Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
File:                     KMWxDr1MOSkgFDB-h_prHJtCFn0.mft (raw, json)
Hash identifier:          sGTk7ki9hlgpXnq99CBUHmc4M1ev/BycC9ImvRfO1DY=
Subject key identifier:   A1:ED:C8:54:FB:F4:54:E5:40:0C:62:60:DA:36:A7:62:D6:9F:A1:49
Authority key identifier: 28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D
Certificate issuer:       /CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
Certificate serial:       019677FAC4413F173D66564E8775754D4D3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
Manifest number:          05AF
Signing time:             Sun 27 Apr 2025 16:00:44 +0000
Manifest this update:     Sun 27 Apr 2025 16:00:44 +0000
Manifest next update:     Mon 28 Apr 2025 16:00:44 +0000
Files and hashes:         1: KMWxDr1MOSkgFDB-h_prHJtCFn0.crl (hash: P+UN1UEEWG1yl4Vx5YYaJ61/WBcjns9AmTRE3aYc5k8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 14:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:fa:c4:41:3f:17:3d:66:56:4e:87:75:75:4d:4d:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
        Validity
            Not Before: Apr 27 16:00:44 2025 GMT
            Not After : Apr 28 16:00:44 2025 GMT
        Subject: CN=a1edc854fbf454e5400c6260da36a762d69fa149
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b2:e9:53:ac:bd:30:93:eb:6b:f4:a1:2a:a3:
                    90:26:77:42:e8:1c:39:e4:5e:ff:c4:ed:93:1c:c5:
                    10:68:d3:86:96:97:04:46:bd:7e:44:a1:e0:91:75:
                    5c:8e:00:ce:a9:b5:67:0a:93:50:c1:db:e4:32:de:
                    97:33:5e:0a:82:1e:8b:2c:d9:ff:ee:50:e7:ab:cc:
                    0c:ca:dd:e2:06:d5:71:f7:c3:29:80:7a:23:fd:b4:
                    dd:68:cf:48:08:4a:2c:11:c5:28:c6:35:14:0e:bc:
                    a9:49:a5:90:16:31:18:f5:e0:ac:b9:d3:fa:30:d6:
                    18:d9:21:67:71:8c:a6:8f:db:2d:b9:3b:7c:c4:5d:
                    a9:8b:c2:43:de:70:1e:1f:97:93:ef:8f:72:23:a9:
                    1d:cd:b2:f5:35:a3:14:f9:96:12:3c:62:5d:92:da:
                    fe:d2:9d:85:f9:3b:42:2e:d3:d7:80:65:d4:69:fb:
                    5f:2d:56:31:f1:f4:87:9b:a0:ae:86:02:18:27:d7:
                    fb:b0:51:0b:bd:33:ed:0d:7b:88:10:b3:04:51:ec:
                    fa:19:df:38:58:2a:5f:06:fc:ec:a7:b9:f4:04:64:
                    36:b9:74:f5:d4:69:ac:88:8d:b0:14:8a:36:be:ea:
                    3b:7d:36:9c:70:17:e8:d5:f5:7c:69:dd:d2:a9:87:
                    a0:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:ED:C8:54:FB:F4:54:E5:40:0C:62:60:DA:36:A7:62:D6:9F:A1:49
            X509v3 Authority Key Identifier:
                keyid:28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:73:9b:6a:6d:89:b3:11:44:15:7c:15:f9:84:49:fe:d1:07:
         61:5e:b5:54:d0:fc:85:7c:bc:b8:27:ea:a3:5a:ef:7b:25:da:
         61:a4:ce:a2:d9:23:2d:23:4a:24:45:8e:ae:d6:ac:16:98:89:
         52:fd:de:94:48:0d:e7:5a:e6:7e:ad:5d:cb:35:1f:9d:96:b9:
         44:3d:b2:b7:bd:3d:04:23:15:81:23:ae:3c:d3:27:f5:db:8a:
         ce:8e:60:97:3b:2b:4c:95:c9:bf:25:bc:90:a7:c6:bc:0a:dd:
         c6:01:10:39:cf:5f:ab:c0:b3:5a:d8:04:9d:6e:dd:0d:fe:27:
         24:41:c7:5a:4a:13:fb:3f:2b:b3:e1:09:1d:cc:fc:70:31:b9:
         f6:9a:37:80:62:bf:e4:9d:01:d6:0d:e2:09:07:8c:f1:0b:61:
         0d:ef:51:ea:6c:d2:c0:3c:90:05:73:af:f9:8b:77:e0:87:5c:
         74:43:79:8d:04:41:f2:78:8f:a7:16:47:74:5c:3d:8b:93:ca:
         34:54:89:4b:f7:e1:9c:c6:37:57:6d:d7:58:fb:73:af:14:b0:
         43:ee:96:69:59:87:37:66:dc:1b:cd:35:9b:97:9d:4b:60:6e:
         ab:3c:93:d6:e2:1b:b5:c6:39:8c:00:d5:26:c3:5e:19:5f:95:
         e3:e9:4e:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3+sRBPxc9ZlZOh3V1TU0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzViMTBlYmQ0YzM5MjkyMDE0MzA3ZTg3ZmE2YjFjOWI0
MjE2N2QwHhcNMjUwNDI3MTYwMDQ0WhcNMjUwNDI4MTYwMDQ0WjAzMTEwLwYDVQQD
EyhhMWVkYzg1NGZiZjQ1NGU1NDAwYzYyNjBkYTM2YTc2MmQ2OWZhMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrLpU6y9MJPra/ShKqOQJndC6Bw5
5F7/xO2THMUQaNOGlpcERr1+RKHgkXVcjgDOqbVnCpNQwdvkMt6XM14Kgh6LLNn/
7lDnq8wMyt3iBtVx98MpgHoj/bTdaM9ICEosEcUoxjUUDrypSaWQFjEY9eCsudP6
MNYY2SFncYymj9stuTt8xF2pi8JD3nAeH5eT749yI6kdzbL1NaMU+ZYSPGJdktr+
0p2F+TtCLtPXgGXUaftfLVYx8fSHm6CuhgIYJ9f7sFELvTPtDXuIELMEUez6Gd84
WCpfBvzsp7n0BGQ2uXT11GmsiI2wFIo2vuo7fTaccBfo1fV8ad3SqYegaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHtyFT79FTlQAxiYNo2p2LWn6FJMB8GA1UdIwQY
MBaAFCjFsQ69TDkpIBQwfof6axybQhZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2Mt
YTYyOWQxOTc2ZWEzLzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2MtYTYyOWQxOTc2ZWEz
LzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFnObam2J
sxFEFXwV+YRJ/tEHYV61VND8hXy8uCfqo1rveyXaYaTOotkjLSNKJEWOrtasFpiJ
Uv3elEgN51rmfq1dyzUfnZa5RD2yt709BCMVgSOuPNMn9duKzo5glzsrTJXJvyW8
kKfGvArdxgEQOc9fq8CzWtgEnW7dDf4nJEHHWkoT+z8rs+EJHcz8cDG59po3gGK/
5J0B1g3iCQeM8QthDe9R6mzSwDyQBXOv+Yt34IdcdEN5jQRB8niPpxZHdFw9i5PK
NFSJS/fhnMY3V23XWPtzrxSwQ+6WaVmHN2bcG801m5edS2BuqzyT1uIbtcY5jADV
JsNeGV+V4+lO0A==
-----END CERTIFICATE-----