Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
File:                     kiGxuiPNnBINnmfHS16SkKcq3SA.mft (raw, json)
Hash identifier:          8bCuZfHXYqbQ+FXlnMU9VHOYAfwyBSgwFHeowloZhfQ=
Subject key identifier:   F7:D9:50:7F:0F:A9:9E:DC:11:49:DD:BC:B8:C6:F6:5C:B1:5F:D6:6B
Authority key identifier: 92:21:B1:BA:23:CD:9C:12:0D:9E:67:C7:4B:5E:92:90:A7:2A:DD:20
Certificate issuer:       /CN=9221b1ba23cd9c120d9e67c74b5e9290a72add20
Certificate serial:       019922C353C4C12EB0B1DCDED46A60D8AE70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
Manifest number:          4C
Signing time:             Sun 07 Sep 2025 06:00:50 +0000
Manifest this update:     Sun 07 Sep 2025 06:00:50 +0000
Manifest next update:     Mon 08 Sep 2025 06:00:50 +0000
Files and hashes:         1: kiGxuiPNnBINnmfHS16SkKcq3SA.crl (hash: DIsG2jqB7KO7eWmdBIxQdc6wh92b/LSS9IxacUiMis8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:c3:53:c4:c1:2e:b0:b1:dc:de:d4:6a:60:d8:ae:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9221b1ba23cd9c120d9e67c74b5e9290a72add20
        Validity
            Not Before: Sep  7 06:00:50 2025 GMT
            Not After : Sep  8 06:00:50 2025 GMT
        Subject: CN=f7d9507f0fa99edc1149ddbcb8c6f65cb15fd66b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ba:94:b9:94:29:67:db:05:2d:b8:0f:c8:f6:
                    bb:86:bb:69:81:af:b0:20:bc:e0:f9:bf:41:1a:53:
                    08:9b:03:df:7d:b4:53:42:4a:62:df:5f:1f:d1:a7:
                    a0:23:e5:dd:c0:e5:b1:e5:2e:a4:27:38:93:1f:ed:
                    24:04:3e:36:f8:4e:c0:8c:21:c4:c8:ee:28:f1:2c:
                    d2:27:b5:11:65:af:1f:58:e0:3c:05:a9:bb:6a:70:
                    ef:5a:3a:22:dc:f7:27:5d:67:ac:31:7a:ac:10:61:
                    df:eb:6a:2a:ea:2f:0d:ae:4b:c7:08:c8:c9:65:26:
                    09:1b:ce:d1:d1:48:5b:4e:3f:df:6c:ba:03:44:e2:
                    08:9a:4e:b7:6f:09:77:68:15:fc:1b:85:3f:12:7c:
                    0a:ab:b9:07:c8:59:6d:50:b5:8c:77:19:68:cf:51:
                    ef:ef:70:7f:d7:0e:c7:52:33:bd:e1:10:28:a7:f1:
                    e8:1e:c5:d9:c6:3b:6b:e6:27:83:a2:57:56:d2:ac:
                    a1:aa:6b:53:4f:57:d8:f9:2c:7c:43:54:2f:0b:7b:
                    f5:18:51:69:1d:99:db:e3:af:02:47:9d:da:d9:29:
                    ce:e5:ec:a9:77:ae:e6:b0:b4:fd:09:a0:0d:37:87:
                    03:28:19:16:3d:a3:4b:c4:a2:7d:bb:e0:34:48:cc:
                    9f:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:D9:50:7F:0F:A9:9E:DC:11:49:DD:BC:B8:C6:F6:5C:B1:5F:D6:6B
