Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
File:                     KPev7E0_BvgNaHKm1iRs0B5z1qY.mft (raw, json)
Hash identifier:          nYBtEE4w9KE97Lux4hxufOtS8zlB1z7tFvpWPsBMDGs=
Subject key identifier:   DB:11:D9:62:C5:D9:0C:7F:4E:9B:55:82:1B:68:29:D5:BE:D9:43:D6
Authority key identifier: 28:F7:AF:EC:4D:3F:06:F8:0D:68:72:A6:D6:24:6C:D0:1E:73:D6:A6
Certificate issuer:       /CN=28f7afec4d3f06f80d6872a6d6246cd01e73d6a6
Certificate serial:       019921B06C79750B5164D00EE1F675A124FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KPev7E0_BvgNaHKm1iRs0B5z1qY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 01:00:34 +0000
Manifest this update:     Sun 07 Sep 2025 01:00:34 +0000
Manifest next update:     Mon 08 Sep 2025 01:00:34 +0000
Files and hashes:         1: KPev7E0_BvgNaHKm1iRs0B5z1qY.crl (hash: PboVjVotis02FBLOa+mU/nmAUm7PjymLmiKLRPL4P/g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KPev7E0_BvgNaHKm1iRs0B5z1qY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b0:6c:79:75:0b:51:64:d0:0e:e1:f6:75:a1:24:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28f7afec4d3f06f80d6872a6d6246cd01e73d6a6
        Validity
            Not Before: Sep  7 01:00:34 2025 GMT
            Not After : Sep  8 01:00:34 2025 GMT
        Subject: CN=db11d962c5d90c7f4e9b55821b6829d5bed943d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:01:0e:22:6c:1c:da:05:20:50:68:a6:bb:b3:
                    33:e0:5a:aa:e2:e0:ed:82:60:c3:b4:f0:44:3d:37:
                    1c:3e:b5:51:79:57:f6:98:0c:d6:ec:98:03:42:f9:
                    23:bb:65:a5:2a:d9:fb:e7:70:b0:95:30:d2:40:0b:
                    2f:e8:be:5a:1c:29:b7:7a:cb:22:ac:62:e4:a9:35:
                    79:ce:80:bd:f7:0e:cd:7a:6c:4e:f1:e0:94:d6:fb:
                    4b:65:d4:a8:7e:79:77:77:f6:d5:a4:0e:75:d3:61:
                    a6:f8:96:87:09:0f:ff:43:ca:69:67:cd:3d:6b:0c:
                    f2:ba:3f:c9:42:cb:0b:40:da:b8:f6:a2:db:dd:a7:
                    62:ec:0d:7e:cc:01:b8:5a:e9:63:37:f9:5b:f5:33:
                    d7:f5:d6:ae:d9:a2:77:5d:48:fc:8b:27:aa:c8:04:
                    6e:d5:41:f4:b2:08:d6:af:9a:c0:15:bd:99:6e:4c:
                    83:3e:12:20:bf:be:88:d6:b9:3f:8c:21:67:0d:cc:
                    a7:b9:a3:df:fc:20:d1:10:bd:eb:d1:58:24:13:98:
                    53:1c:3d:f5:65:ad:b9:2a:15:1c:e6:02:2d:bd:ec:
                    b8:ec:e0:9c:a5:65:9d:73:77:0a:9c:98:42:e8:40:
                    f5:ae:32:51:ca:2d:d9:43:c5:93:2f:dd:c5:7f:cd:
                    f3:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:11:D9:62:C5:D9:0C:7F:4E:9B:55:82:1B:68:29:D5:BE:D9:43:D6
            X509v3 Authority Key Identifier:
