Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          MlFKiEcbBJ0RL6dxk8BaXfCyHWUTKR2gca9ohx6lKmA=
Subject key identifier:   70:9D:25:9C:16:D9:16:60:4F:7F:01:9D:69:C6:22:62:EC:41:F6:28
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       019921B11CDF10B9222B23991F28582BFB31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          0583
Signing time:             Sun 07 Sep 2025 01:01:19 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:19 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:19 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: RrXjubqaK3INIY+dT0fjXBvhFMTdWJVnz2oF+J/7YNs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:1c:df:10:b9:22:2b:23:99:1f:28:58:2b:fb:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Sep  7 01:01:19 2025 GMT
            Not After : Sep  8 01:01:19 2025 GMT
        Subject: CN=709d259c16d916604f7f019d69c62262ec41f628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:bb:ef:b7:5b:3d:6c:07:aa:3e:03:99:40:65:
                    f0:5b:36:cd:8d:64:37:7f:da:cc:0f:88:2c:69:75:
                    a2:18:3b:3e:1f:fa:c3:74:11:f8:06:4c:a1:0d:b1:
                    ab:5d:a1:58:ff:80:53:cf:65:9f:a5:f8:1e:c2:03:
                    fa:04:f1:04:6a:8b:e0:ee:a3:1f:40:7e:c0:54:1f:
                    f2:96:2e:3a:b6:7d:2a:1b:08:09:ab:ea:32:59:35:
                    ea:f7:d6:8a:6a:cf:cb:21:05:95:44:e8:11:64:4b:
                    62:db:91:47:bf:f3:56:3d:63:6b:d5:c4:2a:53:86:
                    1f:76:b1:d2:40:26:3c:a5:fa:d9:94:57:d4:0d:a0:
                    55:27:98:80:8c:dd:cc:52:2c:89:85:48:f0:60:fd:
                    3d:2d:77:11:10:53:33:e9:be:6f:82:1b:26:ee:69:
                    bd:5c:9d:61:c2:a0:33:6b:4c:5f:6f:b4:7e:00:77:
                    94:34:5f:00:b0:48:cf:2a:07:7d:a3:76:d2:70:a2:
                    bb:5f:47:bf:b7:0a:5a:df:fd:ad:a4:37:41:ff:08:
                    72:6f:76:cf:9c:62:82:de:35:83:35:f0:2f:fd:9f:
                    98:ec:c7:f1:3d:cc:d5:49:22:5d:e3:f2:ff:44:ad:
                    c1:d9:ee:6a:3c:4a:c4:25:62:49:39:d0:45:f0:93:
                    12:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:9D:25:9C:16:D9:16:60:4F:7F:01:9D:69:C6:22:62:EC:41:F6:28
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:31:44:57:6b:b6:5d:ac:50:de:99:bc:df:6a:15:a5:b6:56:
         6a:16:0f:03:9f:f5:5b:cf:ca:41:05:5a:52:d8:c5:01:69:84:
         87:99:c5:e9:52:0d:48:ad:24:d9:38:d2:c4:43:9f:da:35:95:
         2c:d2:02:0f:03:ce:68:12:67:76:ef:a4:42:1a:78:b7:cb:42:
         54:ec:cb:25:14:02:d7:4c:1d:04:ae:5d:c2:47:dc:28:2c:a1:
         35:63:af:42:18:84:71:e5:a9:8a:a6:0a:56:57:e5:17:93:fd:
         5a:6b:de:7f:3d:54:89:7a:4b:bf:90:51:a3:c2:fa:aa:72:fd:
         c8:be:be:cd:1a:8f:3a:af:28:72:da:75:6e:56:c2:56:82:61:
         2e:f8:e9:8c:2e:52:90:34:1a:0b:a7:7d:2e:02:d2:ad:84:14:
         dc:cf:71:4b:d9:92:5e:88:e3:21:11:89:b4:cf:e1:80:4f:10:
         90:98:5f:9e:91:83:14:c1:d3:67:ba:b8:23:95:8c:9c:ec:33:
         48:2f:fd:3f:22:d2:54:b4:a9:ae:99:2e:35:90:2a:16:ce:3e:
         78:6e:b2:68:19:57:e3:e6:27:18:85:b8:96:cb:b6:41:93:c1:
         8d:71:4c:cb:83:3a:b7:7f:9e:54:02:26:ed:f9:3a:92:10:bb:
         9e:eb:47:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsRzfELkiKyOZHyhYK/sxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwOTA3MDEwMTE5WhcNMjUwOTA4MDEwMTE5WjAzMTEwLwYDVQQD
Eyg3MDlkMjU5YzE2ZDkxNjYwNGY3ZjAxOWQ2OWM2MjI2MmVjNDFmNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7vvt1s9bAeqPgOZQGXwWzbNjWQ3
f9rMD4gsaXWiGDs+H/rDdBH4BkyhDbGrXaFY/4BTz2WfpfgewgP6BPEEaovg7qMf
QH7AVB/yli46tn0qGwgJq+oyWTXq99aKas/LIQWVROgRZEti25FHv/NWPWNr1cQq
U4YfdrHSQCY8pfrZlFfUDaBVJ5iAjN3MUiyJhUjwYP09LXcREFMz6b5vghsm7mm9
XJ1hwqAza0xfb7R+AHeUNF8AsEjPKgd9o3bScKK7X0e/twpa3/2tpDdB/whyb3bP
nGKC3jWDNfAv/Z+Y7MfxPczVSSJd4/L/RK3B2e5qPErEJWJJOdBF8JMSoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHCdJZwW2RZgT38BnWnGImLsQfYoMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnDFEV2u2
XaxQ3pm832oVpbZWahYPA5/1W8/KQQVaUtjFAWmEh5nF6VINSK0k2TjSxEOf2jWV
LNICDwPOaBJndu+kQhp4t8tCVOzLJRQC10wdBK5dwkfcKCyhNWOvQhiEceWpiqYK
VlflF5P9Wmvefz1UiXpLv5BRo8L6qnL9yL6+zRqPOq8octp1blbCVoJhLvjpjC5S
kDQaC6d9LgLSrYQU3M9xS9mSXojjIRGJtM/hgE8QkJhfnpGDFMHTZ7q4I5WMnOwz
SC/9PyLSVLSprpkuNZAqFs4+eG6yaBlX4+YnGIW4lsu2QZPBjXFMy4M6t3+eVAIm
7fk6khC7nutHXQ==
-----END CERTIFICATE-----