Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          lXAZIAL/k80iu0+w+aCC5VBNfpY+Qtxhiji9HMS4sJk=
Subject key identifier:   27:91:D5:E9:89:66:86:B0:E2:30:AE:B4:2F:7A:29:39:0D:11:2D:7F
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       01976C2ADCB4FA1DB3EEFCA2648A12AED967
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          0673
Signing time:             Sat 14 Jun 2025 02:00:37 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:37 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:37 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: yG5LuvGOywB/W8GxGbOAUFBJfUnAMlMq9ACC8dpvM6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:dc:b4:fa:1d:b3:ee:fc:a2:64:8a:12:ae:d9:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Jun 14 02:00:37 2025 GMT
            Not After : Jun 15 02:00:37 2025 GMT
        Subject: CN=2791d5e9896686b0e230aeb42f7a29390d112d7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:42:2b:42:f8:01:76:d3:0a:d1:6e:cc:dd:0d:
                    4b:f1:c4:21:d8:fb:9a:77:54:29:55:2e:09:64:d9:
                    c2:7e:8d:af:b7:de:41:ee:c4:f0:7b:6c:bb:d6:8c:
                    b8:3a:c7:04:56:07:c4:cf:47:5b:44:84:fd:54:14:
                    6c:32:bd:a2:b0:18:c8:c8:e1:be:53:e9:28:8f:f5:
                    9f:e4:58:de:8f:af:68:aa:72:7b:c6:c8:55:e5:a1:
                    0a:65:72:d6:1c:41:14:bb:0b:d8:b9:12:bc:64:88:
                    3d:c3:4b:15:f6:7c:21:16:28:0a:1d:84:e6:c3:d2:
                    12:f4:97:4e:e9:43:8c:95:06:b0:c1:83:f2:fc:a9:
                    da:6a:dd:9c:12:14:3c:43:c7:81:1c:e3:a8:9c:5f:
                    5c:20:91:66:99:f2:0c:8c:5d:ba:ff:6b:ad:11:93:
                    b8:83:1b:13:c1:8b:4b:61:ca:0f:6a:df:9d:48:76:
                    3c:f9:44:db:93:9b:3a:ac:3d:f0:42:e9:24:1f:19:
                    0e:8a:58:48:12:4a:1a:33:40:43:6c:98:62:96:f9:
                    4f:0e:8f:4e:c7:e6:79:80:2b:22:28:05:d5:0a:cf:
                    3b:93:7d:82:37:a7:04:00:27:bd:bf:1f:90:01:5c:
                    4c:d9:03:e5:b6:c4:af:ae:4a:59:35:13:d6:0d:16:
                    30:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:91:D5:E9:89:66:86:B0:E2:30:AE:B4:2F:7A:29:39:0D:11:2D:7F
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:92:39:12:51:8c:1b:f9:f4:d7:22:59:39:95:df:37:eb:3a:
         33:11:2a:92:fc:fa:a8:ce:95:49:95:2a:eb:25:eb:91:0f:5c:
         28:e8:cb:b1:21:c1:1c:da:b0:26:07:3d:00:d2:1d:84:92:55:
         49:2c:6b:89:a6:b8:0f:c2:b5:7f:fe:80:a0:05:d4:59:0d:53:
         d2:4e:54:6f:f7:35:9f:22:d0:a8:f9:ff:67:59:f6:57:5b:ca:
         e5:2e:6d:0f:6b:27:c4:11:73:85:eb:43:ff:16:75:2a:70:0d:
         e6:67:66:9a:54:2a:62:c1:65:2e:40:b8:1e:f9:a6:8f:e1:70:
         56:f3:5e:8a:34:9e:7d:31:f1:bf:54:27:26:d3:33:b6:02:ac:
         c1:94:b4:7d:a3:79:22:0d:a4:fb:de:7a:11:ff:73:99:33:be:
         db:06:d5:36:c2:16:a2:7c:84:25:31:77:b2:c9:17:7c:d0:32:
         82:6d:92:d1:7c:c8:49:e6:e5:8d:af:d1:82:1b:f2:15:54:ec:
         7a:0b:7d:0d:cc:5d:86:06:10:fd:02:23:e7:99:f7:50:55:dc:
         14:0b:f9:98:7b:13:b9:eb:67:e0:95:d3:93:20:83:28:38:44:
         10:2e:6d:9e:f5:74:c0:13:7c:61:73:63:64:11:1d:95:bc:fc:
         17:5b:db:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKty0+h2z7vyiZIoSrtlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjUwNjE0MDIwMDM3WhcNMjUwNjE1MDIwMDM3WjAzMTEwLwYDVQQD
EygyNzkxZDVlOTg5NjY4NmIwZTIzMGFlYjQyZjdhMjkzOTBkMTEyZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0IrQvgBdtMK0W7M3Q1L8cQh2Pua
d1QpVS4JZNnCfo2vt95B7sTwe2y71oy4OscEVgfEz0dbRIT9VBRsMr2isBjIyOG+
U+koj/Wf5Fjej69oqnJ7xshV5aEKZXLWHEEUuwvYuRK8ZIg9w0sV9nwhFigKHYTm
w9IS9JdO6UOMlQawwYPy/Knaat2cEhQ8Q8eBHOOonF9cIJFmmfIMjF26/2utEZO4
gxsTwYtLYcoPat+dSHY8+UTbk5s6rD3wQukkHxkOilhIEkoaM0BDbJhilvlPDo9O
x+Z5gCsiKAXVCs87k32CN6cEACe9vx+QAVxM2QPltsSvrkpZNRPWDRYw7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeR1emJZoaw4jCutC96KTkNES1/MB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJJI5ElGM
G/n01yJZOZXfN+s6MxEqkvz6qM6VSZUq6yXrkQ9cKOjLsSHBHNqwJgc9ANIdhJJV
SSxriaa4D8K1f/6AoAXUWQ1T0k5Ub/c1nyLQqPn/Z1n2V1vK5S5tD2snxBFzhetD
/xZ1KnAN5mdmmlQqYsFlLkC4Hvmmj+FwVvNeijSefTHxv1QnJtMztgKswZS0faN5
Ig2k+956Ef9zmTO+2wbVNsIWonyEJTF3sskXfNAygm2S0XzISeblja/RghvyFVTs
egt9DcxdhgYQ/QIj55n3UFXcFAv5mHsTuetn4JXTkyCDKDhEEC5tnvV0wBN8YXNj
ZBEdlbz8F1vb9A==
-----END CERTIFICATE-----