Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          CJi+kbFxcQZvkqGWeeUo6DgQQVQe54iO2lOgtmRIsMY=
Subject key identifier:   C5:22:BB:07:EB:B5:88:62:CF:0A:85:94:86:34:34:31:BF:A6:5E:5C
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       019874BD791FAE1351162FF63875C0A539D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0B9D
Signing time:             Mon 04 Aug 2025 11:00:30 +0000
Manifest this update:     Mon 04 Aug 2025 11:00:30 +0000
Manifest next update:     Tue 05 Aug 2025 11:00:30 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: lFoiSpnGsvEaunJSbYDIAAzuF1icSW9GCKH54+uNDLA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 11:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:bd:79:1f:ae:13:51:16:2f:f6:38:75:c0:a5:39:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Aug  4 11:00:30 2025 GMT
            Not After : Aug  5 11:00:30 2025 GMT
        Subject: CN=c522bb07ebb58862cf0a859486343431bfa65e5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:b7:95:4a:37:78:af:58:bd:67:03:0f:5c:a5:
                    b8:bc:47:7b:34:c1:f5:d6:b1:5b:73:50:c7:95:5e:
                    1a:60:81:3e:af:79:2c:79:04:34:65:01:ec:bc:37:
                    ba:c5:84:f6:17:98:69:9c:d2:3f:51:41:b4:f1:14:
                    d8:b9:1b:27:33:95:04:48:06:83:98:47:bb:bd:31:
                    80:83:5c:ca:e4:ba:37:31:8c:33:9f:e1:f2:fe:82:
                    29:85:7b:d4:d3:ff:e2:70:44:7b:19:a1:18:21:bb:
                    d4:48:b6:43:16:1f:98:6e:d1:5d:34:c4:fc:32:98:
                    4e:0c:85:2a:61:77:1f:30:03:f3:fb:61:ee:53:ef:
                    16:e0:30:49:05:4e:52:b5:15:fa:08:5a:35:b4:cf:
                    62:b4:dd:fe:3c:fa:81:38:4a:de:dc:a2:d1:0b:35:
                    93:cb:54:1c:74:8b:54:7c:28:48:df:ba:32:8e:64:
                    de:12:dc:fd:12:f2:cc:dd:36:2c:31:9c:31:87:54:
                    c7:cb:c7:5c:22:d8:dc:da:27:0a:90:0a:b3:bc:73:
                    6c:e3:94:95:8c:bd:a0:f4:4b:50:f2:f0:32:49:4d:
                    af:9c:88:5e:28:da:44:22:a8:8f:6d:8d:54:f0:93:
                    61:27:33:0f:24:10:40:e5:46:a5:1c:9b:2c:14:6b:
                    ed:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:22:BB:07:EB:B5:88:62:CF:0A:85:94:86:34:34:31:BF:A6:5E:5C
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:0c:36:ed:20:7b:be:3c:86:f5:04:70:70:14:80:38:be:6f:
         9d:ed:47:9c:3e:38:10:49:bd:15:24:09:e1:ac:bd:d1:3e:50:
         1d:90:a8:91:b4:13:ba:b2:45:30:fc:0d:c4:0a:d3:7e:91:95:
         cb:7a:7a:d5:43:85:85:3e:be:90:fa:a5:f9:68:39:86:e0:fe:
         0b:24:cc:e9:dd:67:35:e9:e7:a4:88:58:4a:2d:69:c2:42:28:
         24:55:f1:00:d8:91:34:d4:19:ba:8a:a1:72:2c:2f:e3:54:a7:
         43:8a:89:64:5d:0e:9e:1d:1b:2e:68:0d:52:6e:fe:ea:58:92:
         7d:56:e8:f9:05:36:18:2c:b3:a1:d9:55:2b:61:23:9a:67:22:
         87:9a:1c:bb:db:4c:f2:4b:8d:1e:eb:5b:d7:bd:8d:61:a2:c1:
         c7:74:cc:7e:59:e0:3c:a6:b6:51:45:ba:4c:2a:01:f5:3f:d4:
         67:76:fc:bf:d8:c0:d2:05:e6:0c:9b:3c:0c:11:1e:36:8d:d2:
         5f:93:32:49:a0:1c:eb:3c:bb:ea:c4:09:92:67:e5:a4:75:82:
         a9:01:6b:ed:94:cf:f8:63:e3:8b:90:51:3f:08:d4:b0:5e:57:
         74:71:b1:30:5e:df:4f:13:86:67:49:d2:c5:8e:43:8a:5a:13:
         36:90:c6:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0vXkfrhNRFi/2OHXApTnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUwODA0MTEwMDMwWhcNMjUwODA1MTEwMDMwWjAzMTEwLwYDVQQD
EyhjNTIyYmIwN2ViYjU4ODYyY2YwYTg1OTQ4NjM0MzQzMWJmYTY1ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLeVSjd4r1i9ZwMPXKW4vEd7NMH1
1rFbc1DHlV4aYIE+r3kseQQ0ZQHsvDe6xYT2F5hpnNI/UUG08RTYuRsnM5UESAaD
mEe7vTGAg1zK5Lo3MYwzn+Hy/oIphXvU0//icER7GaEYIbvUSLZDFh+YbtFdNMT8
MphODIUqYXcfMAPz+2HuU+8W4DBJBU5StRX6CFo1tM9itN3+PPqBOEre3KLRCzWT
y1QcdItUfChI37oyjmTeEtz9EvLM3TYsMZwxh1THy8dcItjc2icKkAqzvHNs45SV
jL2g9EtQ8vAySU2vnIheKNpEIqiPbY1U8JNhJzMPJBBA5UalHJssFGvtNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUiuwfrtYhizwqFlIY0NDG/pl5cMB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkgw27SB7
vjyG9QRwcBSAOL5vne1HnD44EEm9FSQJ4ay90T5QHZCokbQTurJFMPwNxArTfpGV
y3p61UOFhT6+kPql+Wg5huD+CyTM6d1nNennpIhYSi1pwkIoJFXxANiRNNQZuoqh
ciwv41SnQ4qJZF0Onh0bLmgNUm7+6liSfVbo+QU2GCyzodlVK2Ejmmcih5ocu9tM
8kuNHutb172NYaLBx3TMflngPKa2UUW6TCoB9T/UZ3b8v9jA0gXmDJs8DBEeNo3S
X5MySaAc6zy76sQJkmflpHWCqQFr7ZTP+GPji5BRPwjUsF5XdHGxMF7fTxOGZ0nS
xY5DiloTNpDGzA==
-----END CERTIFICATE-----