Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
File:                     kbDB4HajRpZoEluN05XzBN-i55Q.mft (raw, json)
Hash identifier:          X03y/OTYIlZ4m0xmMryMdLrnyCNRbBgHWpayVQY4UA8=
Subject key identifier:   4A:54:27:A9:2D:F7:48:EC:63:F6:5A:8D:AB:BA:B7:2D:43:73:23:61
Authority key identifier: 91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94
Certificate issuer:       /CN=91b0c1e076a3469668125b8dd395f304dfa2e794
Certificate serial:       019921B29416B4F4733BDB15DDBACFAA00C6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
Manifest number:          6D
Signing time:             Sun 07 Sep 2025 01:02:55 +0000
Manifest this update:     Sun 07 Sep 2025 01:02:55 +0000
Manifest next update:     Mon 08 Sep 2025 01:02:55 +0000
Files and hashes:         1: kbDB4HajRpZoEluN05XzBN-i55Q.crl (hash: YSs45TIy3eIkCobTGN9i6W7CdpkuJrAsnKBDzr5yiDU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:02:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b2:94:16:b4:f4:73:3b:db:15:dd:ba:cf:aa:00:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91b0c1e076a3469668125b8dd395f304dfa2e794
        Validity
            Not Before: Sep  7 01:02:55 2025 GMT
            Not After : Sep  8 01:02:55 2025 GMT
        Subject: CN=4a5427a92df748ec63f65a8dabbab72d43732361
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:82:46:fa:46:87:b2:5d:15:b4:bd:cf:6e:f3:
                    52:4d:7e:a3:64:df:eb:cf:db:50:08:b0:f8:af:4d:
                    34:08:3e:36:41:f8:a4:33:47:b7:eb:9c:27:5b:dc:
                    cc:cb:2a:6f:84:1b:72:1c:ab:c1:5d:a9:cf:0b:b9:
                    06:1f:b1:11:56:a5:81:ca:62:51:4f:52:6f:2c:11:
                    d0:37:a8:85:5e:47:a1:9a:ee:4d:c2:0d:92:fe:c0:
                    fe:26:64:c0:3c:53:b6:74:52:4d:ce:0b:14:89:00:
                    68:a6:03:04:0c:67:26:cd:f3:10:33:27:8a:5d:8f:
                    ef:95:42:92:aa:f4:72:b5:83:eb:26:a0:cd:49:f5:
                    a1:ad:90:19:b4:4d:46:47:e0:f4:7b:32:c0:4f:5a:
                    71:12:59:33:df:dd:49:e1:60:3d:a9:18:91:87:07:
                    bd:79:9c:e4:d1:ca:56:d2:d4:6b:8f:04:5a:eb:b1:
                    a0:07:e6:b8:a8:ad:f5:94:ac:97:9e:f0:11:99:b0:
                    e0:d9:f8:92:22:fe:5b:2a:5c:17:3b:5c:fc:67:a7:
                    93:23:07:9f:26:04:65:b7:3c:2a:5f:9a:32:66:fd:
                    7f:41:69:31:a4:1e:e8:a8:76:01:f3:ef:aa:b4:45:
                    71:56:92:b3:b0:fe:b7:a0:09:91:78:50:d8:b2:eb:
                    a9:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:54:27:A9:2D:F7:48:EC:63:F6:5A:8D:AB:BA:B7:2D:43:73:23:61
            X509v3 Authority Key Identifier:
                keyid:91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:8b:e8:ce:78:36:58:ad:d0:89:50:ea:56:94:42:7f:5b:96:
         a3:60:de:a9:47:4f:2c:ca:af:07:95:7a:43:f4:59:f1:66:b8:
         23:60:5d:52:c6:30:59:79:19:b6:b1:79:09:f6:9f:dc:aa:df:
         fb:ed:2b:97:d6:90:48:1d:f9:0e:1c:f5:4d:54:3d:b7:51:8b:
         a4:0c:4e:e0:5f:53:1f:d5:fa:d8:6d:b6:37:89:8a:82:be:f6:
         93:38:78:12:9e:61:3a:a2:d7:51:53:f9:f8:3a:b3:45:18:94:
         ad:fd:be:28:df:df:3f:53:48:4f:92:6f:e6:61:90:79:46:8a:
         f8:c9:c0:0c:28:b7:db:11:c4:e2:3e:bc:2e:32:ca:57:a2:0f:
         a1:4b:78:7d:ba:19:d4:b5:2b:71:4c:29:6b:40:2b:8e:4d:53:
         3f:6d:ca:e4:3d:8e:03:bd:f5:55:e7:34:92:e1:11:17:e0:27:
         96:8e:af:fd:5d:58:61:6e:b6:10:e8:6c:6b:80:fb:d9:97:fe:
         8d:0b:91:20:01:c7:c1:da:83:69:24:6a:b8:95:44:00:82:26:
         9c:01:9d:03:15:19:75:f6:ce:e6:8a:48:2e:35:c9:ee:6f:48:
         21:26:ef:89:ab:5b:87:0b:04:78:6a:32:47:21:19:9b:46:90:
         d4:62:72:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhspQWtPRzO9sV3brPqgDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYjBjMWUwNzZhMzQ2OTY2ODEyNWI4ZGQzOTVmMzA0ZGZh
MmU3OTQwHhcNMjUwOTA3MDEwMjU1WhcNMjUwOTA4MDEwMjU1WjAzMTEwLwYDVQQD
Eyg0YTU0MjdhOTJkZjc0OGVjNjNmNjVhOGRhYmJhYjcyZDQzNzMyMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4JG+kaHsl0VtL3PbvNSTX6jZN/r
z9tQCLD4r000CD42QfikM0e365wnW9zMyypvhBtyHKvBXanPC7kGH7ERVqWBymJR
T1JvLBHQN6iFXkehmu5Nwg2S/sD+JmTAPFO2dFJNzgsUiQBopgMEDGcmzfMQMyeK
XY/vlUKSqvRytYPrJqDNSfWhrZAZtE1GR+D0ezLAT1pxElkz391J4WA9qRiRhwe9
eZzk0cpW0tRrjwRa67GgB+a4qK31lKyXnvARmbDg2fiSIv5bKlwXO1z8Z6eTIwef
JgRltzwqX5oyZv1/QWkxpB7oqHYB8++qtEVxVpKzsP63oAmReFDYsuup7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEpUJ6kt90jsY/Zajau6ty1DcyNhMB8GA1UdIwQY
MBaAFJGwweB2o0aWaBJbjdOV8wTfoueUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUt
ZWQ4MjM3OWNmYTMyLzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUtZWQ4MjM3OWNmYTMy
LzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl4vozng2
WK3QiVDqVpRCf1uWo2DeqUdPLMqvB5V6Q/RZ8Wa4I2BdUsYwWXkZtrF5Cfaf3Krf
++0rl9aQSB35Dhz1TVQ9t1GLpAxO4F9TH9X62G22N4mKgr72kzh4Ep5hOqLXUVP5
+DqzRRiUrf2+KN/fP1NIT5Jv5mGQeUaK+MnADCi32xHE4j68LjLKV6IPoUt4fboZ
1LUrcUwpa0Arjk1TP23K5D2OA731Vec0kuERF+Anlo6v/V1YYW62EOhsa4D72Zf+
jQuRIAHHwdqDaSRquJVEAIImnAGdAxUZdfbO5opILjXJ7m9IISbviatbhwsEeGoy
RyEZm0aQ1GJyHA==
-----END CERTIFICATE-----