Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          pxa3JqI5CQbR1c6jidfHXPpgIwHEYYmZXXj9nOclckc=
Subject key identifier:   C9:85:2E:2B:2B:48:49:3F:38:EF:57:1E:50:92:D3:B2:2B:2F:75:6D
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       0197530FD66A3BA662040A1CC32C987B31D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          0666
Signing time:             Mon 09 Jun 2025 05:00:36 +0000
Manifest this update:     Mon 09 Jun 2025 05:00:36 +0000
Manifest next update:     Tue 10 Jun 2025 05:00:36 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: JciYpkaIi7FqdGUbR6dU4xYd4crBG1T1lRT5Joo8rG0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:53:0f:d6:6a:3b:a6:62:04:0a:1c:c3:2c:98:7b:31:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Jun  9 05:00:36 2025 GMT
            Not After : Jun 10 05:00:36 2025 GMT
        Subject: CN=c9852e2b2b48493f38ef571e5092d3b22b2f756d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ce:30:3c:c4:43:e3:56:82:44:59:21:d9:9f:
                    1d:9d:16:e5:1d:63:fc:e4:01:be:ec:92:39:f5:d3:
                    70:24:d1:07:fe:37:3f:61:1e:e7:93:da:52:cd:8d:
                    e7:ef:92:31:40:54:db:2f:99:91:c0:a0:f7:9b:db:
                    28:ea:22:2a:10:37:a8:ab:33:17:78:d6:62:7d:6a:
                    88:de:25:35:c4:db:be:8e:11:e5:54:e5:59:4f:e3:
                    e8:a8:3d:a8:ec:66:bb:cd:01:57:ae:e8:37:38:74:
                    0e:03:1b:54:ab:34:fb:f8:db:84:91:56:30:04:b5:
                    5e:a6:5c:1a:cc:ed:f4:c3:6b:0d:42:ad:e6:2e:5f:
                    33:73:2d:9a:b3:0c:e6:4a:dc:ec:de:0f:7c:ca:65:
                    38:ec:e6:ac:5b:3d:d3:7d:2c:c4:65:49:bb:b5:cb:
                    1a:1d:dc:d3:7f:6b:21:4e:b6:60:ad:d4:db:69:f8:
                    3e:e3:6f:1f:7e:e0:95:7d:00:46:cd:df:eb:9a:a2:
                    c1:a5:bb:68:fd:a8:cb:4c:ed:44:01:98:67:0e:e6:
                    38:cc:ce:7d:ad:d3:76:24:72:8a:a9:1c:82:48:37:
                    fb:59:5d:9c:ea:c5:8b:5f:5b:1b:76:3f:62:4c:11:
                    8f:2e:0d:d2:a9:47:67:49:b5:af:22:e7:34:bc:4b:
                    70:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:85:2E:2B:2B:48:49:3F:38:EF:57:1E:50:92:D3:B2:2B:2F:75:6D
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:ff:a6:4f:ce:0c:97:cc:11:ab:df:fd:00:8b:43:53:8a:51:
         c0:75:b0:9a:d5:73:b8:52:69:d7:b2:18:60:5e:9b:5f:2a:ff:
         85:c1:09:aa:cf:81:a6:86:e2:b7:53:2f:fb:f6:10:2b:41:9e:
         f2:42:48:c9:d8:60:60:36:5e:ca:6e:ab:7a:1b:f3:4f:50:ca:
         b6:5a:88:f2:46:25:7c:f5:f2:55:08:0e:ad:11:8f:66:59:d3:
         5d:cb:21:63:60:72:a3:5c:52:e5:18:bd:02:eb:3f:34:18:9c:
         16:78:c4:c2:1c:9d:66:18:81:53:e0:b7:2e:00:fc:d3:15:01:
         4b:05:89:50:03:91:ef:13:39:ea:5c:2e:b0:2d:b8:33:a9:76:
         80:a8:42:a4:b7:4a:fe:5b:6d:4f:c0:1a:c1:77:1c:fc:ff:ac:
         42:10:6e:4f:45:2b:9a:ce:9e:6f:c8:a0:76:70:c2:2f:be:2b:
         b0:fe:b2:65:e8:dc:89:25:2d:8d:7b:87:78:6c:bf:26:c2:1f:
         e6:fb:29:43:94:6a:28:e1:62:99:f1:5b:6a:ed:23:bf:f7:d6:
         cb:76:0b:f0:11:a6:e5:3b:8d:06:14:91:2e:36:af:0c:6b:50:
         f7:da:81:cb:8b:fd:1b:c2:5b:00:3e:24:be:2e:57:ce:cf:dc:
         35:5f:f7:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdTD9ZqO6ZiBAocwyyYezHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjUwNjA5MDUwMDM2WhcNMjUwNjEwMDUwMDM2WjAzMTEwLwYDVQQD
EyhjOTg1MmUyYjJiNDg0OTNmMzhlZjU3MWU1MDkyZDNiMjJiMmY3NTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc4wPMRD41aCRFkh2Z8dnRblHWP8
5AG+7JI59dNwJNEH/jc/YR7nk9pSzY3n75IxQFTbL5mRwKD3m9so6iIqEDeoqzMX
eNZifWqI3iU1xNu+jhHlVOVZT+PoqD2o7Ga7zQFXrug3OHQOAxtUqzT7+NuEkVYw
BLVeplwazO30w2sNQq3mLl8zcy2aswzmStzs3g98ymU47OasWz3TfSzEZUm7tcsa
HdzTf2shTrZgrdTbafg+428ffuCVfQBGzd/rmqLBpbto/ajLTO1EAZhnDuY4zM59
rdN2JHKKqRyCSDf7WV2c6sWLX1sbdj9iTBGPLg3SqUdnSbWvIuc0vEtwEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMmFLisrSEk/OO9XHlCS07IrL3VtMB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATP+mT84M
l8wRq9/9AItDU4pRwHWwmtVzuFJp17IYYF6bXyr/hcEJqs+Bpobit1Mv+/YQK0Ge
8kJIydhgYDZeym6rehvzT1DKtlqI8kYlfPXyVQgOrRGPZlnTXcshY2Byo1xS5Ri9
Aus/NBicFnjEwhydZhiBU+C3LgD80xUBSwWJUAOR7xM56lwusC24M6l2gKhCpLdK
/lttT8AawXcc/P+sQhBuT0Urms6eb8igdnDCL74rsP6yZejciSUtjXuHeGy/JsIf
5vspQ5RqKOFimfFbau0jv/fWy3YL8BGm5TuNBhSRLjavDGtQ99qBy4v9G8JbAD4k
vi5Xzs/cNV/3yQ==
-----END CERTIFICATE-----