Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          D6ePPloGDmwvaDH3set/ou01Y2a7uMX2IItowIaJAkA=
Subject key identifier:   A1:DB:7B:4F:CD:78:D7:24:68:C5:1F:38:B8:5D:9E:9E:64:F5:B1:2B
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       0199221EA0D4D6EA59F7A02DFD98EC10CE31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          1343
Signing time:             Sun 07 Sep 2025 03:00:56 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:56 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:56 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: cOtVVzgsIGRz9E6/MC65Ls5FhwBCktUCZjakIkqzmMA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:a0:d4:d6:ea:59:f7:a0:2d:fd:98:ec:10:ce:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Sep  7 03:00:56 2025 GMT
            Not After : Sep  8 03:00:56 2025 GMT
        Subject: CN=a1db7b4fcd78d72468c51f38b85d9e9e64f5b12b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:0e:51:c8:49:fb:34:33:6f:7c:6b:0e:84:98:
                    2c:27:38:12:86:2b:e8:0d:b7:c9:81:9b:13:c5:4f:
                    ed:42:bd:9f:6f:70:9b:ef:d2:14:0e:1f:5b:4c:ed:
                    3e:5d:4d:b8:03:e9:36:1b:77:16:0b:d6:da:c9:11:
                    fc:79:e0:42:da:49:8d:e6:ef:19:0d:06:bf:76:82:
                    01:df:cc:f6:de:ee:7d:11:2a:ef:1d:bb:e8:0e:f4:
                    51:21:4f:e3:ca:a5:27:62:ea:41:35:4a:24:9e:ed:
                    3b:4a:bb:3a:03:db:71:99:ff:a4:f3:98:df:c7:06:
                    7c:ac:79:ee:2e:04:56:16:e9:6c:ae:52:86:50:34:
                    fd:4e:ea:c8:cc:e4:4e:1f:92:58:30:8f:6d:44:f1:
                    be:14:78:68:e2:43:f5:66:cf:f6:47:f0:df:91:19:
                    d1:b3:1a:e8:cc:50:ae:30:c0:de:2d:13:a1:60:80:
                    5a:89:82:61:7f:6c:7c:4b:8f:e8:3f:87:b6:91:b9:
                    75:5a:84:8e:42:ee:93:a0:68:38:cd:0f:93:a2:1b:
                    39:7e:ab:24:a9:fa:c1:08:23:71:ed:a1:d4:9d:72:
                    f6:a1:41:69:bc:2c:7a:74:e2:0b:f4:02:81:db:00:
                    fc:da:6e:6e:1e:2d:8b:47:01:63:46:ea:c8:0d:fc:
                    54:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:DB:7B:4F:CD:78:D7:24:68:C5:1F:38:B8:5D:9E:9E:64:F5:B1:2B
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:f0:c6:e2:aa:df:c4:6d:f6:e4:bd:ec:db:90:b2:f2:c6:ef:
         21:d3:d6:13:f9:cd:e5:75:93:0a:23:cc:25:2a:7a:bf:0d:13:
         56:d1:73:50:6c:ae:99:55:fd:d3:d6:e2:63:80:43:b1:72:ab:
         cf:22:cd:f5:d4:86:db:a9:85:24:9a:2d:71:a9:32:98:67:25:
         57:b9:a9:15:22:bc:5f:35:e1:99:eb:a9:3f:99:5e:65:cd:a8:
         76:73:dc:d9:bf:63:af:a8:eb:f1:6a:64:6a:81:36:ee:5a:fc:
         83:01:7d:3c:40:04:88:46:aa:48:8a:9e:c7:88:e5:26:0f:06:
         07:e5:22:ba:82:c8:1c:0e:bc:ac:04:11:d6:0d:c8:94:e1:c6:
         48:62:9f:44:0f:1d:7b:45:fc:bf:88:60:3c:4b:d9:9d:2d:8d:
         95:49:a2:5c:d7:75:cc:19:a0:a7:fc:86:fe:3f:57:67:5b:79:
         c4:26:37:71:bc:69:0d:ce:be:1e:3e:6e:0f:f7:2e:5c:0c:f5:
         de:44:8c:2d:6d:a6:6b:4b:df:d2:14:13:af:33:ab:de:25:9d:
         94:a4:c6:82:2b:32:42:f1:d2:2c:c9:ac:d1:d0:d9:bb:c4:8d:
         47:6e:8a:1b:6f:f7:42:23:92:4e:81:0d:98:f1:10:ee:aa:e1:
         af:10:c7:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHqDU1upZ96At/ZjsEM4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjUwOTA3MDMwMDU2WhcNMjUwOTA4MDMwMDU2WjAzMTEwLwYDVQQD
EyhhMWRiN2I0ZmNkNzhkNzI0NjhjNTFmMzhiODVkOWU5ZTY0ZjViMTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzw5RyEn7NDNvfGsOhJgsJzgShivo
DbfJgZsTxU/tQr2fb3Cb79IUDh9bTO0+XU24A+k2G3cWC9bayRH8eeBC2kmN5u8Z
DQa/doIB38z23u59ESrvHbvoDvRRIU/jyqUnYupBNUoknu07Srs6A9txmf+k85jf
xwZ8rHnuLgRWFulsrlKGUDT9TurIzOROH5JYMI9tRPG+FHho4kP1Zs/2R/DfkRnR
sxrozFCuMMDeLROhYIBaiYJhf2x8S4/oP4e2kbl1WoSOQu6ToGg4zQ+Tohs5fqsk
qfrBCCNx7aHUnXL2oUFpvCx6dOIL9AKB2wD82m5uHi2LRwFjRurIDfxUmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHbe0/NeNckaMUfOLhdnp5k9bErMB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAefDG4qrf
xG325L3s25Cy8sbvIdPWE/nN5XWTCiPMJSp6vw0TVtFzUGyumVX909biY4BDsXKr
zyLN9dSG26mFJJotcakymGclV7mpFSK8XzXhmeupP5leZc2odnPc2b9jr6jr8Wpk
aoE27lr8gwF9PEAEiEaqSIqex4jlJg8GB+UiuoLIHA68rAQR1g3IlOHGSGKfRA8d
e0X8v4hgPEvZnS2NlUmiXNd1zBmgp/yG/j9XZ1t5xCY3cbxpDc6+Hj5uD/cuXAz1
3kSMLW2ma0vf0hQTrzOr3iWdlKTGgisyQvHSLMms0dDZu8SNR26KG2/3QiOSToEN
mPEQ7qrhrxDHAg==
-----END CERTIFICATE-----