            X509v3 Authority Key Identifier:
                keyid:92:21:B1:BA:23:CD:9C:12:0D:9E:67:C7:4B:5E:92:90:A7:2A:DD:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:74:65:01:6b:c0:27:7e:81:27:f9:75:5c:a5:34:90:20:df:
         e7:2f:db:64:a6:bb:7e:2f:ed:2a:2b:c3:8a:7e:eb:b7:49:aa:
         be:0c:e6:ab:d7:6e:8a:4d:be:99:56:ef:a7:9f:b5:87:b3:97:
         4a:b6:4a:cb:8d:06:c5:f5:f9:cc:33:ed:47:1f:cb:4b:6d:09:
         30:82:30:33:1c:cf:00:f1:93:5b:66:00:0d:2b:4b:0c:3c:92:
         fe:be:52:df:b7:2a:f9:1e:eb:9d:c1:12:a0:12:03:7c:db:68:
         3f:97:1e:83:6d:60:f3:02:4c:e2:5a:32:98:97:07:80:97:de:
         39:f3:ea:07:5e:3e:6a:2d:06:47:1d:4e:fa:86:3e:3d:42:7e:
         d5:f1:65:aa:22:b0:32:84:44:de:fd:8e:25:74:56:f7:36:f5:
         66:a3:b3:16:ab:fa:ae:19:cc:be:15:7e:1a:03:32:61:41:af:
         ea:93:4e:dc:ad:6c:27:d8:60:b8:47:51:cd:81:25:72:b9:4f:
         99:5b:28:2b:3f:bd:27:47:69:93:ab:17:94:6c:a1:f9:4e:93:
         ab:20:87:1c:e4:6f:d5:43:6c:66:4a:a6:c0:b2:09:cd:1c:24:
         1a:9e:ab:3a:97:06:3f:cf:3e:95:23:26:ba:10:30:87:36:26:
         ae:7b:32:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw1PEwS6wsdze1Gpg2K5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjFiMWJhMjNjZDljMTIwZDllNjdjNzRiNWU5MjkwYTcy
YWRkMjAwHhcNMjUwOTA3MDYwMDUwWhcNMjUwOTA4MDYwMDUwWjAzMTEwLwYDVQQD
EyhmN2Q5NTA3ZjBmYTk5ZWRjMTE0OWRkYmNiOGM2ZjY1Y2IxNWZkNjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrqUuZQpZ9sFLbgPyPa7hrtpga+w
ILzg+b9BGlMImwPffbRTQkpi318f0aegI+XdwOWx5S6kJziTH+0kBD42+E7AjCHE
yO4o8SzSJ7URZa8fWOA8Bam7anDvWjoi3PcnXWesMXqsEGHf62oq6i8NrkvHCMjJ
ZSYJG87R0UhbTj/fbLoDROIImk63bwl3aBX8G4U/EnwKq7kHyFltULWMdxloz1Hv
73B/1w7HUjO94RAop/HoHsXZxjtr5ieDoldW0qyhqmtTT1fY+Sx8Q1QvC3v1GFFp
HZnb468CR53a2SnO5eypd67msLT9CaANN4cDKBkWPaNLxKJ9u+A0SMyfqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPfZUH8PqZ7cEUndvLjG9lyxX9ZrMB8GA1UdIwQY
MBaAFJIhsbojzZwSDZ5nx0tekpCnKt0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wY2VkNTgtNWIxZC00MmUzLThkYTYt
M2RiN2ZlOGY2NzgzLzEva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wY2VkNTgtNWIxZC00MmUzLThkYTYtM2RiN2ZlOGY2Nzgz
LzEva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXRlAWvA
J36BJ/l1XKU0kCDf5y/bZKa7fi/tKivDin7rt0mqvgzmq9duik2+mVbvp5+1h7OX
SrZKy40GxfX5zDPtRx/LS20JMIIwMxzPAPGTW2YADStLDDyS/r5S37cq+R7rncES
oBIDfNtoP5ceg21g8wJM4loymJcHgJfeOfPqB14+ai0GRx1O+oY+PUJ+1fFlqiKw
MoRE3v2OJXRW9zb1ZqOzFqv6rhnMvhV+GgMyYUGv6pNO3K1sJ9hguEdRzYElcrlP
mVsoKz+9J0dpk6sXlGyh+U6TqyCHHORv1UNsZkqmwLIJzRwkGp6rOpcGP88+lSMm
uhAwhzYmrnsyYw==
-----END CERTIFICATE-----