Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          ysxclgAvTNS981Zh51AHV8Nejzn47/KGH2SxjPyCGfI=
Subject key identifier:   99:6F:60:F6:F0:DA:2E:A0:E6:54:66:2F:DB:0D:E3:D1:78:BC:DB:0B
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       019748FAA9D172E2031967FE0CD214D701D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 06:01:16 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:16 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:16 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: I0BJy0y1dIwrgJAwzTI9Xzckz2kwCV8A5Q8QtQnjE3c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:a9:d1:72:e2:03:19:67:fe:0c:d2:14:d7:01:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: Jun  7 06:01:16 2025 GMT
            Not After : Jun  8 06:01:16 2025 GMT
        Subject: CN=996f60f6f0da2ea0e654662fdb0de3d178bcdb0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:22:1a:88:62:b0:58:96:51:cb:de:12:82:ba:
                    7e:37:af:79:fa:9c:8f:60:17:78:ff:46:ca:5e:e0:
                    35:58:ff:91:2d:b3:79:99:bd:03:58:c8:90:c3:13:
                    cc:5a:41:d9:89:25:3a:81:b4:d4:ce:61:43:b7:85:
                    ed:4b:a5:53:c1:74:5d:df:37:c4:21:73:07:9a:ac:
                    4b:74:f3:8d:fa:79:a0:30:e2:51:4b:6b:d9:5e:66:
                    de:92:92:99:69:dc:c5:ed:d7:32:4d:a1:78:39:1e:
                    65:d1:76:f8:0e:f1:d7:ff:ea:e9:6f:e9:af:5b:1f:
                    45:ab:b0:a8:a2:ef:bc:8c:c5:aa:22:34:34:4f:1e:
                    99:c7:e2:f2:28:d1:6c:6c:94:be:7b:eb:5f:12:22:
                    89:74:68:b0:19:f2:e1:b0:2b:6a:42:8c:a8:d1:82:
                    86:76:2e:b9:4a:b1:d1:03:78:66:c9:fd:05:0f:b5:
                    9b:fe:b2:47:37:ce:45:80:b8:b2:5c:85:ab:1a:1b:
                    b4:5b:79:53:ca:25:20:45:b5:3a:50:cf:d7:8b:e9:
                    28:af:6a:c7:2f:89:1b:ab:8b:ff:e3:3c:a1:d9:0e:
                    32:34:bd:8b:16:20:92:e4:a3:76:f4:1d:fc:bc:37:
                    3b:2b:31:ec:6e:11:c4:11:63:1c:5f:c2:c9:3c:17:
                    c0:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:6F:60:F6:F0:DA:2E:A0:E6:54:66:2F:DB:0D:E3:D1:78:BC:DB:0B
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:94:33:ba:dc:32:92:d1:a8:52:0c:44:0b:b8:e5:e3:68:af:
         b1:27:39:1e:1c:28:da:bd:cb:fe:f9:ee:7f:4d:77:62:f4:47:
         98:9c:9a:5c:a5:6e:ed:3f:dc:e3:53:4b:57:70:4e:dc:24:51:
         1b:af:e3:da:bd:f5:d5:f4:7d:07:99:c0:49:c0:7b:7a:7a:fb:
         9e:e4:f6:9c:16:dd:dd:e3:6a:c8:a8:76:35:58:ba:36:d2:dc:
         56:0d:5e:58:dc:76:05:a1:49:12:82:90:1f:5a:e8:5a:7e:bf:
         46:89:69:0f:01:75:00:26:c3:95:21:79:ae:0f:3c:7e:6f:17:
         8f:d7:e9:b4:ef:90:ef:30:86:37:11:a9:b5:57:30:fc:3d:34:
         63:52:f5:c8:f4:1e:e3:96:90:7f:c9:29:b9:2b:c4:e7:0d:c7:
         72:4b:2a:19:7b:2c:f0:69:7c:e0:5f:91:4f:dc:2e:0c:5b:5a:
         b1:7a:fd:5d:92:cc:34:8c:bf:1d:d1:1c:ec:b3:38:d0:b4:20:
         6d:3f:7b:e2:91:29:0c:88:8f:9f:03:62:d9:56:f4:ca:82:0c:
         82:72:17:ea:73:fa:ad:09:24:24:42:d1:1e:57:50:8e:f9:6e:
         fb:01:26:84:7a:71:0e:98:bc:66:22:2a:15:c7:6e:3c:e6:66:
         ae:7c:de:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+qnRcuIDGWf+DNIU1wHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjUwNjA3MDYwMTE2WhcNMjUwNjA4MDYwMTE2WjAzMTEwLwYDVQQD
Eyg5OTZmNjBmNmYwZGEyZWEwZTY1NDY2MmZkYjBkZTNkMTc4YmNkYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCIaiGKwWJZRy94Sgrp+N695+pyP
YBd4/0bKXuA1WP+RLbN5mb0DWMiQwxPMWkHZiSU6gbTUzmFDt4XtS6VTwXRd3zfE
IXMHmqxLdPON+nmgMOJRS2vZXmbekpKZadzF7dcyTaF4OR5l0Xb4DvHX/+rpb+mv
Wx9Fq7Coou+8jMWqIjQ0Tx6Zx+LyKNFsbJS+e+tfEiKJdGiwGfLhsCtqQoyo0YKG
di65SrHRA3hmyf0FD7Wb/rJHN85FgLiyXIWrGhu0W3lTyiUgRbU6UM/Xi+kor2rH
L4kbq4v/4zyh2Q4yNL2LFiCS5KN29B38vDc7KzHsbhHEEWMcX8LJPBfA5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJlvYPbw2i6g5lRmL9sN49F4vNsLMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhZQzutwy
ktGoUgxEC7jl42ivsSc5Hhwo2r3L/vnuf013YvRHmJyaXKVu7T/c41NLV3BO3CRR
G6/j2r311fR9B5nAScB7enr7nuT2nBbd3eNqyKh2NVi6NtLcVg1eWNx2BaFJEoKQ
H1roWn6/RolpDwF1ACbDlSF5rg88fm8Xj9fptO+Q7zCGNxGptVcw/D00Y1L1yPQe
45aQf8kpuSvE5w3HcksqGXss8Gl84F+RT9wuDFtasXr9XZLMNIy/HdEc7LM40LQg
bT974pEpDIiPnwNi2Vb0yoIMgnIX6nP6rQkkJELRHldQjvlu+wEmhHpxDpi8ZiIq
FcduPOZmrnze2g==
-----END CERTIFICATE-----