Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
File:                     kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json)
Hash identifier:          yItuNEn4YMhENn0yympZ+9aLTnuFH+0CNR2Mm0vtaTc=
Subject key identifier:   8A:BA:BF:B0:ED:43:9B:D7:95:ED:1F:D1:5A:C6:5E:1A:B0:81:DD:BF
Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC
Certificate issuer:       /CN=918687c8542442170cc51ef5316d3963609708dc
Certificate serial:       019A71B846D3AD696A883EABCD1914F799F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
Manifest number:          132B
Signing time:             Tue 11 Nov 2025 07:01:33 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:33 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:33 +0000
Files and hashes:         1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: WhSYkC7v+y9scZ4O8th3825fMS8ZB5Be8Br6V96uTAg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:46:d3:ad:69:6a:88:3e:ab:cd:19:14:f7:99:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918687c8542442170cc51ef5316d3963609708dc
        Validity
            Not Before: Nov 11 07:01:33 2025 GMT
            Not After : Nov 12 07:01:33 2025 GMT
        Subject: CN=8ababfb0ed439bd795ed1fd15ac65e1ab081ddbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:27:71:61:4a:b2:24:2d:fa:7d:31:0d:79:2c:
                    06:19:91:90:4b:b6:49:c7:ba:23:b5:75:67:81:92:
                    59:9c:89:eb:bf:3a:91:e1:88:50:77:77:4b:9c:f6:
                    3e:f6:ec:87:44:32:c7:70:a8:6c:de:e4:25:1b:46:
                    f2:4a:75:87:b6:5b:5a:10:68:a3:62:67:18:fd:b8:
                    a6:67:ae:06:5f:cc:2d:62:24:85:59:59:e4:82:ab:
                    2e:a7:83:4e:3f:c8:ac:68:08:1a:0d:09:8b:e0:1a:
                    b2:ac:dd:89:1b:9b:d1:96:ef:34:b3:47:dc:9d:bf:
                    66:0d:7a:2c:d8:9c:70:ac:ad:6c:b4:2d:ae:63:74:
                    55:91:bc:62:09:c3:c6:b4:7e:0f:79:d6:4f:7a:4d:
                    de:c2:1d:d6:dc:4f:70:f1:fa:03:68:57:70:96:f1:
                    ab:4b:46:3a:1b:38:55:2c:d2:34:8f:4a:f7:99:ed:
                    31:e8:c9:ea:dc:31:44:57:66:9b:bd:e3:b8:76:1a:
                    8a:02:b0:98:b5:72:d6:96:8c:de:6e:1b:5f:78:ba:
                    71:c5:a1:dc:dd:f0:de:91:3b:0f:81:5e:d2:53:cf:
                    84:f8:ba:55:74:5a:ef:16:78:07:fa:ab:51:b2:52:
                    ca:e9:0c:0b:f9:04:62:ad:e0:9c:90:21:c2:8b:21:
                    f5:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:BA:BF:B0:ED:43:9B:D7:95:ED:1F:D1:5A:C6:5E:1A:B0:81:DD:BF
            X509v3 Authority Key Identifier:
                keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:fb:b4:9f:d2:6e:20:9f:05:79:91:fd:0e:45:2c:c3:a0:07:
         74:03:45:21:61:e4:8a:0c:d0:86:e0:2e:54:6d:da:e5:9d:76:
         3e:8d:c8:9a:1b:c3:8d:c2:77:eb:87:6b:3c:29:92:da:64:bd:
         19:fd:f7:90:7c:e3:4a:75:99:72:21:6c:db:cd:da:92:dd:5d:
         c6:95:4c:e0:20:53:29:a2:bc:9b:9a:bf:8c:d4:41:1f:0c:a0:
         9c:68:f2:b4:40:1f:3e:d0:26:5b:4e:34:94:8d:3b:ee:0d:05:
         73:07:bd:a7:0a:ef:9e:07:2c:3a:2f:ac:2c:e6:ec:65:79:21:
         4d:9c:54:7d:99:9d:72:9b:28:2a:bf:5b:b8:1f:ce:2e:4a:48:
         52:29:98:8c:21:0c:89:43:0e:b9:11:15:9b:d5:bf:a7:79:8e:
         b5:ee:ca:1b:24:e6:81:bd:dc:b8:d8:bc:fb:19:a9:f0:bd:cb:
         3c:e1:18:0b:45:4e:c4:12:cd:03:ce:0b:f3:ef:95:76:5b:d7:
         fe:ff:da:47:a0:b4:15:78:b3:90:9c:2d:0b:bc:eb:87:c7:3d:
         74:5d:ca:41:71:e7:e6:bb:f0:a2:cb:e7:de:32:73:db:ca:79:
         d6:89:51:1b:aa:b1:d8:2c:41:d9:42:75:1b:50:1d:2d:e0:52:
         bb:a2:9e:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEbTrWlqiD6rzRkU95n1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5
NzA4ZGMwHhcNMjUxMTExMDcwMTMzWhcNMjUxMTEyMDcwMTMzWjAzMTEwLwYDVQQD
Eyg4YWJhYmZiMGVkNDM5YmQ3OTVlZDFmZDE1YWM2NWUxYWIwODFkZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCdxYUqyJC36fTENeSwGGZGQS7ZJ
x7ojtXVngZJZnInrvzqR4YhQd3dLnPY+9uyHRDLHcKhs3uQlG0bySnWHtltaEGij
YmcY/bimZ64GX8wtYiSFWVnkgqsup4NOP8isaAgaDQmL4BqyrN2JG5vRlu80s0fc
nb9mDXos2JxwrK1stC2uY3RVkbxiCcPGtH4PedZPek3ewh3W3E9w8foDaFdwlvGr
S0Y6GzhVLNI0j0r3me0x6Mnq3DFEV2abveO4dhqKArCYtXLWlozebhtfeLpxxaHc
3fDekTsPgV7SU8+E+LpVdFrvFngH+qtRslLK6QwL+QRireCckCHCiyH1IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIq6v7DtQ5vXle0f0VrGXhqwgd2/MB8GA1UdIwQY
MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt
ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx
LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARPu0n9Ju
IJ8FeZH9DkUsw6AHdANFIWHkigzQhuAuVG3a5Z12Po3ImhvDjcJ364drPCmS2mS9
Gf33kHzjSnWZciFs283akt1dxpVM4CBTKaK8m5q/jNRBHwygnGjytEAfPtAmW040
lI077g0Fcwe9pwrvngcsOi+sLObsZXkhTZxUfZmdcpsoKr9buB/OLkpIUimYjCEM
iUMOuREVm9W/p3mOte7KGyTmgb3cuNi8+xmp8L3LPOEYC0VOxBLNA84L8++VdlvX
/v/aR6C0FXizkJwtC7zrh8c9dF3KQXHn5rvwosvn3jJz28p51olRG6qx2CxB2UJ1
G1AdLeBSu6Kebg==
-----END CERTIFICATE-----