Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
File:                     Kksu12XR1HipbYLxJgEen7dS_Ic.mft (raw, json)
Hash identifier:          OJlJeVyb3X3hlaJnhUSijikP+3jAXDmiwAn8Rat8HCY=
Subject key identifier:   0F:02:BA:3A:61:E7:6C:62:58:38:7F:21:C7:BC:B8:A3:A2:90:1A:5B
Authority key identifier: 2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87
Certificate issuer:       /CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87
Certificate serial:       019678D6067DC04AABA2BAF2D03D51970DF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
Manifest number:          150C
Signing time:             Sun 27 Apr 2025 20:00:14 +0000
Manifest this update:     Sun 27 Apr 2025 20:00:14 +0000
Manifest next update:     Mon 28 Apr 2025 20:00:14 +0000
Files and hashes:         1: Kksu12XR1HipbYLxJgEen7dS_Ic.crl (hash: EzJT73IQ+5zqBCOwOQOlkiMffT1ofBjHyylRYtc+7JY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 20:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:78:d6:06:7d:c0:4a:ab:a2:ba:f2:d0:3d:51:97:0d:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87
        Validity
            Not Before: Apr 27 20:00:14 2025 GMT
            Not After : Apr 28 20:00:14 2025 GMT
        Subject: CN=0f02ba3a61e76c6258387f21c7bcb8a3a2901a5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:db:bd:ed:b4:e2:79:a3:11:70:b1:e0:84:e0:
                    94:93:94:83:39:3e:06:21:79:9d:a7:a7:4b:c6:88:
                    de:ff:df:eb:1d:d8:95:27:2e:c7:10:5f:f2:a5:0a:
                    3c:e7:f1:be:e1:7d:a7:54:41:21:12:c9:52:10:71:
                    8d:3d:ae:e1:a4:69:5a:ab:40:bc:f6:1c:b1:e9:64:
                    15:7c:b6:dc:ec:23:a8:ff:11:9b:a9:30:b5:33:02:
                    98:7b:88:14:10:7e:63:98:61:88:61:30:5e:ea:41:
                    95:80:72:6c:25:a7:08:94:f8:55:08:32:ac:e8:4e:
                    39:6a:fa:83:44:2d:54:28:30:d8:9a:3c:4e:a1:31:
                    1b:c9:91:02:63:be:b4:1f:62:90:da:29:e0:d4:44:
                    d4:e5:6c:20:2f:33:6d:27:3d:1d:8a:74:39:46:e9:
                    95:65:f1:2e:05:df:35:74:22:36:ee:f8:65:d1:28:
                    8f:28:cb:bf:f7:3d:ee:c2:bc:d1:b0:43:51:6e:67:
                    3d:ed:ee:09:14:26:2d:43:ff:77:8f:c8:5e:6a:6b:
                    25:8b:9c:a1:c1:e4:f8:11:8b:f8:0b:07:64:66:07:
                    f8:bc:94:ec:39:cb:0c:c9:0e:50:52:d9:d8:e0:7b:
                    3a:7f:2d:29:62:d4:ad:e6:3c:27:95:6b:5c:e9:c4:
                    8e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:02:BA:3A:61:E7:6C:62:58:38:7F:21:C7:BC:B8:A3:A2:90:1A:5B
            X509v3 Authority Key Identifier:
                keyid:2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:ca:4c:e0:8c:ea:6d:2d:3d:65:dc:dc:40:7b:24:a1:a5:8a:
         2a:d8:ab:8f:47:3d:65:26:d3:ee:3c:4e:07:71:2d:2c:bd:ac:
         07:67:fb:11:bf:51:4d:f1:0d:92:92:b6:31:f9:26:90:df:11:
         ca:91:5a:8b:5e:e0:92:b5:34:83:b8:03:c5:e5:38:19:0f:bd:
         2c:00:a2:1d:32:09:da:a2:f9:3a:c2:a1:71:cf:38:3b:2b:92:
         d4:c3:d6:94:5c:c1:e1:ff:73:e9:8f:f0:f4:59:59:3a:5c:40:
         a0:e6:16:44:91:cd:76:be:dc:32:46:ad:79:ff:7a:ae:40:db:
         d4:45:81:b5:1c:fb:2e:59:67:b9:08:b5:5b:42:8d:c5:f0:69:
         79:1f:00:d4:33:3d:98:dc:0f:d8:43:18:68:c3:bc:e5:ec:b0:
         ad:ac:7c:71:83:e8:0e:79:18:37:84:2e:59:8e:7a:a5:8f:bf:
         58:a9:b0:03:97:53:8f:23:c4:17:13:b7:71:66:8c:4b:90:e3:
         2e:92:fb:ed:7c:5e:4d:fe:30:a2:96:63:f4:6b:bc:65:be:7d:
         8c:d7:16:be:e9:21:3b:50:08:0c:e9:d9:90:6d:73:f8:71:55:
         ff:e5:49:05:4c:c0:9f:78:eb:4d:1d:67:cc:bc:56:28:e0:a7:
         af:9e:dd:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ41gZ9wEqrorry0D1Rlw34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGIyZWQ3NjVkMWQ0NzhhOTZkODJmMTI2MDExZTlmYjc1
MmZjODcwHhcNMjUwNDI3MjAwMDE0WhcNMjUwNDI4MjAwMDE0WjAzMTEwLwYDVQQD
EygwZjAyYmEzYTYxZTc2YzYyNTgzODdmMjFjN2JjYjhhM2EyOTAxYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNu97bTieaMRcLHghOCUk5SDOT4G
IXmdp6dLxoje/9/rHdiVJy7HEF/ypQo85/G+4X2nVEEhEslSEHGNPa7hpGlaq0C8
9hyx6WQVfLbc7COo/xGbqTC1MwKYe4gUEH5jmGGIYTBe6kGVgHJsJacIlPhVCDKs
6E45avqDRC1UKDDYmjxOoTEbyZECY760H2KQ2ing1ETU5WwgLzNtJz0dinQ5RumV
ZfEuBd81dCI27vhl0SiPKMu/9z3uwrzRsENRbmc97e4JFCYtQ/93j8heamsli5yh
weT4EYv4CwdkZgf4vJTsOcsMyQ5QUtnY4Hs6fy0pYtSt5jwnlWtc6cSONQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8Cujph52xiWDh/Ice8uKOikBpbMB8GA1UdIwQY
MBaAFCpLLtdl0dR4qW2C8SYBHp+3UvyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTkt
MTE1OTg4ZDgxMjg5LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTktMTE1OTg4ZDgxMjg5
LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIcpM4Izq
bS09ZdzcQHskoaWKKtirj0c9ZSbT7jxOB3EtLL2sB2f7Eb9RTfENkpK2MfkmkN8R
ypFai17gkrU0g7gDxeU4GQ+9LACiHTIJ2qL5OsKhcc84OyuS1MPWlFzB4f9z6Y/w
9FlZOlxAoOYWRJHNdr7cMkatef96rkDb1EWBtRz7LllnuQi1W0KNxfBpeR8A1DM9
mNwP2EMYaMO85eywrax8cYPoDnkYN4QuWY56pY+/WKmwA5dTjyPEFxO3cWaMS5Dj
LpL77XxeTf4wopZj9Gu8Zb59jNcWvukhO1AIDOnZkG1z+HFV/+VJBUzAn3jrTR1n
zLxWKOCnr57dSQ==
-----END CERTIFICATE-----