Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4721ac-c4fd-46af-9a91-40ae9247cc64/1/KhSRXif4v0Bcz8qUtsUwvU0-VMA.mft
File:                     KhSRXif4v0Bcz8qUtsUwvU0-VMA.mft (raw, json)
Hash identifier:          Ag4owiivSlQbtfM3KtWFATQm5BNkvWbEZNYYr9gE4mk=
Subject key identifier:   D2:D7:B5:73:BC:DE:A8:2B:A6:EB:4D:2F:C0:BE:BE:FD:73:BB:5E:C6
Authority key identifier: 2A:14:91:5E:27:F8:BF:40:5C:CF:CA:94:B6:C5:30:BD:4D:3E:54:C0
Certificate issuer:       /CN=2a14915e27f8bf405ccfca94b6c530bd4d3e54c0
Certificate serial:       0198A23CA7965915F1104EF57240A2E1FBBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KhSRXif4v0Bcz8qUtsUwvU0-VMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/4721ac-c4fd-46af-9a91-40ae9247cc64/1/KhSRXif4v0Bcz8qUtsUwvU0-VMA.mft
Manifest number:          0864
Signing time:             Wed 13 Aug 2025 07:02:20 +0000
Manifest this update:     Wed 13 Aug 2025 07:02:20 +0000
Manifest next update:     Thu 14 Aug 2025 07:02:20 +0000
Files and hashes:         1: KhSRXif4v0Bcz8qUtsUwvU0-VMA.crl (hash: fjgXFPb6e5nZ8uJ3TKlJQZkUoQgVzqXAu5XDymutOx0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/4721ac-c4fd-46af-9a91-40ae9247cc64/1/KhSRXif4v0Bcz8qUtsUwvU0-VMA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/4721ac-c4fd-46af-9a91-40ae9247cc64/1/KhSRXif4v0Bcz8qUtsUwvU0-VMA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KhSRXif4v0Bcz8qUtsUwvU0-VMA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 14 Aug 2025 07:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a2:3c:a7:96:59:15:f1:10:4e:f5:72:40:a2:e1:fb:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a14915e27f8bf405ccfca94b6c530bd4d3e54c0
        Validity
            Not Before: Aug 13 07:02:20 2025 GMT
            Not After : Aug 14 07:02:20 2025 GMT
        Subject: CN=d2d7b573bcdea82ba6eb4d2fc0bebefd73bb5ec6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:08:f2:de:8f:48:3d:44:a7:49:64:79:00:8d:
                    71:76:27:f7:ee:c5:57:ae:f7:b5:03:23:31:a8:1c:
                    9f:3f:a0:bd:cc:7c:cf:a1:f1:9f:80:8f:9a:17:14:
                    36:fa:c3:91:38:17:3a:49:c6:ee:9d:7b:0f:a1:f7:
                    40:a7:17:62:a9:43:7f:c7:93:28:60:75:bf:ff:3d:
                    77:ba:12:3c:0d:eb:f5:ea:72:c2:d9:62:f4:be:8c:
                    c4:42:6d:56:02:a6:cf:07:07:ff:11:ec:fe:3e:eb:
                    23:e0:23:01:8d:cd:d6:9d:9f:05:53:6e:b1:ee:e5:
                    8a:7a:b3:95:f1:d1:df:ec:41:1e:e6:b4:7a:11:96:
                    31:b2:50:4b:29:25:fa:a4:72:bf:d3:94:9c:b6:df:
                    01:dc:9b:a1:0c:c5:34:bf:f5:fc:17:d8:ea:b5:a1:
                    24:da:58:f5:40:9a:07:03:c9:d8:0f:48:ba:cb:04:
                    96:2f:55:86:67:93:26:4b:cf:d1:0b:a6:2f:bb:ed:
                    88:7e:b1:a2:f6:31:16:5b:46:e9:15:e6:b5:b9:ea:
                    55:7d:f7:be:73:ba:22:8a:f3:17:84:7a:d0:94:5c:
                    dc:ad:06:5f:5f:01:fb:b8:aa:00:93:f1:a1:75:00:
                    00:3f:62:8c:0b:58:23:9b:7b:d3:e3:bf:36:64:46:
                    43:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:D7:B5:73:BC:DE:A8:2B:A6:EB:4D:2F:C0:BE:BE:FD:73:BB:5E:C6
