Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          QX+4+i7YlE1aSKocSwYBQjLH5ZJfStXawzGp8dYbp6c=
Subject key identifier:   8C:42:5C:EA:34:44:F6:81:68:27:30:61:E8:D8:6B:8C:E3:49:2A:68
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       019A71B8327CC54752616D17AA93629CD18D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          0631
Signing time:             Tue 11 Nov 2025 07:01:28 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:28 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:28 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: ykLP7BLaTMvnfZkr8Kld5WUIrZ5GUHcqCghCZb3oUrk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:32:7c:c5:47:52:61:6d:17:aa:93:62:9c:d1:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Nov 11 07:01:28 2025 GMT
            Not After : Nov 12 07:01:28 2025 GMT
        Subject: CN=8c425cea3444f68168273061e8d86b8ce3492a68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:dd:cd:0c:b7:cb:3e:f6:f7:1a:36:1c:13:77:
                    3d:02:ae:e5:f9:37:11:d7:cc:e9:9b:c9:9b:2d:aa:
                    f2:9c:08:11:23:65:4a:2f:2c:ae:0c:dc:e9:62:e1:
                    4d:7f:4b:2f:b9:1c:0e:ac:44:6d:fe:d4:2a:9c:a7:
                    b1:8f:d2:62:57:04:53:69:c9:7e:94:a9:f9:b7:1e:
                    f8:04:1e:8a:10:65:96:ca:22:c0:8b:37:67:52:ba:
                    91:d9:27:55:69:8e:3d:d2:18:de:77:85:4f:d4:02:
                    44:df:7b:19:af:17:40:2e:aa:e2:5e:7d:75:55:33:
                    40:8b:67:eb:62:02:02:07:75:89:b3:92:bb:23:a8:
                    42:7a:e0:46:c8:6d:df:97:b7:ba:ce:45:8c:60:4e:
                    11:64:73:7a:54:c8:0f:98:5e:39:23:ca:cf:95:72:
                    c4:be:a0:11:21:1b:e3:da:a2:97:2d:7f:e3:b8:23:
                    b8:b2:a5:c7:db:26:bc:0d:6e:18:90:26:d8:8b:b3:
                    2e:07:df:7a:4e:96:9c:29:7a:fc:b7:c8:8c:28:53:
                    df:05:27:2a:50:e1:33:7e:f2:5a:c1:ed:17:1c:2b:
                    70:a3:c5:0f:85:4e:bf:3f:5a:82:c1:0d:1c:48:7f:
                    6c:da:88:4b:25:bb:78:33:5f:a9:a0:f3:86:47:7e:
                    b5:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:42:5C:EA:34:44:F6:81:68:27:30:61:E8:D8:6B:8C:E3:49:2A:68
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:f7:fa:2d:5a:09:a5:db:69:44:61:f8:20:87:bf:bc:94:a9:
         d7:41:10:79:76:2b:9f:77:4f:31:d8:06:29:d1:88:6f:f0:c8:
         b2:26:57:48:ec:06:c3:d5:50:d2:c2:5a:e9:60:53:e8:4b:9b:
         6d:b1:92:28:13:8e:a7:8b:74:97:c2:fc:d2:d7:05:9b:2d:cb:
         a2:f4:e7:ce:43:d1:89:ef:ed:00:dd:4f:54:b6:c0:28:e5:0c:
         86:60:57:ab:6f:4d:68:09:6d:e8:2f:c5:2f:48:1a:ce:cf:b3:
         9a:33:f0:a8:d8:cd:d7:1a:11:1e:ad:45:b6:8a:c7:c9:d1:a7:
         18:d1:ba:20:d6:a9:96:70:aa:13:10:62:b7:c2:09:df:f0:da:
         a9:05:79:82:6f:06:b3:0c:52:c5:e6:b0:44:17:d7:27:03:5e:
         0e:12:ff:91:23:4e:e1:16:d5:d4:27:35:25:65:1b:09:ab:41:
         9a:f2:39:3f:4e:bf:d0:b8:55:5a:a7:94:60:09:9e:33:31:e5:
         a3:4e:1c:85:a7:e4:aa:6f:a4:6a:c2:21:2d:5d:39:b2:2c:1a:
         12:6c:be:f9:e9:bd:c5:64:92:87:13:bd:29:e3:e2:a7:a6:3b:
         68:e1:ab:79:e1:7c:ca:9d:4c:53:d2:02:3f:17:ad:9d:19:4d:
         d7:6b:e2:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuDJ8xUdSYW0XqpNinNGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUxMTExMDcwMTI4WhcNMjUxMTEyMDcwMTI4WjAzMTEwLwYDVQQD
Eyg4YzQyNWNlYTM0NDRmNjgxNjgyNzMwNjFlOGQ4NmI4Y2UzNDkyYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd3NDLfLPvb3GjYcE3c9Aq7l+TcR
18zpm8mbLarynAgRI2VKLyyuDNzpYuFNf0svuRwOrERt/tQqnKexj9JiVwRTacl+
lKn5tx74BB6KEGWWyiLAizdnUrqR2SdVaY490hjed4VP1AJE33sZrxdALqriXn11
VTNAi2frYgICB3WJs5K7I6hCeuBGyG3fl7e6zkWMYE4RZHN6VMgPmF45I8rPlXLE
vqARIRvj2qKXLX/juCO4sqXH2ya8DW4YkCbYi7MuB996TpacKXr8t8iMKFPfBScq
UOEzfvJawe0XHCtwo8UPhU6/P1qCwQ0cSH9s2ohLJbt4M1+poPOGR361awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxCXOo0RPaBaCcwYejYa4zjSSpoMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmff6LVoJ
pdtpRGH4IIe/vJSp10EQeXYrn3dPMdgGKdGIb/DIsiZXSOwGw9VQ0sJa6WBT6Eub
bbGSKBOOp4t0l8L80tcFmy3LovTnzkPRie/tAN1PVLbAKOUMhmBXq29NaAlt6C/F
L0gazs+zmjPwqNjN1xoRHq1FtorHydGnGNG6INaplnCqExBit8IJ3/DaqQV5gm8G
swxSxeawRBfXJwNeDhL/kSNO4RbV1Cc1JWUbCatBmvI5P06/0LhVWqeUYAmeMzHl
o04chafkqm+kasIhLV05siwaEmy++em9xWSShxO9KePip6Y7aOGreeF8yp1MU9IC
PxetnRlN12viQw==
-----END CERTIFICATE-----