Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
File:                     KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft (raw, json)
Hash identifier:          yZb18cg563MgD5ovq+SCfXofm5nCO0/tAv5m2Ahodp4=
Subject key identifier:   DD:09:7F:E7:4F:B3:CF:B0:3C:EB:56:35:5E:C6:6F:CD:B0:BC:03:18
Authority key identifier: 29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0
Certificate issuer:       /CN=293bc3a5749733104f7b9cc0512dade136d70ad0
Certificate serial:       019679E980EADFC8A66455F6BB584E3A1900
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
Manifest number:          150E
Signing time:             Mon 28 Apr 2025 01:01:08 +0000
Manifest this update:     Mon 28 Apr 2025 01:01:08 +0000
Manifest next update:     Tue 29 Apr 2025 01:01:08 +0000
Files and hashes:         1: KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl (hash: kz2pbI5/elJnxquhDpxzZL4p8xmGt0tlfpdfM9wvIrE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:79:e9:80:ea:df:c8:a6:64:55:f6:bb:58:4e:3a:19:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=293bc3a5749733104f7b9cc0512dade136d70ad0
        Validity
            Not Before: Apr 28 01:01:08 2025 GMT
            Not After : Apr 29 01:01:08 2025 GMT
        Subject: CN=dd097fe74fb3cfb03ceb56355ec66fcdb0bc0318
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:41:24:c8:f9:74:54:c0:a0:ff:95:8e:1e:48:
                    fa:7d:7c:50:46:32:8d:c0:82:a1:f9:7a:62:83:1d:
                    1e:31:70:03:8b:05:c7:45:bb:84:df:a6:00:b9:f7:
                    5c:78:bb:de:ba:31:a2:a8:52:b8:80:da:14:b1:66:
                    ba:8d:0c:e8:05:c6:1c:f9:1b:af:ec:d1:97:96:5c:
                    48:d5:91:c5:b3:5d:14:f6:c2:88:df:53:ff:c5:04:
                    d3:5d:b9:83:0e:8a:cc:bf:e7:7e:91:00:d2:04:7d:
                    3f:48:d6:16:e1:55:7a:b5:f9:09:c0:a5:5f:a9:8b:
                    be:a4:ab:01:44:f9:a4:29:61:ba:46:32:e8:dc:17:
                    8a:01:b8:3c:37:d5:c9:77:3a:87:6c:a7:f7:25:c3:
                    38:37:09:52:69:09:89:7b:ed:4d:45:0e:6a:79:8a:
                    40:11:c4:67:de:fe:e6:6b:d0:e3:dc:40:b9:4c:71:
                    5d:25:d1:d4:d9:42:1e:e9:96:e2:6b:51:c1:74:70:
                    18:c1:eb:0a:04:ac:9f:87:13:67:a2:7b:fe:56:d4:
                    e2:cd:6d:f1:26:0d:47:7d:f4:11:3c:e6:be:aa:dd:
                    78:3b:20:c3:ad:d1:53:ab:96:75:82:c8:27:bd:34:
                    df:52:c0:5d:2e:f9:27:db:e9:2b:61:0b:c4:60:4e:
                    89:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:09:7F:E7:4F:B3:CF:B0:3C:EB:56:35:5E:C6:6F:CD:B0:BC:03:18
            X509v3 Authority Key Identifier:
                keyid:29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:2e:48:3b:81:26:57:7d:72:09:eb:60:21:dd:14:74:ef:81:
         3b:b0:e1:28:83:9b:f9:21:ef:06:d1:9a:04:0d:09:97:f9:82:
         bc:26:94:1a:43:94:80:38:da:08:ce:87:86:fe:86:a1:c6:bf:
         3a:29:72:4d:a8:f4:ce:43:3e:26:c3:9b:04:01:b0:16:f9:aa:
         7d:47:b3:51:e2:da:a3:81:50:97:7f:9c:25:74:00:ac:70:d5:
         c2:fa:1c:79:35:b3:05:d5:96:78:95:ae:a1:e7:87:6e:db:13:
         9d:c5:c8:03:0a:65:9d:75:0d:d0:cf:29:84:99:c1:bc:4d:08:
         5e:2d:d0:42:22:47:8d:dd:57:fc:03:31:02:b2:56:99:69:b8:
         6b:d6:dc:b3:50:4c:ed:fa:ed:84:b3:39:48:d3:26:68:dc:18:
         9f:ac:ea:4a:ca:85:c6:8d:74:54:07:f6:fc:84:4e:a8:1d:28:
         61:f0:ee:a4:ce:80:be:6d:0a:41:c8:4e:5d:62:a0:d7:94:ed:
         29:32:65:47:67:06:81:d3:a1:6c:ae:d5:31:b2:0f:84:28:b9:
         1e:77:4c:57:0b:3d:70:96:21:81:03:91:d3:54:77:ee:7d:5f:
         f9:3e:f1:0b:a4:c8:8a:dc:d7:80:ca:64:43:3f:89:fd:b0:9f:
         94:99:51:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ56YDq38imZFX2u1hOOhkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2JjM2E1NzQ5NzMzMTA0ZjdiOWNjMDUxMmRhZGUxMzZk
NzBhZDAwHhcNMjUwNDI4MDEwMTA4WhcNMjUwNDI5MDEwMTA4WjAzMTEwLwYDVQQD
EyhkZDA5N2ZlNzRmYjNjZmIwM2NlYjU2MzU1ZWM2NmZjZGIwYmMwMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00EkyPl0VMCg/5WOHkj6fXxQRjKN
wIKh+Xpigx0eMXADiwXHRbuE36YAufdceLveujGiqFK4gNoUsWa6jQzoBcYc+Ruv
7NGXllxI1ZHFs10U9sKI31P/xQTTXbmDDorMv+d+kQDSBH0/SNYW4VV6tfkJwKVf
qYu+pKsBRPmkKWG6RjLo3BeKAbg8N9XJdzqHbKf3JcM4NwlSaQmJe+1NRQ5qeYpA
EcRn3v7ma9Dj3EC5THFdJdHU2UIe6Zbia1HBdHAYwesKBKyfhxNnonv+VtTizW3x
Jg1HffQRPOa+qt14OyDDrdFTq5Z1gsgnvTTfUsBdLvkn2+krYQvEYE6JrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0Jf+dPs8+wPOtWNV7Gb82wvAMYMB8GA1UdIwQY
MBaAFCk7w6V0lzMQT3ucwFEtreE21wrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmIt
NjA5YTFlODYyN2ZkLzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmItNjA5YTFlODYyN2Zk
LzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhy5IO4Em
V31yCetgId0UdO+BO7DhKIOb+SHvBtGaBA0Jl/mCvCaUGkOUgDjaCM6Hhv6Goca/
OilyTaj0zkM+JsObBAGwFvmqfUezUeLao4FQl3+cJXQArHDVwvoceTWzBdWWeJWu
oeeHbtsTncXIAwplnXUN0M8phJnBvE0IXi3QQiJHjd1X/AMxArJWmWm4a9bcs1BM
7frthLM5SNMmaNwYn6zqSsqFxo10VAf2/IROqB0oYfDupM6Avm0KQchOXWKg15Tt
KTJlR2cGgdOhbK7VMbIPhCi5HndMVws9cJYhgQOR01R37n1f+T7xC6TIitzXgMpk
Qz+J/bCflJlRtw==
-----END CERTIFICATE-----