                keyid:28:F7:AF:EC:4D:3F:06:F8:0D:68:72:A6:D6:24:6C:D0:1E:73:D6:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPev7E0_BvgNaHKm1iRs0B5z1qY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/217a30-8ee1-4913-a127-576d403c918f/1/KPev7E0_BvgNaHKm1iRs0B5z1qY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:d8:c3:b1:48:5f:38:f9:a3:46:18:bf:2a:49:c4:56:d7:52:
         17:54:c9:4b:7d:af:95:7c:73:64:94:0e:27:dd:2b:3c:97:20:
         d4:94:0b:d4:29:d8:ef:44:16:69:b2:ae:62:5d:ad:d2:43:5e:
         a1:ee:74:29:bd:2f:1e:f9:54:2e:89:e2:8e:60:08:d6:d1:e4:
         c7:74:04:ee:5f:d5:90:d9:4d:af:0d:25:e1:29:2d:64:e9:b0:
         6c:75:16:5d:6b:7c:53:51:07:56:51:de:7f:04:75:6d:db:17:
         08:c1:24:35:28:86:b4:41:3c:c9:0f:05:8e:8c:00:cc:ef:45:
         80:26:af:bf:91:b6:ce:10:ab:ab:78:da:98:0c:34:e7:26:f6:
         0c:3b:a5:bc:02:6c:62:da:54:2b:e4:68:a9:ca:59:d0:d1:b0:
         e5:93:3f:b6:79:49:85:a0:a1:41:9e:3f:b2:f1:67:b9:1a:0b:
         3e:32:53:3d:09:8b:48:1f:2b:b3:74:53:eb:6e:ef:92:02:e3:
         bd:36:00:57:94:99:93:4b:e8:1d:38:e2:be:be:da:46:85:3c:
         11:c9:8f:86:5b:61:f0:fd:25:53:cd:52:14:c9:19:e6:16:25:
         a8:31:ee:d7:fd:1a:b0:63:3f:30:e7:02:37:d8:e4:12:93:9b:
         7e:7d:91:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsGx5dQtRZNAO4fZ1oST8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZjdhZmVjNGQzZjA2ZjgwZDY4NzJhNmQ2MjQ2Y2QwMWU3
M2Q2YTYwHhcNMjUwOTA3MDEwMDM0WhcNMjUwOTA4MDEwMDM0WjAzMTEwLwYDVQQD
EyhkYjExZDk2MmM1ZDkwYzdmNGU5YjU1ODIxYjY4MjlkNWJlZDk0M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAEOImwc2gUgUGimu7Mz4Fqq4uDt
gmDDtPBEPTccPrVReVf2mAzW7JgDQvkju2WlKtn753CwlTDSQAsv6L5aHCm3essi
rGLkqTV5zoC99w7NemxO8eCU1vtLZdSofnl3d/bVpA5102Gm+JaHCQ//Q8ppZ809
awzyuj/JQssLQNq49qLb3adi7A1+zAG4WuljN/lb9TPX9dau2aJ3XUj8iyeqyARu
1UH0sgjWr5rAFb2ZbkyDPhIgv76I1rk/jCFnDcynuaPf/CDREL3r0VgkE5hTHD31
Za25KhUc5gItvey47OCcpWWdc3cKnJhC6ED1rjJRyi3ZQ8WTL93Ff83zcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsR2WLF2Qx/TptVghtoKdW+2UPWMB8GA1UdIwQY
MBaAFCj3r+xNPwb4DWhyptYkbNAec9amMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BldjdFMF9CdmdOYUhLbTFpUnMwQjV6MXFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yMTdhMzAtOGVlMS00OTEzLWExMjct
NTc2ZDQwM2M5MThmLzEvS1BldjdFMF9CdmdOYUhLbTFpUnMwQjV6MXFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yMTdhMzAtOGVlMS00OTEzLWExMjctNTc2ZDQwM2M5MThm
LzEvS1BldjdFMF9CdmdOYUhLbTFpUnMwQjV6MXFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi9jDsUhf
OPmjRhi/KknEVtdSF1TJS32vlXxzZJQOJ90rPJcg1JQL1CnY70QWabKuYl2t0kNe
oe50Kb0vHvlULonijmAI1tHkx3QE7l/VkNlNrw0l4SktZOmwbHUWXWt8U1EHVlHe
fwR1bdsXCMEkNSiGtEE8yQ8FjowAzO9FgCavv5G2zhCrq3jamAw05yb2DDulvAJs
YtpUK+RoqcpZ0NGw5ZM/tnlJhaChQZ4/svFnuRoLPjJTPQmLSB8rs3RT627vkgLj
vTYAV5SZk0voHTjivr7aRoU8EcmPhlth8P0lU81SFMkZ5hYlqDHu1/0asGM/MOcC
N9jkEpObfn2RZQ==
-----END CERTIFICATE-----