Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          a5av47f/y7BlbIhvr5v0mCdGx33EFkd2dgDwwKKCUKo=
Subject key identifier:   E2:4B:0C:70:D6:AB:A9:E4:F9:F1:CC:B9:E7:14:81:D2:D7:50:39:59
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       0198914843EA6B464681AA93300984A60A62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          0235
Signing time:             Sun 10 Aug 2025 00:01:28 +0000
Manifest this update:     Sun 10 Aug 2025 00:01:28 +0000
Manifest next update:     Mon 11 Aug 2025 00:01:28 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: Vz4GX7MT96zD/pl93BzZBorcj3iHekkBXJeCrEba8i4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:91:48:43:ea:6b:46:46:81:aa:93:30:09:84:a6:0a:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Aug 10 00:01:28 2025 GMT
            Not After : Aug 11 00:01:28 2025 GMT
        Subject: CN=e24b0c70d6aba9e4f9f1ccb9e71481d2d7503959
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:49:cb:f4:40:0b:54:55:6e:98:99:e9:30:91:
                    d2:62:30:9c:41:dd:94:fe:ae:29:fa:3f:7c:fe:95:
                    4f:50:f3:61:ec:a7:49:0f:11:2b:d6:1e:6d:a7:53:
                    3b:99:85:c7:b3:d0:00:09:f2:1a:69:f5:51:49:43:
                    6e:72:f1:53:aa:26:eb:4a:f0:3b:27:6f:f0:71:99:
                    c7:87:fe:de:0b:e7:aa:e3:82:c1:80:b7:59:b6:91:
                    3d:7e:9e:0b:e0:ca:8f:2b:c6:14:d1:f6:1a:e8:24:
                    6d:d2:83:33:8b:c2:b7:f5:f9:7a:fc:52:cd:f2:ca:
                    47:e9:23:4b:91:0f:82:6d:3e:11:e7:f3:79:0e:68:
                    e5:64:bf:af:b5:00:81:20:9e:f2:89:c5:09:df:14:
                    34:32:f2:2b:3e:b8:fe:ae:55:f8:ab:44:35:8c:bf:
                    ac:57:5e:ab:b3:14:2d:d2:4e:16:2d:ec:6b:c7:3b:
                    37:1d:28:e6:32:c4:63:b2:f4:9d:d3:b0:cc:e3:76:
                    32:fa:35:52:ba:ed:73:c6:5b:c5:a6:6a:eb:ab:52:
                    1c:3b:73:0d:21:41:c0:5d:ce:55:bf:14:28:3c:05:
                    fa:d3:68:46:4c:d7:a5:1e:7a:7b:f0:4b:89:2a:de:
                    49:94:b7:d7:ff:66:b3:6e:97:e6:7a:f5:73:f7:9c:
                    bd:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:4B:0C:70:D6:AB:A9:E4:F9:F1:CC:B9:E7:14:81:D2:D7:50:39:59
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:fc:d7:da:ed:01:a9:e3:f3:15:01:8a:80:ac:26:89:e8:f0:
         ce:71:cb:19:46:8e:19:37:ce:a7:f7:b1:26:e6:b2:93:00:02:
         78:09:42:f8:91:b2:2d:47:2e:3c:9a:9d:57:a5:ac:5a:97:cf:
         12:2c:10:8a:86:a6:7d:2c:35:da:b1:6e:70:fc:bb:46:3d:6b:
         c6:17:31:c2:39:3c:aa:7d:c8:51:7b:8c:94:49:5c:cc:ab:a8:
         46:27:38:41:9a:08:2e:ec:9a:e4:e8:2f:8e:fe:56:2d:bf:b9:
         59:98:e0:fe:7a:f3:db:94:3d:c6:4c:e4:63:8b:9e:f0:84:e8:
         9c:55:50:f1:18:ec:3c:e7:fc:3d:72:1f:3c:2d:6f:53:b7:3d:
         5c:b4:08:b3:6c:90:46:81:f2:e8:9b:1c:51:f1:3d:05:30:17:
         48:d2:ee:8b:dd:4e:58:57:d0:84:24:d1:00:0f:95:49:75:e7:
         6f:cf:63:9b:09:79:ce:47:92:6f:2f:76:6b:e7:8c:b6:e5:ab:
         e8:67:79:ac:73:eb:4c:fe:80:ff:0a:34:6b:c3:7e:07:fa:e5:
         7b:76:47:d1:7e:4b:53:f5:67:12:f0:ed:2b:99:36:b1:1a:16:
         c7:9d:28:4b:15:38:9f:12:63:25:b4:f2:90:54:1d:86:3f:e7:
         67:35:99:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiRSEPqa0ZGgaqTMAmEpgpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjUwODEwMDAwMTI4WhcNMjUwODExMDAwMTI4WjAzMTEwLwYDVQQD
EyhlMjRiMGM3MGQ2YWJhOWU0ZjlmMWNjYjllNzE0ODFkMmQ3NTAzOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0nL9EALVFVumJnpMJHSYjCcQd2U
/q4p+j98/pVPUPNh7KdJDxEr1h5tp1M7mYXHs9AACfIaafVRSUNucvFTqibrSvA7
J2/wcZnHh/7eC+eq44LBgLdZtpE9fp4L4MqPK8YU0fYa6CRt0oMzi8K39fl6/FLN
8spH6SNLkQ+CbT4R5/N5DmjlZL+vtQCBIJ7yicUJ3xQ0MvIrPrj+rlX4q0Q1jL+s
V16rsxQt0k4WLexrxzs3HSjmMsRjsvSd07DM43Yy+jVSuu1zxlvFpmrrq1IcO3MN
IUHAXc5VvxQoPAX602hGTNelHnp78EuJKt5JlLfX/2azbpfmevVz95y9eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJLDHDWq6nk+fHMuecUgdLXUDlZMB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYfzX2u0B
qePzFQGKgKwmiejwznHLGUaOGTfOp/exJuaykwACeAlC+JGyLUcuPJqdV6WsWpfP
EiwQioamfSw12rFucPy7Rj1rxhcxwjk8qn3IUXuMlElczKuoRic4QZoILuya5Ogv
jv5WLb+5WZjg/nrz25Q9xkzkY4ue8ITonFVQ8RjsPOf8PXIfPC1vU7c9XLQIs2yQ
RoHy6JscUfE9BTAXSNLui91OWFfQhCTRAA+VSXXnb89jmwl5zkeSby92a+eMtuWr
6Gd5rHPrTP6A/wo0a8N+B/rle3ZH0X5LU/VnEvDtK5k2sRoWx50oSxU4nxJjJbTy
kFQdhj/nZzWZHw==
-----END CERTIFICATE-----