65CxArSQgYJaj6nVDjat3SIuyaOLUW+0VlrrAhPLP
WFCG6RBs03HQCg==
-----END CERTIFICATE-----