Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
File:                     KAYV5gBqhh9mz3MH0w_JNQx2994.mft (raw, json)
Hash identifier:          DS8YzjkYuJN1yphAwScM7aju30/Mv3IqtOXbneNHpZo=
Subject key identifier:   2A:C8:98:13:45:2D:6C:ED:04:A0:3C:1C:92:41:94:B9:6F:C5:CD:59
Authority key identifier: 28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE
Certificate issuer:       /CN=280615e6006a861f66cf7307d30fc9350c76f7de
Certificate serial:       01974CD719C6072CFB6D2B93A412A754D239
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
Manifest number:          157B
Signing time:             Sun 08 Jun 2025 00:00:54 +0000
Manifest this update:     Sun 08 Jun 2025 00:00:54 +0000
Manifest next update:     Mon 09 Jun 2025 00:00:54 +0000
Files and hashes:         1: KAYV5gBqhh9mz3MH0w_JNQx2994.crl (hash: JESUiYCAFV8c+fTQsadDIy6NU9QreFruj67IyWSIah0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 20:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:d7:19:c6:07:2c:fb:6d:2b:93:a4:12:a7:54:d2:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=280615e6006a861f66cf7307d30fc9350c76f7de
        Validity
            Not Before: Jun  8 00:00:54 2025 GMT
            Not After : Jun  9 00:00:54 2025 GMT
        Subject: CN=2ac89813452d6ced04a03c1c924194b96fc5cd59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:2c:2c:d6:79:5d:7a:6d:dc:e4:7d:94:7c:7a:
                    22:e0:6f:a2:b4:be:2b:a5:7d:28:b0:e6:2c:79:a1:
                    2a:e3:08:a9:b2:49:64:e3:c7:ba:a6:36:af:29:1c:
                    76:dd:72:3e:ef:4d:79:cf:4e:88:f0:7b:35:22:eb:
                    08:c4:4c:24:ff:fb:f1:57:5c:1f:ef:68:d4:26:4b:
                    66:f5:21:72:52:25:ed:dd:c2:99:a9:b4:6b:7c:4d:
                    77:6e:bc:a2:70:f7:ef:6e:c0:2c:41:98:a1:05:b9:
                    e7:ad:4a:d0:e5:5f:e6:91:05:6d:2b:f0:18:3a:10:
                    b4:50:24:be:33:d5:29:82:e9:1f:90:87:60:be:ed:
                    a6:22:02:1e:63:7d:1f:cc:f7:c7:e8:26:64:17:b7:
                    bd:39:32:4b:6e:67:cc:1b:37:47:f7:52:b0:68:e0:
                    72:4d:48:d7:50:c6:ac:04:a3:43:85:61:16:e1:57:
                    cd:ee:77:d1:f4:0c:c0:d4:7d:90:87:2a:51:12:f4:
                    46:df:8d:0a:0c:04:0a:92:85:12:f8:fa:2e:3f:67:
                    9b:6d:41:98:53:21:d2:d5:1c:bd:3b:17:75:dd:23:
                    47:2f:6e:1f:85:1d:05:f4:58:d8:38:ec:bb:8e:6e:
                    3d:86:a9:fb:51:38:da:29:1a:63:98:e2:2f:7d:66:
                    9e:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:C8:98:13:45:2D:6C:ED:04:A0:3C:1C:92:41:94:B9:6F:C5:CD:59
            X509v3 Authority Key Identifier:
                keyid:28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:2f:01:11:31:08:1a:9f:fb:e8:1c:82:1a:1b:4a:29:83:7b:
         7a:7e:51:80:50:d1:b5:6c:4b:ba:ba:7b:ee:06:84:9f:40:c7:
         c2:1a:2e:6f:64:21:34:44:7b:b1:aa:07:4f:2b:34:1f:52:59:
         69:17:51:92:49:58:48:b1:7f:cb:75:5b:0e:ee:31:ff:50:86:
         ed:7e:60:5d:77:e0:1f:88:d5:10:e6:eb:55:41:da:86:52:1b:
         c9:25:e6:2d:0f:b7:19:e2:1f:2a:3f:33:50:c4:d4:b2:e3:32:
         ba:57:b2:ac:e4:b2:43:27:bc:03:f7:af:c1:11:7a:22:0a:d8:
         29:c2:2b:54:3d:fd:b0:09:25:f1:06:ea:66:9f:be:35:7a:6b:
         f2:24:1c:bd:59:28:50:eb:45:39:a2:83:23:ad:b2:d6:16:8a:
         df:b2:0c:f9:46:eb:81:e4:03:98:cd:a2:cf:ea:b7:d7:bf:79:
         0f:cb:6f:90:c2:98:64:18:6f:b1:d6:d1:de:fd:e9:a1:72:5e:
         1d:51:78:9a:8b:c7:30:41:34:28:46:ec:42:6a:78:69:f2:d2:
         ac:45:47:f3:ea:99:4d:d4:99:32:79:9d:43:79:1b:57:a1:ee:
         ea:55:0d:e8:90:fb:1b:cf:32:49:95:fe:a6:9f:83:43:4f:16:
         80:cf:0d:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdM1xnGByz7bSuTpBKnVNI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDYxNWU2MDA2YTg2MWY2NmNmNzMwN2QzMGZjOTM1MGM3
NmY3ZGUwHhcNMjUwNjA4MDAwMDU0WhcNMjUwNjA5MDAwMDU0WjAzMTEwLwYDVQQD
EygyYWM4OTgxMzQ1MmQ2Y2VkMDRhMDNjMWM5MjQxOTRiOTZmYzVjZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Sws1nldem3c5H2UfHoi4G+itL4r
pX0osOYseaEq4wipsklk48e6pjavKRx23XI+7015z06I8Hs1IusIxEwk//vxV1wf
72jUJktm9SFyUiXt3cKZqbRrfE13bryicPfvbsAsQZihBbnnrUrQ5V/mkQVtK/AY
OhC0UCS+M9UpgukfkIdgvu2mIgIeY30fzPfH6CZkF7e9OTJLbmfMGzdH91KwaOBy
TUjXUMasBKNDhWEW4VfN7nfR9AzA1H2QhypREvRG340KDAQKkoUS+PouP2ebbUGY
UyHS1Ry9Oxd13SNHL24fhR0F9FjYOOy7jm49hqn7UTjaKRpjmOIvfWae0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrImBNFLWztBKA8HJJBlLlvxc1ZMB8GA1UdIwQY
MBaAFCgGFeYAaoYfZs9zB9MPyTUMdvfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEt
YWU5MmI2YWUxYmZlLzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEtYWU5MmI2YWUxYmZl
LzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMy8BETEI
Gp/76ByCGhtKKYN7en5RgFDRtWxLurp77gaEn0DHwhoub2QhNER7saoHTys0H1JZ
aRdRkklYSLF/y3VbDu4x/1CG7X5gXXfgH4jVEObrVUHahlIbySXmLQ+3GeIfKj8z
UMTUsuMyuleyrOSyQye8A/evwRF6IgrYKcIrVD39sAkl8QbqZp++NXpr8iQcvVko
UOtFOaKDI62y1haK37IM+UbrgeQDmM2iz+q31795D8tvkMKYZBhvsdbR3v3poXJe
HVF4movHMEE0KEbsQmp4afLSrEVH8+qZTdSZMnmdQ3kbV6Hu6lUN6JD7G88ySZX+
pp+DQ08WgM8NBw==
-----END CERTIFICATE-----