Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          Aij+muFQdDeJYK51ucLNf7gaL0P7bQcdT7BF2pgm1aM=
Subject key identifier:   A1:2E:47:1A:45:31:F5:2F:BA:9C:71:7D:00:32:68:A9:E8:0D:26:53
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       019697BC6DDF9D728EA31187F848AB00CE03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0C79
Signing time:             Sat 03 May 2025 20:00:30 +0000
Manifest this update:     Sat 03 May 2025 20:00:30 +0000
Manifest next update:     Sun 04 May 2025 20:00:30 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: 0YCOzBWe211YJZ5Fs+37WYwaSrOLSKXHOSWx5pQy49Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 04 May 2025 13:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:97:bc:6d:df:9d:72:8e:a3:11:87:f8:48:ab:00:ce:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: May  3 20:00:30 2025 GMT
            Not After : May  4 20:00:30 2025 GMT
        Subject: CN=a12e471a4531f52fba9c717d003268a9e80d2653
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:29:ab:24:d7:13:5e:bd:55:df:95:40:57:5a:
                    3e:b3:08:b2:0b:f8:a1:37:3d:32:9d:61:26:d5:74:
                    96:31:57:e9:98:c4:63:9d:74:5b:e1:7e:0a:80:6a:
                    06:fc:07:52:6c:12:84:0e:5a:9a:e1:47:94:e0:60:
                    dc:e2:aa:f6:34:f5:73:ac:3a:30:5d:98:9d:57:bc:
                    43:6d:f8:9d:11:a7:fe:ea:b1:ec:42:5b:5c:7d:fe:
                    b1:b7:e8:43:b6:8d:4f:e1:93:b0:e5:97:eb:73:c7:
                    6c:74:54:3f:3c:41:67:b6:21:2c:86:36:c9:4c:0c:
                    7d:97:07:bf:ab:29:f1:e3:7b:94:91:76:67:5e:61:
                    f4:fd:59:c5:37:f2:85:22:62:dd:ea:a9:b5:a3:91:
                    5b:77:6b:01:00:0e:47:4e:93:69:94:0e:a1:e8:8a:
                    7d:fc:c9:b0:86:50:8b:96:a0:f8:77:0e:0e:44:9c:
                    d3:7d:68:4b:09:f0:03:72:bf:de:91:df:49:89:e9:
                    b7:f6:03:15:60:84:06:d4:ee:bd:51:e9:2e:14:f0:
                    f9:f7:ea:cd:07:18:49:3b:d3:9a:62:1c:43:bd:ce:
                    a3:dc:ee:4c:28:d6:d3:84:ff:3f:58:67:07:3c:60:
                    54:f9:f4:2c:a7:c3:fd:91:29:19:c7:53:93:df:ed:
                    1d:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:2E:47:1A:45:31:F5:2F:BA:9C:71:7D:00:32:68:A9:E8:0D:26:53
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:ce:2a:87:e6:5c:fe:15:59:c2:b1:95:ff:60:39:37:b1:24:
         76:df:55:86:3f:92:7c:18:4a:1e:d0:c0:19:1a:6c:27:07:8d:
         74:7a:9e:0b:45:b3:80:24:92:57:b1:1f:d0:4a:51:a2:ed:c0:
         15:cc:4e:57:a5:75:c7:30:0b:e3:de:90:be:9d:ae:73:33:03:
         f7:2f:5d:29:dc:1a:ca:b7:b2:c2:ab:0c:e6:ea:e3:98:1f:a5:
         47:de:90:fa:95:79:ec:dd:1b:2d:a6:10:34:61:f7:e0:a5:bd:
         b7:45:69:80:d5:56:92:59:5a:87:82:7e:48:7f:b6:74:67:7e:
         af:6d:4b:f1:89:ea:1a:86:2a:45:b0:76:56:a5:fa:42:1e:86:
         d2:63:00:cc:84:de:e8:a6:c6:cd:ce:f8:fd:62:f9:7c:a7:8f:
         a8:1a:74:fe:b5:1f:02:4e:93:28:94:01:1f:1f:fd:40:ee:f2:
         92:bf:8c:35:93:42:7f:66:93:2b:c6:49:7f:7a:b9:df:fc:a4:
         da:da:f4:9e:f2:cf:ac:1a:02:ed:cd:79:eb:d1:95:2c:29:59:
         5d:6d:ea:1e:d3:2c:ee:46:6b:ac:20:42:b7:fe:e4:12:b1:56:
         56:54:96:36:fa:c8:eb:74:dc:c6:b7:da:27:ae:d3:30:8f:01:
         eb:5d:ce:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaXvG3fnXKOoxGH+EirAM4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUwNTAzMjAwMDMwWhcNMjUwNTA0MjAwMDMwWjAzMTEwLwYDVQQD
EyhhMTJlNDcxYTQ1MzFmNTJmYmE5YzcxN2QwMDMyNjhhOWU4MGQyNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSmrJNcTXr1V35VAV1o+swiyC/ih
Nz0ynWEm1XSWMVfpmMRjnXRb4X4KgGoG/AdSbBKEDlqa4UeU4GDc4qr2NPVzrDow
XZidV7xDbfidEaf+6rHsQltcff6xt+hDto1P4ZOw5Zfrc8dsdFQ/PEFntiEshjbJ
TAx9lwe/qynx43uUkXZnXmH0/VnFN/KFImLd6qm1o5Fbd2sBAA5HTpNplA6h6Ip9
/MmwhlCLlqD4dw4ORJzTfWhLCfADcr/ekd9Jiem39gMVYIQG1O69UekuFPD59+rN
BxhJO9OaYhxDvc6j3O5MKNbThP8/WGcHPGBU+fQsp8P9kSkZx1OT3+0dhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEuRxpFMfUvupxxfQAyaKnoDSZTMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXM4qh+Zc
/hVZwrGV/2A5N7Ekdt9Vhj+SfBhKHtDAGRpsJweNdHqeC0WzgCSSV7Ef0EpRou3A
FcxOV6V1xzAL496Qvp2uczMD9y9dKdwayreywqsM5urjmB+lR96Q+pV57N0bLaYQ
NGH34KW9t0VpgNVWkllah4J+SH+2dGd+r21L8YnqGoYqRbB2VqX6Qh6G0mMAzITe
6KbGzc74/WL5fKePqBp0/rUfAk6TKJQBHx/9QO7ykr+MNZNCf2aTK8ZJf3q53/yk
2tr0nvLPrBoC7c1569GVLClZXW3qHtMs7kZrrCBCt/7kErFWVlSWNvrI63Tcxrfa
J67TMI8B613OoA==
-----END CERTIFICATE-----