Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          EGPajlYXiKF4fC+lk5zlOctJeEhka7kuKCYVRGSO/gQ=
Subject key identifier:   2D:2A:56:62:99:D7:D2:B1:C3:E7:DA:66:0D:20:97:03:C6:0B:71:51
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       01987A52449471820FC2E71E89BCC3DA1DFE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          1531
Signing time:             Tue 05 Aug 2025 13:01:08 +0000
Manifest this update:     Tue 05 Aug 2025 13:01:08 +0000
Manifest next update:     Wed 06 Aug 2025 13:01:08 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: YUWm4nLiquhSs1YxEyGlfFPUmo9ISx/kuR37GJSYKfg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 06 Aug 2025 13:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7a:52:44:94:71:82:0f:c2:e7:1e:89:bc:c3:da:1d:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: Aug  5 13:01:08 2025 GMT
            Not After : Aug  6 13:01:08 2025 GMT
        Subject: CN=2d2a566299d7d2b1c3e7da660d209703c60b7151
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:99:e3:cd:5c:ff:3f:cc:73:3b:c2:3e:c5:78:
                    02:90:d5:9e:69:4f:7e:54:59:0e:85:db:9f:6e:dd:
                    aa:4a:2c:a4:b5:c9:3d:80:2e:ff:2f:7f:43:d8:70:
                    7e:37:0a:8a:97:7c:17:62:01:3a:4b:db:9c:56:e4:
                    56:9e:0d:3a:ef:43:7d:ee:85:d2:1d:e9:ac:e7:1c:
                    65:e2:72:bb:c2:5c:93:15:cd:43:f4:17:90:54:a7:
                    52:fb:03:0a:4e:dd:f5:6b:f1:6f:87:88:c1:50:90:
                    18:3e:23:ab:45:26:8a:02:bf:fb:bb:1e:59:a8:80:
                    ab:a3:80:33:c5:b1:d6:9f:0e:c5:62:48:c0:cb:51:
                    73:bc:c5:8d:35:32:66:da:70:a9:90:83:93:2e:05:
                    44:d7:b3:e3:5f:be:f8:79:8b:a5:76:b9:1b:bb:97:
                    d8:ba:15:3b:74:99:9c:1a:f7:a5:b9:2e:27:68:2e:
                    51:cd:26:d8:37:23:c8:b9:4b:d3:37:cf:19:2e:bd:
                    2b:34:d4:12:22:33:63:d8:55:2d:90:3f:3a:14:8d:
                    52:cd:49:ba:e5:4f:7b:89:fc:c4:1a:ee:8f:e9:11:
                    dd:5d:a0:e1:2a:c5:2a:f0:a5:28:3d:12:c8:86:8d:
                    bd:f3:f6:c5:2c:8a:89:13:3c:e9:77:3c:20:8c:02:
                    5c:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:2A:56:62:99:D7:D2:B1:C3:E7:DA:66:0D:20:97:03:C6:0B:71:51
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:a9:6c:3f:ba:0a:80:d4:20:94:d6:12:f3:83:3c:e4:c8:3a:
         24:54:df:1b:39:fb:89:70:28:67:27:11:ea:c6:f8:15:ee:30:
         68:38:f7:cc:c4:aa:47:31:0b:9d:87:71:74:5c:9b:65:27:bb:
         9d:1c:3b:19:8e:27:44:50:f9:ab:ca:d1:11:c5:0b:cd:42:f8:
         a7:b8:cf:6f:f6:a5:97:85:7c:d3:6f:eb:a4:80:22:2a:ea:f9:
         ea:14:2a:c2:e9:18:ca:fc:11:46:4e:a5:9b:a8:5c:ba:ce:9a:
         67:35:5b:cd:e2:56:3d:40:26:83:08:10:4a:b6:29:d9:6c:a8:
         95:2c:6f:d5:a3:73:1f:af:7a:01:0f:df:c9:5b:a7:aa:42:b6:
         d1:65:d0:04:15:2e:10:e3:99:05:02:ac:5c:31:14:ca:1e:c9:
         07:c4:47:8c:99:d9:3a:4e:04:83:a0:6e:43:17:51:ac:06:b4:
         59:cc:5e:27:09:5f:91:b8:f6:10:1f:df:d0:0f:d3:39:0e:f3:
         d8:85:bc:27:af:78:87:2c:4a:91:10:06:f5:c8:2e:1b:f0:c0:
         6a:2a:05:e6:b7:02:c4:07:0f:26:1b:08:f1:18:63:6d:e6:ad:
         26:83:15:9b:b0:60:ed:e0:bb:3f:c4:a2:eb:6d:74:36:dd:4b:
         1d:cc:cc:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh6UkSUcYIPwuceibzD2h3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjUwODA1MTMwMTA4WhcNMjUwODA2MTMwMTA4WjAzMTEwLwYDVQQD
EygyZDJhNTY2Mjk5ZDdkMmIxYzNlN2RhNjYwZDIwOTcwM2M2MGI3MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5njzVz/P8xzO8I+xXgCkNWeaU9+
VFkOhdufbt2qSiyktck9gC7/L39D2HB+NwqKl3wXYgE6S9ucVuRWng0670N97oXS
Hems5xxl4nK7wlyTFc1D9BeQVKdS+wMKTt31a/Fvh4jBUJAYPiOrRSaKAr/7ux5Z
qICro4AzxbHWnw7FYkjAy1FzvMWNNTJm2nCpkIOTLgVE17PjX774eYuldrkbu5fY
uhU7dJmcGveluS4naC5RzSbYNyPIuUvTN88ZLr0rNNQSIjNj2FUtkD86FI1SzUm6
5U97ifzEGu6P6RHdXaDhKsUq8KUoPRLIho298/bFLIqJEzzpdzwgjAJcOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0qVmKZ19Kxw+faZg0glwPGC3FRMB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXalsP7oK
gNQglNYS84M85Mg6JFTfGzn7iXAoZycR6sb4Fe4waDj3zMSqRzELnYdxdFybZSe7
nRw7GY4nRFD5q8rREcULzUL4p7jPb/all4V802/rpIAiKur56hQqwukYyvwRRk6l
m6hcus6aZzVbzeJWPUAmgwgQSrYp2WyolSxv1aNzH696AQ/fyVunqkK20WXQBBUu
EOOZBQKsXDEUyh7JB8RHjJnZOk4Eg6BuQxdRrAa0WcxeJwlfkbj2EB/f0A/TOQ7z
2IW8J694hyxKkRAG9cguG/DAaioF5rcCxAcPJhsI8RhjbeatJoMVm7Bg7eC7P8Si
6210Nt1LHczMMg==
-----END CERTIFICATE-----