Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
File:                     KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft (raw, json)
Hash identifier:          p3wdOL7nO4Q+NYh/DAHgAudPSqEUQmbR2JKBbrCtxy0=
Subject key identifier:   D0:B5:B6:29:03:16:A7:B9:3D:B7:23:1F:E1:60:B0:1C:4D:A6:19:83
Authority key identifier: 29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0
Certificate issuer:       /CN=293bc3a5749733104f7b9cc0512dade136d70ad0
Certificate serial:       019923A01C408A2C013969A95BEC4D620D9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
Manifest number:          166F
Signing time:             Sun 07 Sep 2025 10:01:59 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:59 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:59 +0000
Files and hashes:         1: KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl (hash: 98Q1UYhfNRg12uYHLpP4eJjmi4LQpES7vd3qQiDj34A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:1c:40:8a:2c:01:39:69:a9:5b:ec:4d:62:0d:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=293bc3a5749733104f7b9cc0512dade136d70ad0
        Validity
            Not Before: Sep  7 10:01:59 2025 GMT
            Not After : Sep  8 10:01:59 2025 GMT
        Subject: CN=d0b5b6290316a7b93db7231fe160b01c4da61983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ed:dc:f8:7c:83:7d:b1:89:f4:98:56:0c:fa:
                    c5:65:d6:90:0e:2b:59:ea:69:f6:6d:0c:c8:61:0d:
                    70:bc:8b:4b:ea:bc:76:eb:25:42:8b:ad:02:bc:67:
                    0a:0c:6e:91:b3:2b:09:4b:79:dd:c7:2d:bc:a6:15:
                    02:79:ad:53:4a:30:fc:88:6e:10:3e:15:04:34:68:
                    ad:5d:91:38:0e:de:3e:97:35:4c:91:73:8c:2c:60:
                    e3:a9:fc:11:12:89:c0:26:16:f4:30:7f:b4:8a:05:
                    e3:f3:fa:cc:90:5c:1d:4c:77:f1:1f:48:cb:17:35:
                    2f:bb:98:a9:31:82:f7:da:a6:f2:dd:23:d4:f7:35:
                    9f:d1:00:e5:10:45:e6:59:65:b6:53:42:4c:39:13:
                    d9:b5:ea:72:0f:2a:ce:5f:fa:2a:5b:4f:1b:4a:9d:
                    b5:04:ef:e7:6d:19:82:9d:8b:59:04:17:96:48:8c:
                    98:8c:d4:75:0e:c4:2a:67:7c:78:99:09:ef:ed:93:
                    af:af:7b:b7:68:fb:bf:5a:a2:35:ff:f1:40:19:fa:
                    f5:3d:88:70:34:73:77:f5:9a:59:1f:eb:15:9b:97:
                    b4:c4:8b:48:9a:1f:89:f4:81:5d:03:6f:b6:b2:c1:
                    e3:34:ea:ff:33:92:07:90:56:55:a9:e8:fe:01:76:
                    e8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:B5:B6:29:03:16:A7:B9:3D:B7:23:1F:E1:60:B0:1C:4D:A6:19:83
            X509v3 Authority Key Identifier:
                keyid:29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:78:f4:a4:d7:8b:47:14:3e:b3:a6:30:2f:a8:58:5c:e7:fe:
         00:91:40:a4:ca:c4:8f:8d:75:39:07:c8:6a:c0:c7:5f:75:75:
         ab:43:16:50:22:e8:da:5c:6d:a5:b1:7f:e1:01:4f:04:fc:1e:
         13:7b:09:fb:7c:b1:47:d0:0b:86:ad:6a:92:3a:73:7c:2e:57:
         62:e3:0e:2a:8c:1d:7a:02:b2:6b:42:61:63:7e:b0:8e:10:4c:
         ff:55:68:9a:2e:85:ba:49:dd:73:e7:f9:b8:ba:fa:06:6f:7f:
         ff:02:33:eb:78:f1:bc:07:cd:14:1e:1f:9f:75:21:89:f0:85:
         6d:06:33:98:80:b7:b1:4d:b4:51:83:7b:16:6c:58:83:f5:f3:
         64:e1:8d:28:fd:2e:60:d0:99:1c:e3:a1:27:74:bd:8e:65:ac:
         47:13:e2:1d:b3:f3:7a:55:44:18:a2:6e:47:52:54:63:83:87:
         83:f8:f4:7b:ef:e0:5f:f1:67:2d:40:b6:50:e0:0b:b3:6e:25:
         cb:66:06:08:a1:f8:2e:79:a1:8d:36:8e:ed:ec:60:7b:0e:1a:
         7a:53:e3:6a:10:e7:d9:46:f0:8d:49:e4:93:76:7f:0d:f6:b9:
         c4:d7:2a:5f:e1:00:53:d7:96:02:d4:89:c1:86:fc:b8:67:12:
         2c:c0:c1:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoBxAiiwBOWmpW+xNYg2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2JjM2E1NzQ5NzMzMTA0ZjdiOWNjMDUxMmRhZGUxMzZk
NzBhZDAwHhcNMjUwOTA3MTAwMTU5WhcNMjUwOTA4MTAwMTU5WjAzMTEwLwYDVQQD
EyhkMGI1YjYyOTAzMTZhN2I5M2RiNzIzMWZlMTYwYjAxYzRkYTYxOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+3c+HyDfbGJ9JhWDPrFZdaQDitZ
6mn2bQzIYQ1wvItL6rx26yVCi60CvGcKDG6RsysJS3ndxy28phUCea1TSjD8iG4Q
PhUENGitXZE4Dt4+lzVMkXOMLGDjqfwREonAJhb0MH+0igXj8/rMkFwdTHfxH0jL
FzUvu5ipMYL32qby3SPU9zWf0QDlEEXmWWW2U0JMORPZtepyDyrOX/oqW08bSp21
BO/nbRmCnYtZBBeWSIyYjNR1DsQqZ3x4mQnv7ZOvr3u3aPu/WqI1//FAGfr1PYhw
NHN39ZpZH+sVm5e0xItImh+J9IFdA2+2ssHjNOr/M5IHkFZVqej+AXbonQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNC1tikDFqe5PbcjH+FgsBxNphmDMB8GA1UdIwQY
MBaAFCk7w6V0lzMQT3ucwFEtreE21wrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmIt
NjA5YTFlODYyN2ZkLzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmItNjA5YTFlODYyN2Zk
LzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAknj0pNeL
RxQ+s6YwL6hYXOf+AJFApMrEj411OQfIasDHX3V1q0MWUCLo2lxtpbF/4QFPBPwe
E3sJ+3yxR9ALhq1qkjpzfC5XYuMOKowdegKya0JhY36wjhBM/1Vomi6Fukndc+f5
uLr6Bm9//wIz63jxvAfNFB4fn3UhifCFbQYzmIC3sU20UYN7FmxYg/XzZOGNKP0u
YNCZHOOhJ3S9jmWsRxPiHbPzelVEGKJuR1JUY4OHg/j0e+/gX/FnLUC2UOALs24l
y2YGCKH4LnmhjTaO7exgew4aelPjahDn2UbwjUnkk3Z/Dfa5xNcqX+EAU9eWAtSJ
wYb8uGcSLMDB+Q==
-----END CERTIFICATE-----