Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          AcK07TQSUy8lIEFAACX1YKpbxD8Jj4Br+HZmcP0cvfg=
Subject key identifier:   63:BA:B5:73:C3:AD:F8:09:E2:9C:9A:E3:44:45:B0:A4:E7:45:03:05
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       01989F3A49BF4AEF732BDC27CDAFFBD3372A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0D86
Signing time:             Tue 12 Aug 2025 17:00:53 +0000
Manifest this update:     Tue 12 Aug 2025 17:00:53 +0000
Manifest next update:     Wed 13 Aug 2025 17:00:53 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: WGiECY6unz8J397gnmMURx3JloS5vQTjcmNjgZ5pvRA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 17:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:9f:3a:49:bf:4a:ef:73:2b:dc:27:cd:af:fb:d3:37:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Aug 12 17:00:53 2025 GMT
            Not After : Aug 13 17:00:53 2025 GMT
        Subject: CN=63bab573c3adf809e29c9ae34445b0a4e7450305
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:eb:ac:df:2d:4c:1b:04:a2:5b:f7:43:fd:93:
                    12:8e:f8:e5:61:23:f1:6d:57:09:51:16:cb:9e:ff:
                    09:93:ab:a0:13:2f:1c:9f:80:9f:54:76:82:b9:e2:
                    82:e0:eb:ca:c4:ab:74:85:ad:2d:18:36:a7:1b:8e:
                    d3:f1:0d:bb:fb:e8:31:7a:2a:0d:de:e7:07:4e:ce:
                    3c:8a:bd:b6:89:1c:56:12:8c:65:0b:66:96:3f:70:
                    ab:6b:11:bf:08:73:61:e6:79:3e:a1:c0:ec:5d:5b:
                    d6:ec:24:a1:32:8b:47:21:2c:9d:9d:28:84:fb:02:
                    97:29:a5:49:6a:15:e9:8a:bc:d8:4a:c3:46:15:30:
                    a9:9d:48:3e:59:57:9b:f6:c1:03:3f:7d:21:0b:7d:
                    b9:4c:64:bb:90:cc:d2:66:41:2c:33:7f:5b:92:a7:
                    10:aa:70:b7:fa:31:66:ed:c9:c7:7e:d8:e4:10:c4:
                    c9:52:f6:c7:a8:d4:ff:08:21:af:03:65:15:e4:74:
                    ee:36:9b:a8:09:3e:e1:18:3f:41:b1:09:a7:da:9c:
                    81:be:02:58:48:0e:45:b5:4f:81:60:f5:8d:11:11:
                    5a:95:6e:5c:0a:27:97:2a:2d:b9:8a:20:84:a4:3a:
                    7e:ca:6b:f9:fd:cc:26:17:67:9e:c5:75:4e:ce:bf:
                    b4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:BA:B5:73:C3:AD:F8:09:E2:9C:9A:E3:44:45:B0:A4:E7:45:03:05
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:11:e2:f9:46:72:17:6a:35:e6:73:21:9a:92:87:e4:41:bd:
         47:b1:9c:0f:e8:18:39:7a:2d:dc:fb:93:63:7a:17:54:76:fc:
         57:fc:49:05:e7:86:35:39:7a:b3:c9:8f:d8:ea:22:71:3c:e0:
         59:c5:85:07:e6:81:d4:17:d8:e7:91:15:9b:a2:1d:fc:9a:ec:
         d9:03:32:f0:34:db:a7:39:75:62:3a:1d:14:29:5f:32:94:6b:
         59:7e:e5:f2:dc:26:59:ce:26:69:f3:c9:7c:2e:bb:5a:66:c4:
         a8:53:10:66:30:b6:a2:a6:fe:80:8a:7b:aa:66:50:50:b3:35:
         d0:3a:63:00:f5:4e:c9:18:62:32:ba:99:0b:f5:8a:4e:34:17:
         c7:43:4c:80:47:fe:1c:62:b1:6c:0d:7f:84:e4:7f:b0:cd:3e:
         61:06:35:2d:2d:43:ae:dc:02:d5:bb:d6:2f:03:68:dc:c6:49:
         ad:cf:62:70:08:1c:a4:90:69:15:cd:3d:be:99:8a:39:20:11:
         0b:12:f9:64:66:07:aa:ab:1a:a1:f5:ae:f9:8d:6d:ed:99:00:
         3f:91:f4:d1:1e:62:fa:1f:7a:fd:79:2d:84:2f:a2:9b:3b:90:
         13:ad:78:74:22:8a:3e:38:1c:aa:ce:fc:3a:1b:7a:cf:93:7d:
         74:1f:d4:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZifOkm/Su9zK9wnza/70zcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUwODEyMTcwMDUzWhcNMjUwODEzMTcwMDUzWjAzMTEwLwYDVQQD
Eyg2M2JhYjU3M2MzYWRmODA5ZTI5YzlhZTM0NDQ1YjBhNGU3NDUwMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+us3y1MGwSiW/dD/ZMSjvjlYSPx
bVcJURbLnv8Jk6ugEy8cn4CfVHaCueKC4OvKxKt0ha0tGDanG47T8Q27++gxeioN
3ucHTs48ir22iRxWEoxlC2aWP3CraxG/CHNh5nk+ocDsXVvW7CShMotHISydnSiE
+wKXKaVJahXpirzYSsNGFTCpnUg+WVeb9sEDP30hC325TGS7kMzSZkEsM39bkqcQ
qnC3+jFm7cnHftjkEMTJUvbHqNT/CCGvA2UV5HTuNpuoCT7hGD9BsQmn2pyBvgJY
SA5FtU+BYPWNERFalW5cCieXKi25iiCEpDp+ymv5/cwmF2eexXVOzr+0RwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGO6tXPDrfgJ4pya40RFsKTnRQMFMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbBHi+UZy
F2o15nMhmpKH5EG9R7GcD+gYOXot3PuTY3oXVHb8V/xJBeeGNTl6s8mP2OoicTzg
WcWFB+aB1BfY55EVm6Id/Jrs2QMy8DTbpzl1YjodFClfMpRrWX7l8twmWc4mafPJ
fC67WmbEqFMQZjC2oqb+gIp7qmZQULM10DpjAPVOyRhiMrqZC/WKTjQXx0NMgEf+
HGKxbA1/hOR/sM0+YQY1LS1DrtwC1bvWLwNo3MZJrc9icAgcpJBpFc09vpmKOSAR
CxL5ZGYHqqsaofWu+Y1t7ZkAP5H00R5i+h96/XkthC+imzuQE614dCKKPjgcqs78
Oht6z5N9dB/UVQ==
-----END CERTIFICATE-----