Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          E6Hhw5iQqozP2eus74DAed6uf+QYWys3LT9XWi8O0RI=
Subject key identifier:   E1:FB:C4:72:2B:8F:9F:B7:53:85:FC:2C:10:82:33:82:5F:0A:71:34
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       01976C2AB9B203BB48CBE10BEEC8F21330C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0B14
Signing time:             Sat 14 Jun 2025 02:00:28 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:28 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:28 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: wOsdX4iAaWYxaJK0tajAyv9STYkLitZXfP46L9qN+kM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:b9:b2:03:bb:48:cb:e1:0b:ee:c8:f2:13:30:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Jun 14 02:00:28 2025 GMT
            Not After : Jun 15 02:00:28 2025 GMT
        Subject: CN=e1fbc4722b8f9fb75385fc2c108233825f0a7134
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d2:35:24:b0:57:b7:91:32:d8:e4:2c:ba:6b:
                    76:88:0c:ce:05:82:06:bd:db:8d:b5:35:57:ee:dd:
                    70:bd:2f:2c:94:25:d1:f3:28:a1:ed:ca:c3:15:81:
                    f4:89:18:4c:32:5a:d6:f6:71:45:8b:9f:81:5f:ad:
                    ac:3c:cf:4a:fa:ae:52:68:69:8b:cc:cb:d3:bd:05:
                    0d:4a:19:4b:47:1a:1e:a3:8e:fe:b2:9c:55:81:ce:
                    a9:75:6a:27:83:9a:bf:4f:62:d6:79:cb:fb:45:48:
                    b0:79:dc:6b:e7:f8:e5:71:e9:98:1e:fe:a5:2d:df:
                    3d:48:2c:61:58:4e:92:21:a6:b7:4d:40:1a:22:24:
                    0a:8e:02:54:12:7f:53:e2:c3:71:b5:17:b1:a6:b7:
                    bb:da:8e:61:50:7c:a2:a1:4e:6c:02:06:96:25:83:
                    f0:01:56:64:74:35:11:96:1a:10:12:68:55:b0:6e:
                    3b:41:d6:fd:80:5c:c1:fd:c6:8a:1c:9f:33:01:c1:
                    18:45:3a:56:5d:b5:9a:2a:13:11:4e:99:10:4e:16:
                    c7:a4:73:2b:c8:27:52:89:d4:31:bb:c8:8c:1b:75:
                    48:de:ab:b5:18:e1:19:4a:98:37:16:cc:a7:e0:f2:
                    46:f2:ff:41:4e:88:af:9a:60:70:3d:60:36:41:90:
                    2d:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:FB:C4:72:2B:8F:9F:B7:53:85:FC:2C:10:82:33:82:5F:0A:71:34
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:fe:0c:79:7f:02:57:9a:05:c8:98:f9:08:e7:46:b1:86:7e:
         18:2a:6b:f0:a3:da:d5:29:25:2b:bd:15:14:ca:cf:3f:f9:b0:
         c9:77:19:80:c8:05:fc:16:b8:d5:57:8b:d7:7b:01:cc:c7:38:
         ee:0b:50:6c:62:c8:c0:6b:6c:b4:1c:f6:42:5e:a9:77:35:ee:
         10:1a:cd:d8:3b:6c:13:b0:2d:bc:11:1f:65:2f:8b:99:25:56:
         14:45:b3:05:08:fc:02:8b:d5:8d:15:d5:55:08:48:1f:af:16:
         97:39:3f:6a:78:e2:28:2e:63:8f:7e:f0:16:9c:d2:76:c8:dd:
         b9:63:46:13:a5:e4:38:9a:c4:fc:c8:70:a4:de:fe:a8:39:21:
         2c:7e:64:dc:a7:a1:e7:4a:81:74:b8:3b:01:0b:6d:7a:57:2e:
         c6:49:eb:8f:54:ea:6b:98:aa:48:27:39:34:61:d3:47:54:b6:
         e6:91:e0:83:02:fa:00:0e:d2:c1:f9:30:4f:05:19:88:9d:6c:
         c5:92:4b:42:55:ef:6e:39:41:47:e8:10:0f:6a:80:32:00:39:
         6f:3c:e2:ec:aa:79:d7:3b:ff:46:02:c2:de:bd:70:40:29:52:
         05:ce:c5:28:12:2c:d1:3f:2e:18:e5:6e:69:b6:c2:e1:a6:a9:
         1c:dc:2d:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKrmyA7tIy+EL7sjyEzDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUwNjE0MDIwMDI4WhcNMjUwNjE1MDIwMDI4WjAzMTEwLwYDVQQD
EyhlMWZiYzQ3MjJiOGY5ZmI3NTM4NWZjMmMxMDgyMzM4MjVmMGE3MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9I1JLBXt5Ey2OQsumt2iAzOBYIG
vduNtTVX7t1wvS8slCXR8yih7crDFYH0iRhMMlrW9nFFi5+BX62sPM9K+q5SaGmL
zMvTvQUNShlLRxoeo47+spxVgc6pdWong5q/T2LWecv7RUiwedxr5/jlcemYHv6l
Ld89SCxhWE6SIaa3TUAaIiQKjgJUEn9T4sNxtRexpre72o5hUHyioU5sAgaWJYPw
AVZkdDURlhoQEmhVsG47Qdb9gFzB/caKHJ8zAcEYRTpWXbWaKhMRTpkQThbHpHMr
yCdSidQxu8iMG3VI3qu1GOEZSpg3Fsyn4PJG8v9BToivmmBwPWA2QZAtfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOH7xHIrj5+3U4X8LBCCM4JfCnE0MB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATf4MeX8C
V5oFyJj5COdGsYZ+GCpr8KPa1SklK70VFMrPP/mwyXcZgMgF/Ba41VeL13sBzMc4
7gtQbGLIwGtstBz2Ql6pdzXuEBrN2DtsE7AtvBEfZS+LmSVWFEWzBQj8AovVjRXV
VQhIH68Wlzk/anjiKC5jj37wFpzSdsjduWNGE6XkOJrE/MhwpN7+qDkhLH5k3Keh
50qBdLg7AQttelcuxknrj1Tqa5iqSCc5NGHTR1S25pHggwL6AA7SwfkwTwUZiJ1s
xZJLQlXvbjlBR+gQD2qAMgA5bzzi7Kp51zv/RgLC3r1wQClSBc7FKBIs0T8uGOVu
abbC4aapHNwtiw==
-----END CERTIFICATE-----