Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
File:                     KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft (raw, json)
Hash identifier:          CBRnMfg/XQrs/hORxzTN6hxBw0budIvXL9knt4cubRQ=
Subject key identifier:   B4:1A:35:B6:5E:FB:7E:9E:AB:29:BE:D3:D0:48:3A:E4:60:10:25:7D
Authority key identifier: 28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6
Certificate issuer:       /CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
Certificate serial:       0196851146E46DA314BB7F1DA7F4DBEEC17C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
Manifest number:          08A9
Signing time:             Wed 30 Apr 2025 05:00:24 +0000
Manifest this update:     Wed 30 Apr 2025 05:00:24 +0000
Manifest next update:     Thu 01 May 2025 05:00:24 +0000
Files and hashes:         1: KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl (hash: HkLz4v4x71ghbod8u3dij/MKxoHOwJZ6gt7CUUepyX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:85:11:46:e4:6d:a3:14:bb:7f:1d:a7:f4:db:ee:c1:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
        Validity
            Not Before: Apr 30 05:00:24 2025 GMT
            Not After : May  1 05:00:24 2025 GMT
        Subject: CN=b41a35b65efb7e9eab29bed3d0483ae46010257d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c4:08:22:17:22:2f:2f:35:c9:c4:d1:2e:b7:
                    8e:0a:c6:cd:04:5b:cc:50:8f:cf:ca:c5:c7:da:e8:
                    03:bf:08:7e:6e:1a:ae:1c:ca:1d:25:82:2c:f5:18:
                    79:47:92:08:4b:ab:aa:f6:0e:5e:c5:48:af:21:60:
                    c4:4a:74:7d:4c:e8:29:88:f0:b4:2f:4a:1f:1a:46:
                    5e:a4:1c:9c:24:84:7e:71:5b:8c:b7:04:0b:6d:0e:
                    40:b9:b1:82:09:9f:27:62:65:be:77:9d:31:54:ac:
                    64:09:78:bd:24:33:46:16:6f:a4:e7:62:26:59:b8:
                    e1:c3:87:7a:47:05:4a:98:29:fe:ee:33:02:2a:b9:
                    d1:c3:72:b9:5e:17:51:77:78:0b:20:f3:57:c3:a4:
                    ac:31:3c:88:a1:8b:f7:65:11:f6:84:84:2c:fc:6c:
                    e8:ad:ae:67:ed:3a:99:1d:0f:5a:96:b3:a3:8b:c9:
                    0a:36:0d:82:3e:75:b0:c6:72:f2:c9:2d:70:4c:23:
                    62:e6:5d:ff:25:66:5e:a0:8b:32:f5:c0:6a:6e:dd:
                    55:c8:2d:ff:0f:0b:a0:12:d9:5f:f1:1d:76:83:e6:
                    87:b9:9f:9d:f2:55:d8:71:de:fc:54:2e:26:f3:41:
                    d9:6b:e8:5a:45:36:84:18:86:8f:36:cd:db:b1:10:
                    6e:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:1A:35:B6:5E:FB:7E:9E:AB:29:BE:D3:D0:48:3A:E4:60:10:25:7D
            X509v3 Authority Key Identifier:
                keyid:28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:26:d3:d3:89:fa:00:d3:96:11:50:67:d5:26:22:0f:1c:f3:
         1f:02:08:df:63:98:5a:ff:7d:6d:db:42:52:d5:73:42:3a:9a:
         42:53:c1:19:da:e3:05:5c:64:8e:51:31:1c:90:66:64:48:21:
         92:a8:1f:2d:15:10:aa:1f:a2:3f:e9:d6:46:30:13:b3:3a:c2:
         e3:21:31:b7:f3:7d:9b:37:7a:00:70:09:27:0e:a5:0b:a2:6f:
         e2:28:0e:d3:5a:5b:6e:a0:e5:7c:fb:0e:57:a6:b3:c7:1c:5b:
         e8:ed:87:8d:10:c7:c6:5e:b8:d9:37:9b:35:9d:3a:6b:1b:5f:
         82:99:85:70:90:0d:41:8b:b9:bf:25:e7:39:af:62:e3:ec:30:
         ab:34:62:20:e8:79:2b:ef:1c:21:43:9b:4d:f3:92:e2:5b:af:
         04:c3:73:67:01:9c:ae:f4:65:46:76:9d:7f:a4:5e:90:43:f9:
         c2:6c:b4:22:0e:0c:12:bc:a7:f5:60:6c:62:53:38:bc:cc:5e:
         06:e0:43:ee:50:2f:e3:86:f9:c3:64:bc:1a:48:08:10:f8:d3:
         0d:fa:b9:48:3a:10:30:d7:74:c1:e6:e1:8a:a8:6a:7b:83:76:
         77:b4:3b:64:e4:27:5f:56:1a:61:a6:2c:e2:46:56:3b:ba:b3:
         4a:94:df:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaFEUbkbaMUu38dp/Tb7sF8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MWE3ZjA3YmU1YzMxMzhjYjQzYzJjMThiMjlhYTU0Njg1
NDRiYTYwHhcNMjUwNDMwMDUwMDI0WhcNMjUwNTAxMDUwMDI0WjAzMTEwLwYDVQQD
EyhiNDFhMzViNjVlZmI3ZTllYWIyOWJlZDNkMDQ4M2FlNDYwMTAyNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8QIIhciLy81ycTRLreOCsbNBFvM
UI/PysXH2ugDvwh+bhquHModJYIs9Rh5R5IIS6uq9g5exUivIWDESnR9TOgpiPC0
L0ofGkZepBycJIR+cVuMtwQLbQ5AubGCCZ8nYmW+d50xVKxkCXi9JDNGFm+k52Im
Wbjhw4d6RwVKmCn+7jMCKrnRw3K5XhdRd3gLIPNXw6SsMTyIoYv3ZRH2hIQs/Gzo
ra5n7TqZHQ9alrOji8kKNg2CPnWwxnLyyS1wTCNi5l3/JWZeoIsy9cBqbt1VyC3/
DwugEtlf8R12g+aHuZ+d8lXYcd78VC4m80HZa+haRTaEGIaPNs3bsRBu1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLQaNbZe+36eqym+09BIOuRgECV9MB8GA1UdIwQY
MBaAFCgafwe+XDE4y0PCwYspqlRoVEumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQt
NTJjY2Y2NWJkNjdiLzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQtNTJjY2Y2NWJkNjdi
LzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABibT04n6
ANOWEVBn1SYiDxzzHwII32OYWv99bdtCUtVzQjqaQlPBGdrjBVxkjlExHJBmZEgh
kqgfLRUQqh+iP+nWRjATszrC4yExt/N9mzd6AHAJJw6lC6Jv4igO01pbbqDlfPsO
V6azxxxb6O2HjRDHxl642TebNZ06axtfgpmFcJANQYu5vyXnOa9i4+wwqzRiIOh5
K+8cIUObTfOS4luvBMNzZwGcrvRlRnadf6RekEP5wmy0Ig4MEryn9WBsYlM4vMxe
BuBD7lAv44b5w2S8GkgIEPjTDfq5SDoQMNd0webhiqhqe4N2d7Q7ZOQnX1YaYaYs
4kZWO7qzSpTfHw==
-----END CERTIFICATE-----