Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
File:                     KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft (raw, json)
Hash identifier:          XC4UvHffaIrixMgb0FDFGa6qWGZNf0Z3mMP5mp22B44=
Subject key identifier:   A7:47:23:B0:E9:D5:EC:FB:CF:73:FB:4D:8D:B1:AE:78:1C:F3:F4:00
Authority key identifier: 28:FA:45:6D:1C:23:67:86:21:95:4F:FB:F4:93:A3:23:DE:2C:44:84
Certificate issuer:       /CN=28fa456d1c23678621954ffbf493a323de2c4484
Certificate serial:       0197469E33BFEB70618C1BF6D4E48FDFE5CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
Manifest number:          0AB6
Signing time:             Fri 06 Jun 2025 19:01:02 +0000
Manifest this update:     Fri 06 Jun 2025 19:01:02 +0000
Manifest next update:     Sat 07 Jun 2025 19:01:02 +0000
Files and hashes:         1: KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl (hash: /YX1VULpDa2SooE4IFrW5glZoTioD8QJKz/EEYcSbfw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 15:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:46:9e:33:bf:eb:70:61:8c:1b:f6:d4:e4:8f:df:e5:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28fa456d1c23678621954ffbf493a323de2c4484
        Validity
            Not Before: Jun  6 19:01:02 2025 GMT
            Not After : Jun  7 19:01:02 2025 GMT
        Subject: CN=a74723b0e9d5ecfbcf73fb4d8db1ae781cf3f400
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:2a:df:78:90:cd:59:7d:e3:6d:3a:a3:b1:42:
                    c2:78:69:f9:b6:2d:17:29:d0:49:86:0f:fa:cc:2e:
                    dd:ca:ad:86:11:24:13:75:36:d3:c4:7d:de:fe:64:
                    41:65:6c:74:a0:73:f7:2d:0e:94:a8:12:88:17:ec:
                    c8:d6:0b:ef:0d:21:83:f3:1e:e5:e7:dd:50:64:a4:
                    95:ea:20:da:1b:60:3c:00:e1:47:51:85:51:36:f4:
                    bf:98:37:b1:01:01:50:3f:95:2d:19:93:d6:ee:6a:
                    b9:17:60:5e:aa:8c:90:61:f4:f8:ee:37:58:b3:b9:
                    ea:43:72:62:c1:d8:6e:1e:2e:d8:41:1c:d6:96:47:
                    99:eb:1c:02:07:a9:12:6a:e1:f7:30:af:5b:c9:5d:
                    cf:53:a4:11:3f:8b:c2:83:ec:47:07:73:49:6a:64:
                    e5:68:3c:b4:4b:3f:ca:f1:ec:f5:e8:55:0c:fe:9c:
                    65:79:dc:44:40:a4:34:5e:b2:7b:61:d1:84:cf:fc:
                    ca:b6:26:5e:be:90:66:95:74:61:9e:6d:86:7c:96:
                    ec:b4:41:ec:a7:a6:88:74:38:ca:08:63:b9:5a:46:
                    4a:12:58:5c:1a:a4:b2:3d:89:0d:12:30:48:36:aa:
                    c5:11:54:b1:e5:a2:9f:6d:85:cc:e0:6a:0d:41:c3:
                    63:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:47:23:B0:E9:D5:EC:FB:CF:73:FB:4D:8D:B1:AE:78:1C:F3:F4:00
