Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
File:                     KMWxDr1MOSkgFDB-h_prHJtCFn0.mft (raw, json)
Hash identifier:          lmMe4Le6wWeWCgVLnxsGwUT3KwAOJlrHHHOmjBp4SMk=
Subject key identifier:   C1:68:6D:6C:B3:6D:AE:C8:78:BA:E8:B4:86:F8:D0:20:A9:61:EA:BD
Authority key identifier: 28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D
Certificate issuer:       /CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
Certificate serial:       019873E1DCE8F678EEF0524C162B62D97AB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
Manifest number:          06B6
Signing time:             Mon 04 Aug 2025 07:00:38 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:38 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:38 +0000
Files and hashes:         1: KMWxDr1MOSkgFDB-h_prHJtCFn0.crl (hash: j5MB+XNyCDWaXebjb/Ir1y7+yIX6n+V21FrfeMXnUCw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e1:dc:e8:f6:78:ee:f0:52:4c:16:2b:62:d9:7a:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
        Validity
            Not Before: Aug  4 07:00:38 2025 GMT
            Not After : Aug  5 07:00:38 2025 GMT
        Subject: CN=c1686d6cb36daec878bae8b486f8d020a961eabd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:fe:b9:9a:8f:6a:7e:44:df:3e:5c:c0:29:73:
                    66:9c:01:09:7b:da:47:f4:24:21:b2:0e:74:19:b8:
                    ca:f0:49:5e:c0:06:18:2d:22:27:9a:93:ad:ff:10:
                    8e:cc:a3:99:15:ab:a1:f5:28:cb:ef:76:eb:a7:9c:
                    d6:17:63:c2:f9:17:93:a9:4a:a5:6f:b8:48:81:7d:
                    4d:34:e7:1e:69:d1:1b:22:ea:f2:94:b6:08:79:83:
                    20:e9:42:27:69:63:e2:97:41:6c:45:33:9c:7d:50:
                    aa:7a:96:d6:47:ff:e5:f0:77:6b:e4:7f:a1:65:29:
                    9e:6d:b5:31:60:db:b9:e3:22:27:aa:09:33:2a:ed:
                    32:ea:a9:cb:19:2d:99:8a:90:97:25:9e:68:3c:0d:
                    18:15:c7:09:3e:b2:72:12:a6:11:ea:62:92:a6:3b:
                    5d:ed:cb:b9:cb:ea:ac:52:f8:1f:79:c1:45:b8:38:
                    af:4f:e6:e9:04:74:41:1d:45:d6:bb:1b:28:07:25:
                    82:66:24:98:ac:db:07:8b:be:da:e4:8c:82:34:fe:
                    47:76:62:4c:fd:5d:13:3d:98:42:a4:92:80:59:6c:
                    8a:31:89:90:96:0e:c7:99:51:13:3a:9f:99:7e:45:
                    cd:33:8f:1d:59:93:9d:1a:89:a2:44:b7:ff:c5:23:
                    9e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:68:6D:6C:B3:6D:AE:C8:78:BA:E8:B4:86:F8:D0:20:A9:61:EA:BD
            X509v3 Authority Key Identifier:
                keyid:28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:90:03:ab:c4:aa:3a:ba:08:d0:2f:6b:67:34:e9:8c:c0:47:
         8a:3c:76:a7:2b:97:0b:68:8d:62:b7:74:12:fa:09:82:35:a2:
         13:04:fc:97:72:af:c3:e7:13:d6:8a:f0:82:7d:c0:d2:c3:b4:
         b0:2f:f2:67:80:6c:47:b4:8c:d5:a8:ff:cd:14:6f:73:24:0c:
         66:9d:85:83:3f:d5:b5:3f:f2:a9:ff:4e:2f:4c:8d:b1:e3:79:
         c6:96:fa:b4:90:ce:81:55:dd:8f:ef:48:b4:dd:96:ff:8a:b8:
         79:4c:fc:85:ee:a8:37:63:1c:e3:26:c2:d9:5d:89:c9:b0:2b:
         c1:26:1c:62:00:0f:fd:c8:86:d9:0a:2c:b2:33:09:1b:93:c9:
         d1:f4:6f:63:9d:c0:66:ad:dc:1e:cb:09:46:95:8f:9d:f9:88:
         5c:9a:bb:5d:10:4f:48:b0:ce:7e:2c:70:45:5c:63:6a:16:40:
         61:00:cd:b1:19:55:f5:eb:f4:3f:fd:8f:ae:9e:7c:a8:5e:9d:
         b7:83:58:92:79:0d:63:bc:4b:73:61:b7:76:a7:f1:3e:3a:7f:
         0c:68:02:ab:3b:87:73:2d:70:f8:72:66:62:5a:02:6f:c8:64:
         6b:61:8c:1b:6a:74:25:29:7a:d1:c6:b5:6e:bb:a8:14:3c:85:
         9a:d4:5e:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4dzo9nju8FJMFiti2Xq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzViMTBlYmQ0YzM5MjkyMDE0MzA3ZTg3ZmE2YjFjOWI0
MjE2N2QwHhcNMjUwODA0MDcwMDM4WhcNMjUwODA1MDcwMDM4WjAzMTEwLwYDVQQD
EyhjMTY4NmQ2Y2IzNmRhZWM4NzhiYWU4YjQ4NmY4ZDAyMGE5NjFlYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP65mo9qfkTfPlzAKXNmnAEJe9pH
9CQhsg50GbjK8ElewAYYLSInmpOt/xCOzKOZFauh9SjL73brp5zWF2PC+ReTqUql
b7hIgX1NNOceadEbIurylLYIeYMg6UInaWPil0FsRTOcfVCqepbWR//l8Hdr5H+h
ZSmebbUxYNu54yInqgkzKu0y6qnLGS2ZipCXJZ5oPA0YFccJPrJyEqYR6mKSpjtd
7cu5y+qsUvgfecFFuDivT+bpBHRBHUXWuxsoByWCZiSYrNsHi77a5IyCNP5HdmJM
/V0TPZhCpJKAWWyKMYmQlg7HmVETOp+ZfkXNM48dWZOdGomiRLf/xSOeOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMFobWyzba7IeLrotIb40CCpYeq9MB8GA1UdIwQY
MBaAFCjFsQ69TDkpIBQwfof6axybQhZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2Mt
YTYyOWQxOTc2ZWEzLzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2MtYTYyOWQxOTc2ZWEz
LzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnpADq8Sq
OroI0C9rZzTpjMBHijx2pyuXC2iNYrd0EvoJgjWiEwT8l3Kvw+cT1orwgn3A0sO0
sC/yZ4BsR7SM1aj/zRRvcyQMZp2Fgz/VtT/yqf9OL0yNseN5xpb6tJDOgVXdj+9I
tN2W/4q4eUz8he6oN2Mc4ybC2V2JybArwSYcYgAP/ciG2QossjMJG5PJ0fRvY53A
Zq3cHssJRpWPnfmIXJq7XRBPSLDOfixwRVxjahZAYQDNsRlV9ev0P/2Prp58qF6d
t4NYknkNY7xLc2G3dqfxPjp/DGgCqzuHcy1w+HJmYloCb8hka2GMG2p0JSl60ca1
bruoFDyFmtReyg==
-----END CERTIFICATE-----