Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          9CWQ/+5Tx+2OUsqotlDtsEsPiMAcjJcA7AvT+9ml7c4=
Subject key identifier:   3B:C6:7D:26:E9:61:EC:9B:C7:41:B2:34:BD:06:12:C5:E4:27:11:FA
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       0199228C2EF394A605F3B6CC8FA646642BE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          0756
Signing time:             Sun 07 Sep 2025 05:00:36 +0000
Manifest this update:     Sun 07 Sep 2025 05:00:36 +0000
Manifest next update:     Mon 08 Sep 2025 05:00:36 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: P+3FcL/aNHKEkh2Kd+J27HIGR1LFeZzjViQy8LXo1YU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:2e:f3:94:a6:05:f3:b6:cc:8f:a6:46:64:2b:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Sep  7 05:00:36 2025 GMT
            Not After : Sep  8 05:00:36 2025 GMT
        Subject: CN=3bc67d26e961ec9bc741b234bd0612c5e42711fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:16:6c:b4:db:b3:91:eb:34:f9:d7:a9:29:2a:
                    8d:4b:a8:56:4e:c6:92:b6:e1:9c:52:64:8f:60:e3:
                    3d:ed:f7:38:a2:c3:25:e6:a3:33:30:29:25:d8:ed:
                    b9:83:3c:23:c5:9c:3d:13:79:f2:c7:55:1b:13:96:
                    54:81:c7:de:95:50:e6:9a:5a:ac:62:6b:a3:ba:df:
                    02:1b:7d:52:2e:26:dc:00:54:e3:ca:97:07:bb:e8:
                    85:b3:6b:35:10:45:a6:d8:d7:c9:a7:0c:83:d8:92:
                    10:d4:98:fb:4a:24:9c:ce:1d:30:84:33:08:43:b0:
                    9c:53:10:0a:7a:3c:46:95:7c:fd:28:0b:c1:db:cf:
                    71:db:5b:12:3e:82:46:32:63:71:ce:86:ee:cf:36:
                    9c:7a:66:d3:ba:3e:7b:ac:68:7a:56:c8:09:b2:8c:
                    7c:f8:00:b1:ac:60:27:49:aa:65:ac:a2:f2:7b:84:
                    6a:48:83:f4:35:42:9d:b5:6d:ea:85:78:fb:3e:59:
                    1b:cd:1a:4c:2a:21:d0:56:a3:d8:6c:60:84:a8:02:
                    6e:a4:64:4d:8d:0a:f3:f6:c1:6b:99:93:69:da:ec:
                    92:47:b2:5d:0b:4f:19:fc:e5:5a:22:77:d1:da:6d:
                    30:e6:fe:e2:d0:53:f2:fd:1d:86:72:be:c1:9c:89:
                    0d:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:C6:7D:26:E9:61:EC:9B:C7:41:B2:34:BD:06:12:C5:E4:27:11:FA
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:0f:a7:96:54:e9:48:48:eb:0d:e3:9a:d9:80:be:17:73:fd:
         ad:05:70:6f:8f:e6:20:52:b8:29:f3:bc:7b:81:a0:55:67:1b:
         27:08:9f:79:3c:0f:b2:56:0a:50:52:06:2e:4f:1a:ee:cb:ba:
         dc:be:c1:f9:95:fb:94:8c:1a:8c:24:a3:11:da:73:0c:24:17:
         20:f3:fb:c9:34:db:fb:ec:73:89:e4:64:f7:16:ba:7e:ad:0a:
         53:c7:9c:65:db:21:60:d4:d3:18:28:ba:3e:ac:ea:c5:0e:9a:
         f6:28:5c:24:4f:6f:c7:9c:af:06:6a:51:04:7b:e6:3b:45:e7:
         39:a1:2a:74:7f:e6:36:67:ce:5e:76:f8:61:3a:62:0e:ab:b8:
         95:b6:10:bc:a1:d7:20:31:94:fd:31:31:67:dd:8f:48:7f:45:
         f7:ea:e0:89:8c:f0:82:c8:46:b1:2d:20:51:ca:3e:db:1a:0e:
         ea:f9:32:b0:9e:8a:e6:95:c1:40:c3:7d:00:13:6f:ba:a1:63:
         82:8e:05:ae:6d:4e:01:8d:0f:13:d4:67:99:bc:f9:4a:bd:30:
         02:a9:76:da:7b:41:ab:63:a3:6f:f5:81:38:bb:8d:08:6e:aa:
         99:73:93:b0:5a:ee:11:08:76:83:fe:65:bd:8e:e3:37:97:a0:
         ee:9a:11:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijC7zlKYF87bMj6ZGZCvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjUwOTA3MDUwMDM2WhcNMjUwOTA4MDUwMDM2WjAzMTEwLwYDVQQD
EygzYmM2N2QyNmU5NjFlYzliYzc0MWIyMzRiZDA2MTJjNWU0MjcxMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhZstNuzkes0+depKSqNS6hWTsaS
tuGcUmSPYOM97fc4osMl5qMzMCkl2O25gzwjxZw9E3nyx1UbE5ZUgcfelVDmmlqs
Ymujut8CG31SLibcAFTjypcHu+iFs2s1EEWm2NfJpwyD2JIQ1Jj7SiSczh0whDMI
Q7CcUxAKejxGlXz9KAvB289x21sSPoJGMmNxzobuzzacembTuj57rGh6VsgJsox8
+ACxrGAnSaplrKLye4RqSIP0NUKdtW3qhXj7PlkbzRpMKiHQVqPYbGCEqAJupGRN
jQrz9sFrmZNp2uySR7JdC08Z/OVaInfR2m0w5v7i0FPy/R2Gcr7BnIkNMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvGfSbpYeybx0GyNL0GEsXkJxH6MB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAew+nllTp
SEjrDeOa2YC+F3P9rQVwb4/mIFK4KfO8e4GgVWcbJwifeTwPslYKUFIGLk8a7su6
3L7B+ZX7lIwajCSjEdpzDCQXIPP7yTTb++xzieRk9xa6fq0KU8ecZdshYNTTGCi6
PqzqxQ6a9ihcJE9vx5yvBmpRBHvmO0XnOaEqdH/mNmfOXnb4YTpiDqu4lbYQvKHX
IDGU/TExZ92PSH9F9+rgiYzwgshGsS0gUco+2xoO6vkysJ6K5pXBQMN9ABNvuqFj
go4Frm1OAY0PE9Rnmbz5Sr0wAql22ntBq2Ojb/WBOLuNCG6qmXOTsFruEQh2g/5l
vY7jN5eg7poRIQ==
-----END CERTIFICATE-----