Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          BF8N1VQ2AFYo4RTOHd2uktC1FbDhFktUG5GKK+Nc4jc=
Subject key identifier:   C4:3A:A6:B3:4E:52:61:FA:09:A6:67:F2:4A:B1:73:F2:D8:95:34:9C
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       01976A06171D8C2C2FA5CC7610A21B85A371
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          14A4
Signing time:             Fri 13 Jun 2025 16:01:13 +0000
Manifest this update:     Fri 13 Jun 2025 16:01:13 +0000
Manifest next update:     Sat 14 Jun 2025 16:01:13 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: DEmBfiT/5a1rLnXGguau9FAW+khhE6IPihQ48/WqooQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:06:17:1d:8c:2c:2f:a5:cc:76:10:a2:1b:85:a3:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: Jun 13 16:01:13 2025 GMT
            Not After : Jun 14 16:01:13 2025 GMT
        Subject: CN=c43aa6b34e5261fa09a667f24ab173f2d895349c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:5a:d4:7a:b9:30:64:42:ce:19:f8:42:ab:63:
                    0f:40:79:5a:6d:42:4b:28:ab:68:f7:1f:48:db:c8:
                    cd:a4:4b:0e:a8:2f:62:41:46:45:e5:4e:b8:ba:e5:
                    6c:4f:cb:01:27:e8:6e:a8:bf:26:4f:ca:e2:c6:a4:
                    2c:bf:c6:bd:45:a3:2a:d1:fe:54:c5:63:d9:c8:77:
                    b1:08:45:50:f2:2f:49:8a:0f:e5:3e:62:08:e9:40:
                    38:6c:cd:11:a5:4f:a7:2f:16:1f:94:cb:ec:ce:95:
                    7d:9b:22:77:a2:44:07:98:d4:7d:f4:f8:bf:2d:50:
                    53:09:fd:1d:8a:ed:80:ea:12:9f:15:5d:84:a8:71:
                    ad:97:2e:c6:c5:d0:ba:1a:bf:54:75:6b:02:8d:78:
                    ea:32:82:63:7e:42:66:67:24:aa:66:b6:eb:cf:08:
                    ad:77:e1:15:1b:a0:39:1e:af:c5:89:d9:f7:74:b9:
                    70:5d:2c:57:14:5d:5b:1c:46:47:8e:94:32:b3:4c:
                    0e:58:f8:57:d0:50:69:51:98:9b:c6:ee:9d:ce:12:
                    79:3e:4f:22:ba:a4:35:d1:7f:fe:c8:73:9f:25:f4:
                    9a:8e:bb:28:9d:96:0e:1a:45:d0:49:4d:d7:86:07:
                    27:b0:f6:a1:af:97:77:a4:bd:04:d9:5b:87:da:9f:
                    a5:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:3A:A6:B3:4E:52:61:FA:09:A6:67:F2:4A:B1:73:F2:D8:95:34:9C
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:28:a7:b8:bf:43:3c:e4:dc:05:59:63:54:99:84:fb:ee:48:
         55:1f:f4:89:35:a1:3e:b9:6f:fa:82:f9:4d:5f:5f:7b:7d:b6:
         aa:a4:1a:a9:f7:a3:10:73:4a:34:67:26:34:90:cc:08:7d:a3:
         3c:83:56:21:ae:ad:1f:2b:86:d8:9f:af:10:72:20:13:8a:9b:
         93:11:7c:f0:f5:39:5d:1c:f6:4c:17:fe:9e:f7:27:c3:a6:51:
         ac:45:43:d8:44:72:40:3e:5f:8d:fb:bd:54:d1:31:8f:f2:ea:
         27:8b:fb:c1:b1:bd:35:e4:ff:c2:a2:c3:6d:74:35:17:50:4b:
         09:a7:41:43:60:af:54:bf:ef:47:95:5b:e7:eb:cb:07:2e:b8:
         a5:7d:e8:55:51:f4:31:d8:a7:21:d8:4c:dc:21:fc:14:8f:ed:
         18:1e:cb:f9:25:b5:64:a4:48:65:65:c5:e7:13:a0:ef:d7:33:
         86:4e:5a:1c:3f:ec:2b:13:21:30:f1:7f:73:b9:00:01:34:11:
         98:62:54:50:3c:35:a2:f9:5f:9a:0b:ce:dc:e3:26:d7:76:ed:
         57:53:3f:0c:e8:d0:56:73:25:ed:34:6e:18:b5:62:e9:72:24:
         dc:2a:87:ad:03:c6:9f:f6:7e:91:c9:ac:0b:30:fb:1c:85:1f:
         80:93:30:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBhcdjCwvpcx2EKIbhaNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjUwNjEzMTYwMTEzWhcNMjUwNjE0MTYwMTEzWjAzMTEwLwYDVQQD
EyhjNDNhYTZiMzRlNTI2MWZhMDlhNjY3ZjI0YWIxNzNmMmQ4OTUzNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1rUerkwZELOGfhCq2MPQHlabUJL
KKto9x9I28jNpEsOqC9iQUZF5U64uuVsT8sBJ+huqL8mT8rixqQsv8a9RaMq0f5U
xWPZyHexCEVQ8i9Jig/lPmII6UA4bM0RpU+nLxYflMvszpV9myJ3okQHmNR99Pi/
LVBTCf0diu2A6hKfFV2EqHGtly7GxdC6Gr9UdWsCjXjqMoJjfkJmZySqZrbrzwit
d+EVG6A5Hq/Fidn3dLlwXSxXFF1bHEZHjpQys0wOWPhX0FBpUZibxu6dzhJ5Pk8i
uqQ10X/+yHOfJfSajrsonZYOGkXQSU3XhgcnsPahr5d3pL0E2VuH2p+lawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQ6prNOUmH6CaZn8kqxc/LYlTScMB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgCinuL9D
POTcBVljVJmE++5IVR/0iTWhPrlv+oL5TV9fe322qqQaqfejEHNKNGcmNJDMCH2j
PINWIa6tHyuG2J+vEHIgE4qbkxF88PU5XRz2TBf+nvcnw6ZRrEVD2ERyQD5fjfu9
VNExj/LqJ4v7wbG9NeT/wqLDbXQ1F1BLCadBQ2CvVL/vR5Vb5+vLBy64pX3oVVH0
MdinIdhM3CH8FI/tGB7L+SW1ZKRIZWXF5xOg79czhk5aHD/sKxMhMPF/c7kAATQR
mGJUUDw1ovlfmgvO3OMm13btV1M/DOjQVnMl7TRuGLVi6XIk3CqHrQPGn/Z+kcms
CzD7HIUfgJMwiQ==
-----END CERTIFICATE-----