Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
File:                     Kksu12XR1HipbYLxJgEen7dS_Ic.mft (raw, json)
Hash identifier:          2Mr3a+OtgwM2yD+AZHoxhg1wc6M4Vzla0zNos30lhUg=
Subject key identifier:   DA:71:CE:E1:1F:53:3B:57:5F:07:B4:3C:E3:D1:F8:6A:96:57:57:7F
Authority key identifier: 2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87
Certificate issuer:       /CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87
Certificate serial:       01976C2ABDC567F24E4AFE2F4A1252FA802C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
Manifest number:          158A
Signing time:             Sat 14 Jun 2025 02:00:29 +0000
Manifest this update:     Sat 14 Jun 2025 02:00:29 +0000
Manifest next update:     Sun 15 Jun 2025 02:00:29 +0000
Files and hashes:         1: Kksu12XR1HipbYLxJgEen7dS_Ic.crl (hash: b7voiBaxzr18csUkHI4YIBPAssM8XUYorfQruKCI30U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6c:2a:bd:c5:67:f2:4e:4a:fe:2f:4a:12:52:fa:80:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87
        Validity
            Not Before: Jun 14 02:00:29 2025 GMT
            Not After : Jun 15 02:00:29 2025 GMT
        Subject: CN=da71cee11f533b575f07b43ce3d1f86a9657577f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:61:db:24:7d:12:c7:7e:ff:d4:64:58:31:0c:
                    78:43:bd:18:95:ff:5b:ce:4f:c2:bc:e4:99:9a:25:
                    8f:40:55:03:ea:33:1b:a6:e9:9c:f7:64:c5:d7:b3:
                    45:af:3c:2a:69:ab:ed:69:66:76:6a:72:f0:39:d5:
                    5d:c9:a3:54:1e:ee:a0:d6:38:e1:5d:c6:8c:1a:84:
                    1d:45:d9:d1:48:56:c0:a0:a9:8a:0c:d2:f8:90:cb:
                    9a:1f:f1:ca:8c:2e:7c:2c:e4:27:59:9e:ca:eb:b6:
                    ee:82:b7:0f:55:cf:9f:d3:49:f5:2c:3c:f2:10:a9:
                    4c:c4:39:38:a7:3c:82:40:64:04:e5:a1:1b:ca:31:
                    72:95:5e:38:1e:be:a9:18:f4:97:a5:ff:86:11:05:
                    1a:6c:f6:7a:5f:9d:f4:bf:06:f9:86:d8:98:57:bd:
                    0c:d0:5e:f2:b4:58:01:0c:35:b8:b6:59:53:50:de:
                    e9:b7:67:40:59:70:fb:c2:c9:c0:8d:e6:25:70:12:
                    9a:6c:ea:c7:8b:ad:f2:7b:7d:d5:2c:44:4f:ec:95:
                    62:96:5a:cf:7d:c6:46:73:47:df:43:af:7d:6b:cc:
                    1b:a8:0e:64:ef:1e:ec:93:b9:97:61:10:03:35:c0:
                    a5:c9:1c:cf:e0:45:7e:63:f0:c7:67:0b:28:d1:aa:
                    e0:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:71:CE:E1:1F:53:3B:57:5F:07:B4:3C:E3:D1:F8:6A:96:57:57:7F
            X509v3 Authority Key Identifier:
                keyid:2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:7b:51:41:75:6c:4a:00:e8:b2:c9:0f:28:a2:bc:56:1e:b2:
         9b:18:7f:22:0d:80:44:af:45:32:84:68:1d:c9:6b:6a:23:be:
         03:0b:97:a1:bb:6a:8f:f4:29:7b:62:26:ee:79:55:63:8d:de:
         fd:c7:bc:9f:c7:f4:d3:ea:dc:0a:69:a7:e9:56:2e:0b:23:59:
         9a:c7:5d:30:cf:65:f2:8b:16:6f:30:a7:68:b4:08:93:14:d4:
         44:77:27:d7:22:60:3c:b4:b1:ea:8a:14:0c:3d:c6:2e:17:89:
         3b:87:23:90:79:31:fa:dc:e4:e7:89:c8:99:95:59:d8:13:f2:
         d1:d4:dc:1c:03:97:54:f9:f9:ec:63:58:53:29:09:3f:76:9b:
         9c:dc:c9:df:de:48:5a:3a:9a:f0:71:8f:00:d1:cd:9a:ef:76:
         0b:b4:84:cb:9c:d3:31:a5:62:bd:6e:ec:5d:32:83:04:4b:52:
         28:ef:85:c4:1b:24:c6:f8:46:a7:25:c8:a5:22:25:d0:e7:c6:
         a4:bb:01:46:29:c6:f2:d4:c7:96:5c:d7:e4:82:ae:41:11:5b:
         34:00:c9:8e:11:eb:d7:91:2b:83:58:c7:df:42:97:da:6b:a6:
         fb:23:0b:e2:94:ce:8e:f2:fc:47:35:2f:7a:31:d8:85:26:56:
         49:fd:52:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdsKr3FZ/JOSv4vShJS+oAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGIyZWQ3NjVkMWQ0NzhhOTZkODJmMTI2MDExZTlmYjc1
MmZjODcwHhcNMjUwNjE0MDIwMDI5WhcNMjUwNjE1MDIwMDI5WjAzMTEwLwYDVQQD
EyhkYTcxY2VlMTFmNTMzYjU3NWYwN2I0M2NlM2QxZjg2YTk2NTc1NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGHbJH0Sx37/1GRYMQx4Q70Ylf9b
zk/CvOSZmiWPQFUD6jMbpumc92TF17NFrzwqaavtaWZ2anLwOdVdyaNUHu6g1jjh
XcaMGoQdRdnRSFbAoKmKDNL4kMuaH/HKjC58LOQnWZ7K67bugrcPVc+f00n1LDzy
EKlMxDk4pzyCQGQE5aEbyjFylV44Hr6pGPSXpf+GEQUabPZ6X530vwb5htiYV70M
0F7ytFgBDDW4tllTUN7pt2dAWXD7wsnAjeYlcBKabOrHi63ye33VLERP7JVillrP
fcZGc0ffQ699a8wbqA5k7x7sk7mXYRADNcClyRzP4EV+Y/DHZwso0argNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNpxzuEfUztXXwe0POPR+GqWV1d/MB8GA1UdIwQY
MBaAFCpLLtdl0dR4qW2C8SYBHp+3UvyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTkt
MTE1OTg4ZDgxMjg5LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTktMTE1OTg4ZDgxMjg5
LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHXtRQXVs
SgDosskPKKK8Vh6ymxh/Ig2ARK9FMoRoHclraiO+AwuXobtqj/Qpe2Im7nlVY43e
/ce8n8f00+rcCmmn6VYuCyNZmsddMM9l8osWbzCnaLQIkxTURHcn1yJgPLSx6ooU
DD3GLheJO4cjkHkx+tzk54nImZVZ2BPy0dTcHAOXVPn57GNYUykJP3abnNzJ395I
Wjqa8HGPANHNmu92C7SEy5zTMaVivW7sXTKDBEtSKO+FxBskxvhGpyXIpSIl0OfG
pLsBRinG8tTHllzX5IKuQRFbNADJjhHr15Erg1jH30KX2mum+yML4pTOjvL8RzUv
ejHYhSZWSf1S/g==
-----END CERTIFICATE-----