            X509v3 Authority Key Identifier:
                keyid:2A:14:91:5E:27:F8:BF:40:5C:CF:CA:94:B6:C5:30:BD:4D:3E:54:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhSRXif4v0Bcz8qUtsUwvU0-VMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4721ac-c4fd-46af-9a91-40ae9247cc64/1/KhSRXif4v0Bcz8qUtsUwvU0-VMA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4721ac-c4fd-46af-9a91-40ae9247cc64/1/KhSRXif4v0Bcz8qUtsUwvU0-VMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:5f:2e:22:12:2f:15:08:0a:d6:26:a5:58:8c:dd:ce:ed:b8:
         5e:0c:ba:b7:54:d2:6f:31:4f:d9:1d:bd:21:4f:4f:c4:ff:24:
         e9:35:c8:6b:e5:68:92:0c:91:18:b5:18:47:6b:04:be:23:ed:
         c3:8b:d3:b4:ae:12:9b:10:64:0e:85:22:b7:5e:d0:10:5d:7f:
         c1:1d:2f:ed:3a:99:06:ed:76:8d:76:df:e8:c1:4e:32:56:32:
         d3:2b:e3:32:40:ae:08:0e:4e:77:d3:36:1b:4a:5b:6d:d1:db:
         cd:13:d8:f7:6b:56:b3:9b:21:ba:6a:70:8e:db:9f:e0:20:1b:
         11:43:cd:b1:77:9e:4c:b3:35:55:c8:89:77:40:7c:60:28:03:
         0e:3b:c4:a6:ca:24:a1:57:b3:b0:75:24:c3:1e:00:4b:24:44:
         e7:0b:b2:40:18:5e:d2:98:90:14:6b:0d:33:3c:ae:1a:e4:6e:
         48:d3:2c:b6:23:f9:a4:46:d2:29:ae:e5:e6:da:33:23:0d:6c:
         fd:80:b5:d8:24:7e:0e:60:d3:c2:a1:00:6c:ac:e2:33:80:fc:
         8c:3d:f0:93:a6:5e:2a:64:19:b1:4a:23:f4:a7:67:63:b5:07:
         57:de:80:d5:51:bf:8b:96:40:22:69:f3:5e:3e:89:13:70:b2:
         cb:b7:bb:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiiPKeWWRXxEE71ckCi4fu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTQ5MTVlMjdmOGJmNDA1Y2NmY2E5NGI2YzUzMGJkNGQz
ZTU0YzAwHhcNMjUwODEzMDcwMjIwWhcNMjUwODE0MDcwMjIwWjAzMTEwLwYDVQQD
EyhkMmQ3YjU3M2JjZGVhODJiYTZlYjRkMmZjMGJlYmVmZDczYmI1ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwjy3o9IPUSnSWR5AI1xdif37sVX
rve1AyMxqByfP6C9zHzPofGfgI+aFxQ2+sOROBc6ScbunXsPofdApxdiqUN/x5Mo
YHW//z13uhI8Dev16nLC2WL0vozEQm1WAqbPBwf/Eez+Pusj4CMBjc3WnZ8FU26x
7uWKerOV8dHf7EEe5rR6EZYxslBLKSX6pHK/05Sctt8B3JuhDMU0v/X8F9jqtaEk
2lj1QJoHA8nYD0i6ywSWL1WGZ5MmS8/RC6Yvu+2IfrGi9jEWW0bpFea1uepVffe+
c7oiivMXhHrQlFzcrQZfXwH7uKoAk/GhdQAAP2KMC1gjm3vT4782ZEZD3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLXtXO83qgrputNL8C+vv1zu17GMB8GA1UdIwQY
MBaAFCoUkV4n+L9AXM/KlLbFML1NPlTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hTUlhpZjR2MEJjejhxVXRzVXd2VTAtVk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80NzIxYWMtYzRmZC00NmFmLTlhOTEt
NDBhZTkyNDdjYzY0LzEvS2hTUlhpZjR2MEJjejhxVXRzVXd2VTAtVk1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80NzIxYWMtYzRmZC00NmFmLTlhOTEtNDBhZTkyNDdjYzY0
LzEvS2hTUlhpZjR2MEJjejhxVXRzVXd2VTAtVk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb18uIhIv
FQgK1ialWIzdzu24Xgy6t1TSbzFP2R29IU9PxP8k6TXIa+VokgyRGLUYR2sEviPt
w4vTtK4SmxBkDoUit17QEF1/wR0v7TqZBu12jXbf6MFOMlYy0yvjMkCuCA5Od9M2
G0pbbdHbzRPY92tWs5shumpwjtuf4CAbEUPNsXeeTLM1VciJd0B8YCgDDjvEpsok
oVezsHUkwx4ASyRE5wuyQBhe0piQFGsNMzyuGuRuSNMstiP5pEbSKa7l5tozIw1s
/YC12CR+DmDTwqEAbKziM4D8jD3wk6ZeKmQZsUoj9KdnY7UHV96A1VG/i5ZAImnz
Xj6JE3Cyy7e7YQ==
-----END CERTIFICATE-----