Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          RFG0YDz8Q7c3zA6OWC3E09r+U5gWAx3CgVM6FFCHp8U=
Subject key identifier:   0E:7C:22:9B:76:E5:B4:79:C5:0C:9D:F3:A6:E1:E2:7B:6C:EF:EF:AF
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       019A7225C47B8717D025935BA001E2C1FD04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          032E
Signing time:             Tue 11 Nov 2025 09:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:08 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: w3vDhjnqxpWGOBtrakdUox5dOrcmE9OR6ApzPQCJxLM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:c4:7b:87:17:d0:25:93:5b:a0:01:e2:c1:fd:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Nov 11 09:01:08 2025 GMT
            Not After : Nov 12 09:01:08 2025 GMT
        Subject: CN=0e7c229b76e5b479c50c9df3a6e1e27b6cefefaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:e7:46:be:cf:63:65:70:68:7c:5a:c7:f6:23:
                    e6:05:72:33:d6:17:06:66:c6:d8:19:41:d8:eb:22:
                    12:ed:e1:2d:76:ea:62:db:60:b6:77:15:22:a6:b6:
                    39:5a:d8:02:83:a3:06:67:e5:68:5e:a6:84:bb:00:
                    0d:fa:07:31:94:0d:1c:11:d8:e4:b4:ee:1a:c9:20:
                    85:a1:ca:9b:4d:e2:3f:ee:03:08:38:ed:aa:70:02:
                    be:b7:25:53:fd:e0:55:06:ce:e4:d9:c0:04:c9:c2:
                    fd:5a:02:00:14:1f:b8:c6:a8:b1:46:f1:6e:42:3c:
                    1d:69:aa:4f:a2:4a:71:2b:36:89:a7:d1:ca:9b:da:
                    be:d6:e5:fe:aa:c1:51:46:c0:56:8a:63:f0:20:b8:
                    95:3e:02:79:9f:8c:2d:32:91:91:51:b7:9d:a1:62:
                    03:24:d5:d6:01:cd:38:87:26:7f:3c:9a:e4:d4:62:
                    dd:d7:91:76:fa:6c:34:d1:1f:05:bd:7f:3e:d9:b7:
                    18:7e:f0:c6:2c:87:71:5f:d4:af:5a:ce:5f:fe:f8:
                    02:57:36:2c:41:3a:a5:0b:b7:9f:56:b6:58:5c:70:
                    60:7d:01:30:cb:ad:74:5d:d4:4b:73:8a:7c:be:b6:
                    57:7c:04:7c:43:cf:81:5c:cd:9e:c5:c2:66:23:51:
                    ab:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:7C:22:9B:76:E5:B4:79:C5:0C:9D:F3:A6:E1:E2:7B:6C:EF:EF:AF
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:2c:8f:ae:a0:c9:33:86:fe:6e:aa:b0:1e:54:7d:27:eb:84:
         b7:b8:b1:a2:b2:34:0f:20:b5:ce:33:dc:8c:b8:96:bb:0f:43:
         64:5d:6b:48:3e:1c:fb:52:31:91:f7:b8:eb:fa:96:6a:d7:87:
         94:dd:ec:e2:b4:3e:11:70:d3:04:c6:20:02:5f:a9:b0:fb:fb:
         d3:c8:61:7e:bf:e8:7d:bc:59:bf:77:ca:92:de:73:2d:84:a1:
         7f:ec:f4:37:e6:27:26:16:4d:a8:cb:9a:63:25:55:ed:4a:6c:
         2c:08:45:d8:30:22:c7:f5:de:5e:10:b1:db:4e:4c:8d:6f:c5:
         7e:ae:0f:db:c4:d3:ce:3d:4b:39:aa:50:82:e2:89:4d:60:d9:
         67:56:98:16:ee:82:91:66:e4:8e:72:13:c8:eb:5c:2e:4a:df:
         9b:1d:cb:d7:ac:bd:dc:30:8e:32:67:b8:aa:d3:b2:5c:86:21:
         d8:fe:ba:db:ec:b3:73:ca:29:ac:cf:d1:41:04:75:fd:75:b7:
         e5:ac:ba:40:b5:84:d3:bf:2a:45:21:26:82:41:19:85:ee:ad:
         c4:d6:89:19:8d:b5:d6:6b:05:6d:a7:d7:1c:b3:76:e3:ea:45:
         c9:a4:26:45:0a:e4:7c:f4:f4:fc:6e:38:99:4a:2a:cc:b0:94:
         c1:05:93:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcR7hxfQJZNboAHiwf0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjUxMTExMDkwMTA4WhcNMjUxMTEyMDkwMTA4WjAzMTEwLwYDVQQD
EygwZTdjMjI5Yjc2ZTViNDc5YzUwYzlkZjNhNmUxZTI3YjZjZWZlZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+dGvs9jZXBofFrH9iPmBXIz1hcG
ZsbYGUHY6yIS7eEtdupi22C2dxUiprY5WtgCg6MGZ+VoXqaEuwAN+gcxlA0cEdjk
tO4aySCFocqbTeI/7gMIOO2qcAK+tyVT/eBVBs7k2cAEycL9WgIAFB+4xqixRvFu
QjwdaapPokpxKzaJp9HKm9q+1uX+qsFRRsBWimPwILiVPgJ5n4wtMpGRUbedoWID
JNXWAc04hyZ/PJrk1GLd15F2+mw00R8FvX8+2bcYfvDGLIdxX9SvWs5f/vgCVzYs
QTqlC7efVrZYXHBgfQEwy610XdRLc4p8vrZXfAR8Q8+BXM2excJmI1GrwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA58Ipt25bR5xQyd86bh4nts7++vMB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAviyPrqDJ
M4b+bqqwHlR9J+uEt7ixorI0DyC1zjPcjLiWuw9DZF1rSD4c+1Ixkfe46/qWateH
lN3s4rQ+EXDTBMYgAl+psPv708hhfr/ofbxZv3fKkt5zLYShf+z0N+YnJhZNqMua
YyVV7UpsLAhF2DAix/XeXhCx205MjW/Ffq4P28TTzj1LOapQguKJTWDZZ1aYFu6C
kWbkjnITyOtcLkrfmx3L16y93DCOMme4qtOyXIYh2P662+yzc8oprM/RQQR1/XW3
5ay6QLWE078qRSEmgkEZhe6txNaJGY211msFbafXHLN24+pFyaQmRQrkfPT0/G44
mUoqzLCUwQWTdg==
-----END CERTIFICATE-----