            X509v3 Authority Key Identifier:
                keyid:28:FA:45:6D:1C:23:67:86:21:95:4F:FB:F4:93:A3:23:DE:2C:44:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:dc:d1:5b:1f:75:47:ca:f3:9c:9b:d3:4b:01:d8:31:49:83:
         09:d7:ea:b9:64:b5:f4:74:1f:cc:1c:96:ff:31:16:b4:76:8f:
         d5:85:a9:cc:a5:ba:0c:8f:71:3c:15:16:8b:92:27:e3:4e:91:
         12:91:78:18:1b:74:de:b7:1f:c2:26:fc:04:6e:87:63:88:21:
         86:e0:8c:b6:2e:b2:fc:eb:6c:cb:dd:0c:be:46:0d:af:85:12:
         a4:29:ee:02:36:00:43:47:bc:6c:28:09:1b:37:f0:00:a4:9a:
         a9:90:49:ce:6b:b0:b2:24:ba:d1:16:38:e2:43:be:51:37:92:
         ad:7c:49:cd:45:f5:20:c1:a5:a4:62:d9:e8:cc:85:91:36:2d:
         01:b7:b6:ed:c9:fc:d1:f0:c5:38:67:e0:5b:fc:b8:c2:2b:8d:
         2b:bc:04:96:51:cd:a3:84:ca:59:06:74:c4:4c:3b:92:a7:8d:
         cd:50:07:8f:f3:72:c4:b3:9b:ec:9a:3a:1b:ad:1e:26:e5:95:
         42:a2:41:92:84:5e:22:06:d9:53:37:c0:a1:67:3b:94:81:23:
         37:2d:ab:85:41:47:e5:87:63:69:a8:7e:be:3e:3f:07:0b:84:
         0f:f4:99:f7:1e:e1:26:2f:7b:8c:41:7d:bf:92:30:ad:1e:4f:
         b8:53:fe:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdGnjO/63BhjBv21OSP3+XKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZmE0NTZkMWMyMzY3ODYyMTk1NGZmYmY0OTNhMzIzZGUy
YzQ0ODQwHhcNMjUwNjA2MTkwMTAyWhcNMjUwNjA3MTkwMTAyWjAzMTEwLwYDVQQD
EyhhNzQ3MjNiMGU5ZDVlY2ZiY2Y3M2ZiNGQ4ZGIxYWU3ODFjZjNmNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCrfeJDNWX3jbTqjsULCeGn5ti0X
KdBJhg/6zC7dyq2GESQTdTbTxH3e/mRBZWx0oHP3LQ6UqBKIF+zI1gvvDSGD8x7l
591QZKSV6iDaG2A8AOFHUYVRNvS/mDexAQFQP5UtGZPW7mq5F2BeqoyQYfT47jdY
s7nqQ3JiwdhuHi7YQRzWlkeZ6xwCB6kSauH3MK9byV3PU6QRP4vCg+xHB3NJamTl
aDy0Sz/K8ez16FUM/pxledxEQKQ0XrJ7YdGEz/zKtiZevpBmlXRhnm2GfJbstEHs
p6aIdDjKCGO5WkZKElhcGqSyPYkNEjBINqrFEVSx5aKfbYXM4GoNQcNjtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdHI7Dp1ez7z3P7TY2xrngc8/QAMB8GA1UdIwQY
MBaAFCj6RW0cI2eGIZVP+/SToyPeLESEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMWFjYWItOWE4Yi00MjNlLWIwYmMt
ZjQ1YTJhNjM0NzA0LzEvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMWFjYWItOWE4Yi00MjNlLWIwYmMtZjQ1YTJhNjM0NzA0
LzEvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdzRWx91
R8rznJvTSwHYMUmDCdfquWS19HQfzByW/zEWtHaP1YWpzKW6DI9xPBUWi5In406R
EpF4GBt03rcfwib8BG6HY4ghhuCMti6y/Otsy90MvkYNr4USpCnuAjYAQ0e8bCgJ
GzfwAKSaqZBJzmuwsiS60RY44kO+UTeSrXxJzUX1IMGlpGLZ6MyFkTYtAbe27cn8
0fDFOGfgW/y4wiuNK7wEllHNo4TKWQZ0xEw7kqeNzVAHj/NyxLOb7Jo6G60eJuWV
QqJBkoReIgbZUzfAoWc7lIEjNy2rhUFH5Ydjaah+vj4/BwuED/SZ9x7hJi97jEF9
v5IwrR5PuFP+Kg==
-----END CERTIFICATE-----