Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          Ht30qvEkc6pEUupQinASJ92ABUFgK/8l9Lm++5dehSM=
Subject key identifier:   0D:F2:BC:D8:A9:E8:98:B3:BC:2B:E8:9B:7D:9B:12:1B:A1:99:09:B8
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       019A72264F2128E424F4A670FFBE1659EF4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          13F1
Signing time:             Tue 11 Nov 2025 09:01:44 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:44 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:44 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: AEaXc+sLmwBMaNAjNC5Z/2B76aRpw8DQYTCGSSyZn28=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:4f:21:28:e4:24:f4:a6:70:ff:be:16:59:ef:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Nov 11 09:01:44 2025 GMT
            Not After : Nov 12 09:01:44 2025 GMT
        Subject: CN=0df2bcd8a9e898b3bc2be89b7d9b121ba19909b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:25:57:ba:c8:b8:03:59:f2:ba:51:21:3a:d0:
                    1b:ed:05:86:fd:6d:4c:ca:e9:5e:fd:51:48:c5:b3:
                    08:de:e1:de:c6:36:71:c1:c7:c4:c2:69:b2:99:8d:
                    9a:31:06:fb:06:97:44:b4:58:5f:24:f4:ce:f5:dc:
                    cc:ef:f8:c5:0f:2b:16:5b:75:0f:6c:b9:f1:75:5f:
                    fc:ec:f2:64:bc:0f:46:aa:9e:35:4b:79:36:b4:5e:
                    a0:6f:96:48:12:af:21:9f:2c:42:8e:a4:3c:42:e8:
                    fd:5e:bf:81:ed:d4:99:74:fe:fa:b9:df:10:e7:36:
                    39:be:5a:c0:9e:1a:67:24:5e:af:9b:62:2c:95:e9:
                    f1:fe:94:5b:73:fc:53:33:78:c1:87:18:7d:b4:e9:
                    7f:e3:c6:6e:4d:c4:7f:2b:ab:f7:d4:ac:f8:0c:a6:
                    24:19:2e:70:9d:5a:19:98:5b:13:23:73:7f:bc:ea:
                    93:c6:e1:18:33:6f:49:4f:a8:15:37:59:60:7b:8f:
                    87:f4:8b:0e:c7:97:c9:d3:9f:2b:bf:a9:51:54:16:
                    a6:2e:69:1c:41:ce:8d:a7:e5:3f:72:b2:9f:23:29:
                    39:10:58:a8:5d:c6:8f:74:2e:10:bf:83:88:13:92:
                    57:01:75:8b:a0:8d:9e:ec:2e:86:41:19:f3:fb:20:
                    11:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:F2:BC:D8:A9:E8:98:B3:BC:2B:E8:9B:7D:9B:12:1B:A1:99:09:B8
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:ae:d6:e2:13:7b:9e:57:15:91:81:5c:31:1b:ec:ba:d6:e8:
         c7:95:02:14:4d:0b:fc:8e:96:50:db:4a:bf:55:d9:60:b7:28:
         5f:97:69:bf:94:d9:e6:40:eb:82:88:8f:97:d0:c1:00:e6:08:
         9c:f3:7a:da:7a:fd:00:cb:66:83:45:d8:0b:9c:93:38:6a:d1:
         0d:e5:15:2f:f8:15:3f:87:71:b5:16:3d:23:8a:b8:f1:99:cd:
         13:0d:c7:b4:29:7e:3b:6a:f1:4c:ba:74:df:f3:01:62:22:c7:
         7a:fa:3a:9a:84:3b:da:5c:9c:1b:c2:72:97:39:be:30:ec:2a:
         c0:0c:7d:96:e4:58:75:a0:0e:d9:f2:61:73:c2:df:94:4a:f1:
         11:7b:89:17:df:d9:b7:f4:e6:a7:7a:e0:9c:a5:9f:ea:44:d1:
         88:3c:dc:45:67:20:87:26:11:da:48:0f:8d:c2:d6:c1:ce:00:
         23:5a:01:02:f3:e0:9a:10:8e:67:df:61:1e:3e:d8:02:e8:7a:
         ed:2e:3a:56:6a:d7:7d:06:2e:ce:53:70:fb:6e:9d:68:7f:26:
         dc:ec:65:6f:2d:00:ba:98:d5:cd:46:79:02:1f:ba:fc:b0:2e:
         8f:d1:0d:d9:3b:62:a3:77:ae:a8:44:69:82:c7:49:bb:7f:23:
         f7:44:91:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJk8hKOQk9KZw/74WWe9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjUxMTExMDkwMTQ0WhcNMjUxMTEyMDkwMTQ0WjAzMTEwLwYDVQQD
EygwZGYyYmNkOGE5ZTg5OGIzYmMyYmU4OWI3ZDliMTIxYmExOTkwOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCVXusi4A1nyulEhOtAb7QWG/W1M
yule/VFIxbMI3uHexjZxwcfEwmmymY2aMQb7BpdEtFhfJPTO9dzM7/jFDysWW3UP
bLnxdV/87PJkvA9Gqp41S3k2tF6gb5ZIEq8hnyxCjqQ8Quj9Xr+B7dSZdP76ud8Q
5zY5vlrAnhpnJF6vm2Islenx/pRbc/xTM3jBhxh9tOl/48ZuTcR/K6v31Kz4DKYk
GS5wnVoZmFsTI3N/vOqTxuEYM29JT6gVN1lge4+H9IsOx5fJ058rv6lRVBamLmkc
Qc6Np+U/crKfIyk5EFioXcaPdC4Qv4OIE5JXAXWLoI2e7C6GQRnz+yARCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA3yvNip6JizvCvom32bEhuhmQm4MB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALK7W4hN7
nlcVkYFcMRvsutbox5UCFE0L/I6WUNtKv1XZYLcoX5dpv5TZ5kDrgoiPl9DBAOYI
nPN62nr9AMtmg0XYC5yTOGrRDeUVL/gVP4dxtRY9I4q48ZnNEw3HtCl+O2rxTLp0
3/MBYiLHevo6moQ72lycG8Jylzm+MOwqwAx9luRYdaAO2fJhc8LflErxEXuJF9/Z
t/Tmp3rgnKWf6kTRiDzcRWcghyYR2kgPjcLWwc4AI1oBAvPgmhCOZ99hHj7YAuh6
7S46VmrXfQYuzlNw+26daH8m3Oxlby0AupjVzUZ5Ah+6/LAuj9EN2Ttio3euqERp
gsdJu38j90SR/A==
-----END CERTIFICATE-----