Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
File:                     kiGxuiPNnBINnmfHS16SkKcq3SA.mft (raw, json)
Hash identifier:          9ds0MaJeDUVPZ3v/uvLkO5TyOOlnK8HuJ25aMYhDB/E=
Subject key identifier:   C0:41:D2:9B:AA:30:4F:0B:F4:35:F8:49:52:65:73:40:19:0E:21:78
Authority key identifier: 92:21:B1:BA:23:CD:9C:12:0D:9E:67:C7:4B:5E:92:90:A7:2A:DD:20
Certificate issuer:       /CN=9221b1ba23cd9c120d9e67c74b5e9290a72add20
Certificate serial:       019A70DC734C84AEEA6D9C9805ABD513CE94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
Manifest number:          F9
Signing time:             Tue 11 Nov 2025 03:01:26 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:26 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:26 +0000
Files and hashes:         1: kiGxuiPNnBINnmfHS16SkKcq3SA.crl (hash: egEwHtT7B2sP8G3vVR+Noe+LPjKWrizjo1WjFWavS7c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:73:4c:84:ae:ea:6d:9c:98:05:ab:d5:13:ce:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9221b1ba23cd9c120d9e67c74b5e9290a72add20
        Validity
            Not Before: Nov 11 03:01:26 2025 GMT
            Not After : Nov 12 03:01:26 2025 GMT
        Subject: CN=c041d29baa304f0bf435f84952657340190e2178
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:8a:70:03:cb:4b:9d:99:d5:6b:39:55:25:53:
                    ef:85:12:57:d5:aa:bb:b3:10:1a:0d:ac:1d:fc:f5:
                    88:05:dd:08:3b:ce:1a:30:c2:84:f9:ef:7d:4a:c6:
                    a0:d5:e2:dc:7e:8b:bf:04:02:74:17:0d:be:da:01:
                    9c:41:8d:cb:ac:b4:f6:c6:fd:c9:09:f8:23:2a:54:
                    15:51:17:0c:03:cf:4a:08:7a:7e:61:e7:b4:51:81:
                    44:b7:28:55:a3:e9:e0:3c:ab:08:78:48:a0:e4:fc:
                    f9:44:66:2c:99:6c:95:f2:99:7c:b1:01:30:2a:27:
                    59:ed:f9:4f:d3:ff:58:b9:fe:9a:57:f3:57:d4:21:
                    6d:2f:21:fe:28:9b:a1:5d:f7:5e:64:e9:7d:58:0f:
                    5f:c7:a6:98:fc:4a:6f:fd:06:db:5a:e8:ee:5f:00:
                    5f:36:5c:64:ce:66:3f:bf:06:ce:97:ad:2c:a7:20:
                    bd:ae:97:77:05:fe:1d:88:9f:04:2d:c0:a5:71:1a:
                    f7:14:63:5d:9e:da:51:08:66:4c:e3:85:f9:81:8f:
                    b7:73:de:9e:9c:39:30:04:f2:48:33:9a:00:50:ca:
                    b1:97:be:93:94:1a:c0:9c:fc:9b:1a:26:15:e9:1e:
                    bb:08:6c:64:27:1b:01:1d:5c:a7:53:ef:89:82:41:
                    19:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:41:D2:9B:AA:30:4F:0B:F4:35:F8:49:52:65:73:40:19:0E:21:78
