Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
File:                     kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json)
Hash identifier:          vzVIZnaEcBoYsIASlbsQ2T0y5AKaBcJkIzR3mZ1BmX8=
Subject key identifier:   5E:9A:40:E6:6F:8A:7E:B0:75:E1:FC:E4:3C:DC:DD:4C:A0:EB:D0:B1
Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD
Certificate issuer:       /CN=917830d941ee090a8e32348f97b8308fd1ce09fd
Certificate serial:       019A7225DFD7F760E2DCF761C7541A942E7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
Manifest number:          0D9B
Signing time:             Tue 11 Nov 2025 09:01:15 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:15 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:15 +0000
Files and hashes:         1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: vJ2qjeso5KptNupCyiqbJQB/wscdY1o0WzmlVC2Hw2E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:df:d7:f7:60:e2:dc:f7:61:c7:54:1a:94:2e:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd
        Validity
            Not Before: Nov 11 09:01:15 2025 GMT
            Not After : Nov 12 09:01:15 2025 GMT
        Subject: CN=5e9a40e66f8a7eb075e1fce43cdcdd4ca0ebd0b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:de:7f:ad:9c:a9:9f:b8:b4:59:81:9b:ba:af:
                    1c:ea:3b:80:2d:f9:f3:30:f6:96:73:bc:78:b4:2b:
                    c1:08:bd:13:37:15:b5:07:d0:4a:e2:13:1d:e9:39:
                    fe:9f:3d:d9:f2:96:0c:65:e9:c1:10:d7:e9:dd:85:
                    be:9d:9d:22:f1:67:94:81:75:ef:ce:11:82:cd:63:
                    c7:33:50:be:16:32:95:99:ae:33:0f:a1:be:4e:7d:
                    62:7c:08:2a:b2:6f:84:49:60:15:82:aa:7b:88:0a:
                    b5:70:67:87:39:b2:8f:5d:16:ad:e1:bf:56:71:42:
                    57:16:76:26:ce:92:74:80:0e:83:a3:15:f9:cf:0d:
                    1e:7f:da:e3:10:76:f6:39:fe:23:88:27:5d:4c:9a:
                    95:6b:93:2e:d5:d5:52:70:28:3e:68:b9:c5:10:f7:
                    68:fc:2b:67:25:d0:f1:bf:9b:39:db:ba:80:cc:b8:
                    2f:e7:16:29:3d:a3:b3:c3:b7:b0:26:6a:60:c3:8a:
                    71:5d:3e:eb:6d:e6:34:93:11:41:29:ae:ce:d1:84:
                    60:a8:1c:4d:0e:2a:7a:0f:f8:e8:3e:18:5b:e7:f5:
                    4b:d3:75:18:1e:23:d3:92:9c:07:8a:f0:62:c0:29:
                    74:e1:d8:0d:c2:fe:9f:38:5e:05:00:b9:8a:b7:9e:
                    c2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:9A:40:E6:6F:8A:7E:B0:75:E1:FC:E4:3C:DC:DD:4C:A0:EB:D0:B1
            X509v3 Authority Key Identifier:
                keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:60:13:16:ff:77:0b:76:33:a7:70:07:82:5f:a7:fd:9b:5b:
         a3:b3:86:28:27:f1:3f:de:13:ed:85:13:ff:e6:78:3f:7d:ad:
         d1:1d:19:9f:98:d5:d1:4c:8a:a5:e1:da:58:f3:81:9e:6d:86:
         75:53:60:10:7b:b4:0f:2c:48:c8:c1:1c:1a:f8:92:bb:78:12:
         c1:36:32:bc:9c:57:dc:40:03:d0:a9:22:1c:f0:81:0f:d6:f8:
         d0:c9:72:6a:bb:05:bb:ce:11:f4:95:2b:c3:dd:88:90:c9:fa:
         78:16:1f:70:9c:fd:f3:97:5b:26:8a:b2:39:07:27:fc:c0:48:
         3b:a4:15:46:93:3b:3b:7d:4a:13:f0:88:f7:18:17:22:60:ad:
         64:d9:06:98:5b:25:0f:ba:b5:9d:a9:e9:09:3d:8d:27:28:3d:
         83:90:13:c9:7b:46:3f:52:48:a0:6e:12:6a:df:d4:ad:19:bb:
         4a:0a:73:62:b5:fd:a1:f5:cc:e8:f9:9d:a4:94:e7:5d:8c:c4:
         11:80:e8:89:6c:3d:b7:99:71:34:06:54:9b:51:9b:0c:d0:5c:
         87:0a:3b:f9:b9:73:0c:0b:f6:4d:36:32:05:c5:cf:68:db:7c:
         48:25:af:9a:8e:cb:ba:ae:03:21:4b:39:36:4f:12:80:53:98:
         b3:8b:7d:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJd/X92Di3Pdhx1QalC58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj
ZTA5ZmQwHhcNMjUxMTExMDkwMTE1WhcNMjUxMTEyMDkwMTE1WjAzMTEwLwYDVQQD
Eyg1ZTlhNDBlNjZmOGE3ZWIwNzVlMWZjZTQzY2RjZGQ0Y2EwZWJkMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1N5/rZypn7i0WYGbuq8c6juALfnz
MPaWc7x4tCvBCL0TNxW1B9BK4hMd6Tn+nz3Z8pYMZenBENfp3YW+nZ0i8WeUgXXv
zhGCzWPHM1C+FjKVma4zD6G+Tn1ifAgqsm+ESWAVgqp7iAq1cGeHObKPXRat4b9W
cUJXFnYmzpJ0gA6DoxX5zw0ef9rjEHb2Of4jiCddTJqVa5Mu1dVScCg+aLnFEPdo
/CtnJdDxv5s527qAzLgv5xYpPaOzw7ewJmpgw4pxXT7rbeY0kxFBKa7O0YRgqBxN
Dip6D/joPhhb5/VL03UYHiPTkpwHivBiwCl04dgNwv6fOF4FALmKt57CMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6aQOZvin6wdeH85Dzc3Uyg69CxMB8GA1UdIwQY
MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt
ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy
LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOWATFv93
C3Yzp3AHgl+n/Ztbo7OGKCfxP94T7YUT/+Z4P32t0R0Zn5jV0UyKpeHaWPOBnm2G
dVNgEHu0DyxIyMEcGviSu3gSwTYyvJxX3EAD0KkiHPCBD9b40MlyarsFu84R9JUr
w92IkMn6eBYfcJz985dbJoqyOQcn/MBIO6QVRpM7O31KE/CI9xgXImCtZNkGmFsl
D7q1nanpCT2NJyg9g5ATyXtGP1JIoG4Sat/UrRm7SgpzYrX9ofXM6PmdpJTnXYzE
EYDoiWw9t5lxNAZUm1GbDNBchwo7+blzDAv2TTYyBcXPaNt8SCWvmo7Luq4DIUs5
Nk8SgFOYs4t9Vg==
-----END CERTIFICATE-----