Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
File:                     kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json)
Hash identifier:          cmRlv5H7T0Uued07rh16OTSic8FjNWSpRAqFZMqPrq8=
Subject key identifier:   26:6C:59:B3:33:CB:44:06:BB:78:1B:0E:9C:BB:74:C6:A7:87:C1:E3
Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC
Certificate issuer:       /CN=918687c8542442170cc51ef5316d3963609708dc
Certificate serial:       0199239F3A0993E2B7D66391FC4A6D338312
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
Manifest number:          127E
Signing time:             Sun 07 Sep 2025 10:01:01 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:01 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:01 +0000
Files and hashes:         1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: 8roaL78RbsAoij6t+ABOXdGSKSX47kOBvbQLEaC7xF4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:3a:09:93:e2:b7:d6:63:91:fc:4a:6d:33:83:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=918687c8542442170cc51ef5316d3963609708dc
        Validity
            Not Before: Sep  7 10:01:01 2025 GMT
            Not After : Sep  8 10:01:01 2025 GMT
        Subject: CN=266c59b333cb4406bb781b0e9cbb74c6a787c1e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:39:04:d6:3a:21:8e:50:c3:29:72:2a:52:7b:
                    f1:d5:ee:88:07:98:15:40:72:6c:93:b6:19:c1:e4:
                    25:a3:6c:04:bc:30:12:c8:cd:df:8e:8e:34:e5:b5:
                    b5:48:97:54:65:ae:d8:6c:a9:dd:23:3d:d9:a6:81:
                    5f:95:b3:b6:1e:76:11:2b:9f:ec:0e:0a:e5:e6:9b:
                    84:b5:01:bf:2d:44:e9:33:1b:54:ca:18:00:8b:6b:
                    47:5f:7c:2d:36:38:5b:3f:4a:2d:9a:8c:3f:c8:ab:
                    88:37:96:68:01:28:60:6b:8a:08:3f:52:98:10:cc:
                    52:96:b9:1e:b9:7d:50:cd:0e:3e:32:82:3d:85:21:
                    fb:c6:5a:37:29:de:b7:e5:a9:13:d4:27:98:42:e2:
                    c7:de:ec:75:1f:c8:55:0c:f3:6a:0c:ab:35:8e:8a:
                    d3:75:5c:ee:1a:74:29:27:ae:2b:02:29:12:cb:39:
                    93:ee:c1:8a:9e:48:09:fb:47:96:77:a1:f3:3a:7b:
                    7a:ed:c0:24:df:7a:05:66:7c:c3:8c:bf:24:f6:77:
                    ab:ea:ec:58:81:85:32:5b:c6:19:8f:69:c7:9b:45:
                    fa:9a:78:40:7f:45:4b:47:a0:d5:d4:56:6e:47:02:
                    b5:e9:06:49:50:6b:38:e9:5c:d1:61:12:b1:16:0e:
                    44:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:6C:59:B3:33:CB:44:06:BB:78:1B:0E:9C:BB:74:C6:A7:87:C1:E3
            X509v3 Authority Key Identifier:
                keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:d0:6a:1e:56:c4:24:63:d9:02:fc:4a:62:9a:8f:8f:ac:9a:
         6b:37:79:9e:6c:b1:52:82:d6:f0:93:8e:12:cf:2d:4d:fc:2e:
         6c:45:47:81:4c:01:30:5d:b9:18:53:bd:3e:40:9e:0b:4c:b5:
         28:4d:dd:65:b9:3c:6f:5b:80:23:3f:3f:bc:0a:24:b5:ff:61:
         01:be:51:d0:78:6b:16:22:cd:a7:94:f0:7d:3d:8c:e7:53:83:
         c5:88:46:f0:5a:3e:87:71:ae:22:1e:98:63:bd:da:a8:ad:23:
         3f:73:cf:07:13:66:23:8d:01:2e:c8:74:2f:bd:ed:ba:23:f7:
         16:7d:a6:78:26:40:31:37:4a:a2:a9:bb:30:dc:7d:a1:e2:63:
         17:73:f3:8f:19:e4:67:79:72:7f:8a:71:4e:40:07:e6:ad:22:
         28:c3:33:b8:c3:a6:2b:fc:b9:0d:9a:f1:b1:b0:89:d5:5f:00:
         84:90:81:e2:92:d7:b6:a7:17:cc:2e:5f:12:f6:ae:fc:9e:83:
         28:25:b7:32:05:25:08:bf:47:04:fa:88:ab:28:66:89:9e:36:
         86:dc:9a:d6:99:94:93:79:fd:5d:00:8a:ee:4a:3f:59:f3:d1:
         f6:4b:27:1e:4c:77:27:66:ff:b7:0d:9a:b3:25:79:83:19:d4:
         a3:51:4c:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnzoJk+K31mOR/EptM4MSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5
NzA4ZGMwHhcNMjUwOTA3MTAwMTAxWhcNMjUwOTA4MTAwMTAxWjAzMTEwLwYDVQQD
EygyNjZjNTliMzMzY2I0NDA2YmI3ODFiMGU5Y2JiNzRjNmE3ODdjMWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDkE1johjlDDKXIqUnvx1e6IB5gV
QHJsk7YZweQlo2wEvDASyM3fjo405bW1SJdUZa7YbKndIz3ZpoFflbO2HnYRK5/s
Dgrl5puEtQG/LUTpMxtUyhgAi2tHX3wtNjhbP0otmow/yKuIN5ZoAShga4oIP1KY
EMxSlrkeuX1QzQ4+MoI9hSH7xlo3Kd635akT1CeYQuLH3ux1H8hVDPNqDKs1jorT
dVzuGnQpJ64rAikSyzmT7sGKnkgJ+0eWd6HzOnt67cAk33oFZnzDjL8k9ner6uxY
gYUyW8YZj2nHm0X6mnhAf0VLR6DV1FZuRwK16QZJUGs46VzRYRKxFg5EkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZsWbMzy0QGu3gbDpy7dManh8HjMB8GA1UdIwQY
MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt
ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx
LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA9BqHlbE
JGPZAvxKYpqPj6yaazd5nmyxUoLW8JOOEs8tTfwubEVHgUwBMF25GFO9PkCeC0y1
KE3dZbk8b1uAIz8/vAoktf9hAb5R0HhrFiLNp5TwfT2M51ODxYhG8Fo+h3GuIh6Y
Y73aqK0jP3PPBxNmI40BLsh0L73tuiP3Fn2meCZAMTdKoqm7MNx9oeJjF3Pzjxnk
Z3lyf4pxTkAH5q0iKMMzuMOmK/y5DZrxsbCJ1V8AhJCB4pLXtqcXzC5fEvau/J6D
KCW3MgUlCL9HBPqIqyhmiZ42htya1pmUk3n9XQCK7ko/WfPR9ksnHkx3J2b/tw2a
syV5gxnUo1FMGw==
-----END CERTIFICATE-----