            X509v3 Authority Key Identifier:
                keyid:92:21:B1:BA:23:CD:9C:12:0D:9E:67:C7:4B:5E:92:90:A7:2A:DD:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:b2:f2:bd:43:1e:0e:5f:e0:b4:00:f2:ce:4f:d4:33:47:53:
         c9:b2:15:77:c0:bf:91:2f:a8:cb:d9:fa:a0:24:9f:0a:01:9a:
         d0:66:26:82:95:d0:19:58:3e:77:43:de:ce:4e:f6:72:52:39:
         e1:37:51:d3:cf:78:27:85:c2:6a:88:3a:e5:6f:14:ec:c2:7b:
         60:ad:92:e0:79:07:03:07:e8:7e:c3:61:07:40:d3:d7:d2:29:
         58:3e:ab:64:d1:b6:2c:d0:90:35:27:9e:a3:66:13:f4:e3:b6:
         e4:96:67:a7:84:b0:45:f4:4d:d2:09:33:cb:36:d0:18:40:5f:
         66:94:9b:98:fa:f6:f8:d4:94:69:00:1c:bd:9a:08:19:d5:8d:
         90:c0:af:c5:7d:c2:a2:0e:be:b2:66:96:25:cb:49:9e:b6:53:
         fe:60:0a:7a:42:2c:fb:aa:8f:06:08:92:e0:a1:45:fb:ef:81:
         d0:09:db:c3:2b:0b:40:8e:31:0f:6a:68:e4:a3:02:ac:96:12:
         49:7f:f9:94:7c:73:90:0f:fa:70:41:33:b0:ed:f9:c2:54:96:
         44:df:26:57:91:b4:c8:21:6a:a7:8d:67:36:fd:fa:79:5c:65:
         81:c4:fc:9d:3b:a4:da:ae:dc:69:6f:e5:6a:a3:2f:2e:d1:ac:
         f6:83:c7:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3HNMhK7qbZyYBavVE86UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjFiMWJhMjNjZDljMTIwZDllNjdjNzRiNWU5MjkwYTcy
YWRkMjAwHhcNMjUxMTExMDMwMTI2WhcNMjUxMTEyMDMwMTI2WjAzMTEwLwYDVQQD
EyhjMDQxZDI5YmFhMzA0ZjBiZjQzNWY4NDk1MjY1NzM0MDE5MGUyMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYpwA8tLnZnVazlVJVPvhRJX1aq7
sxAaDawd/PWIBd0IO84aMMKE+e99Ssag1eLcfou/BAJ0Fw2+2gGcQY3LrLT2xv3J
CfgjKlQVURcMA89KCHp+Yee0UYFEtyhVo+ngPKsIeEig5Pz5RGYsmWyV8pl8sQEw
KidZ7flP0/9Yuf6aV/NX1CFtLyH+KJuhXfdeZOl9WA9fx6aY/Epv/QbbWujuXwBf
NlxkzmY/vwbOl60spyC9rpd3Bf4diJ8ELcClcRr3FGNdntpRCGZM44X5gY+3c96e
nDkwBPJIM5oAUMqxl76TlBrAnPybGiYV6R67CGxkJxsBHVynU++JgkEZMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBB0puqME8L9DX4SVJlc0AZDiF4MB8GA1UdIwQY
MBaAFJIhsbojzZwSDZ5nx0tekpCnKt0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wY2VkNTgtNWIxZC00MmUzLThkYTYt
M2RiN2ZlOGY2NzgzLzEva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wY2VkNTgtNWIxZC00MmUzLThkYTYtM2RiN2ZlOGY2Nzgz
LzEva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASLLyvUMe
Dl/gtADyzk/UM0dTybIVd8C/kS+oy9n6oCSfCgGa0GYmgpXQGVg+d0Pezk72clI5
4TdR0894J4XCaog65W8U7MJ7YK2S4HkHAwfofsNhB0DT19IpWD6rZNG2LNCQNSee
o2YT9OO25JZnp4SwRfRN0gkzyzbQGEBfZpSbmPr2+NSUaQAcvZoIGdWNkMCvxX3C
og6+smaWJctJnrZT/mAKekIs+6qPBgiS4KFF+++B0AnbwysLQI4xD2po5KMCrJYS
SX/5lHxzkA/6cEEzsO35wlSWRN8mV5G0yCFqp41nNv36eVxlgcT8nTuk2q7caW/l
aqMvLtGs9oPHoA==
-----END CERTIFICATE-----