Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          /C/mNGcpxyHlIlPc46h2srsWFg/V40HjvNW8OhfChCk=
Subject key identifier:   E6:32:93:EE:70:72:E0:36:5C:D6:B2:80:BE:E4:B9:E6:22:45:66:72
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       01968F9504C3A6F7374B91F8DAA38AA7331B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          1519
Signing time:             Fri 02 May 2025 06:00:29 +0000
Manifest this update:     Fri 02 May 2025 06:00:29 +0000
Manifest next update:     Sat 03 May 2025 06:00:29 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: E2YSZyYLUVC5Z+ih2k/96NjRngCTeN/Df/bi45bQA3o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8f:95:04:c3:a6:f7:37:4b:91:f8:da:a3:8a:a7:33:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: May  2 06:00:29 2025 GMT
            Not After : May  3 06:00:29 2025 GMT
        Subject: CN=e63293ee7072e0365cd6b280bee4b9e622456672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:b6:03:12:63:e2:aa:5f:2d:d9:aa:20:63:31:
                    e9:ca:5e:10:23:f6:45:5f:0e:7b:41:b1:6f:54:42:
                    50:db:73:10:a4:19:d9:60:52:f8:b4:9a:ff:38:20:
                    9b:b2:e4:46:66:2a:e9:91:f3:f8:50:cb:a3:e1:a4:
                    de:a0:2b:aa:e4:7c:8c:49:a2:57:87:a2:cf:ed:8a:
                    30:74:61:3d:36:c2:45:f0:b0:51:38:fa:5e:a9:4f:
                    6a:07:1b:8e:e5:7e:f2:3b:02:20:4c:48:64:c1:01:
                    11:ff:87:9a:7e:d7:1b:33:59:4c:7e:5a:27:de:bb:
                    50:57:d2:b4:e1:08:31:0c:df:79:5f:44:11:2c:cf:
                    37:2f:4e:08:f3:44:bb:44:42:2e:c1:b2:74:d3:29:
                    03:12:02:22:c4:5c:66:98:a3:52:2e:41:14:8c:06:
                    9a:ba:3e:f9:d9:8e:10:93:dc:c2:d4:36:b0:61:c3:
                    2a:15:50:bd:6c:14:7b:a0:f8:de:e2:76:bb:8b:d5:
                    83:2b:e7:4a:93:1a:a8:72:6d:4c:da:40:fc:c2:78:
                    40:0c:f4:a8:ed:d0:b6:96:35:e9:6d:57:49:93:c4:
                    c3:ad:67:e0:6d:ba:5c:2d:76:44:82:03:17:1e:0c:
                    6d:5d:66:06:32:c1:4d:8d:af:30:73:11:60:36:19:
                    ab:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:32:93:EE:70:72:E0:36:5C:D6:B2:80:BE:E4:B9:E6:22:45:66:72
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d3:c4:a6:0c:55:2d:65:8d:4b:41:a2:f9:eb:bb:ee:d3:e9:71:
         d8:3f:42:85:91:89:8c:9e:f8:66:f8:ba:9d:36:04:12:10:5c:
         25:57:75:b6:99:b5:1a:4b:ba:c4:fb:1a:99:f7:29:57:40:10:
         cf:15:21:f3:8b:29:23:9d:07:7e:c4:6f:57:b2:15:8b:3a:bc:
         cc:71:ca:68:f0:5d:d1:32:e3:40:88:c4:60:5e:a1:e7:6e:1e:
         e0:fd:20:15:4c:d0:e3:68:24:68:21:af:18:a0:a8:a8:fe:c2:
         36:e8:fb:93:15:11:dd:fc:a0:dd:00:15:3d:57:0e:ae:10:59:
         03:ad:4c:d7:e8:62:da:19:8a:2a:96:f8:09:6c:89:99:11:76:
         da:d1:ca:4a:d4:f6:b6:dd:fc:06:27:db:b8:2c:34:ee:a8:1b:
         b5:8e:f5:b5:27:b8:79:1d:a8:5c:d2:ee:0c:1d:fc:70:a7:6d:
         eb:6c:52:df:15:a0:bc:f3:50:ac:16:6b:ba:6a:c9:ad:c5:3f:
         e1:f4:b2:00:dd:03:cb:df:e9:b1:88:5a:15:cd:75:4e:1a:26:
         84:3e:bb:54:3a:55:46:bd:b7:bf:bd:a8:47:bd:cb:fc:e6:c3:
         c0:18:62:4e:29:9b:4f:f9:98:22:ad:8d:04:30:57:e7:4f:26:
         73:3e:7f:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaPlQTDpvc3S5H42qOKpzMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjUwNTAyMDYwMDI5WhcNMjUwNTAzMDYwMDI5WjAzMTEwLwYDVQQD
EyhlNjMyOTNlZTcwNzJlMDM2NWNkNmIyODBiZWU0YjllNjIyNDU2NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbYDEmPiql8t2aogYzHpyl4QI/ZF
Xw57QbFvVEJQ23MQpBnZYFL4tJr/OCCbsuRGZirpkfP4UMuj4aTeoCuq5HyMSaJX
h6LP7YowdGE9NsJF8LBROPpeqU9qBxuO5X7yOwIgTEhkwQER/4eaftcbM1lMflon
3rtQV9K04QgxDN95X0QRLM83L04I80S7REIuwbJ00ykDEgIixFxmmKNSLkEUjAaa
uj752Y4Qk9zC1DawYcMqFVC9bBR7oPje4na7i9WDK+dKkxqocm1M2kD8wnhADPSo
7dC2ljXpbVdJk8TDrWfgbbpcLXZEggMXHgxtXWYGMsFNja8wcxFgNhmrzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOYyk+5wcuA2XNaygL7kueYiRWZyMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA08SmDFUt
ZY1LQaL567vu0+lx2D9ChZGJjJ74Zvi6nTYEEhBcJVd1tpm1Gku6xPsamfcpV0AQ
zxUh84spI50HfsRvV7IVizq8zHHKaPBd0TLjQIjEYF6h524e4P0gFUzQ42gkaCGv
GKCoqP7CNuj7kxUR3fyg3QAVPVcOrhBZA61M1+hi2hmKKpb4CWyJmRF22tHKStT2
tt38BifbuCw07qgbtY71tSe4eR2oXNLuDB38cKdt62xS3xWgvPNQrBZrumrJrcU/
4fSyAN0Dy9/psYhaFc11ThomhD67VDpVRr23v72oR73L/ObDwBhiTimbT/mYIq2N
BDBX508mcz5/7w==
-----END CERTIFICATE-----