Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          UbDV+v0iGrQVwvUAgBSrj7IChOy1xIDP2PuYLFTAbDs=
Subject key identifier:   0B:29:56:69:1B:78:96:2B:80:9E:3B:E5:0D:2B:DF:FB:F5:4D:27:5A
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       019A71B7D01C20DBCB951DA20E9895416D7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          1134
Signing time:             Tue 11 Nov 2025 07:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:02 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: FVqK4IFNKW82MJes8tkn5z/F4kBKiZcwj5PMf9Pf+3I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:d0:1c:20:db:cb:95:1d:a2:0e:98:95:41:6d:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Nov 11 07:01:02 2025 GMT
            Not After : Nov 12 07:01:02 2025 GMT
        Subject: CN=0b2956691b78962b809e3be50d2bdffbf54d275a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d5:84:8c:aa:5d:e0:2d:4d:89:1f:21:b3:44:
                    01:a8:87:61:71:f7:49:1a:85:24:e7:a2:69:2a:41:
                    c5:32:5e:57:b6:fe:57:5b:7a:60:64:de:78:f6:21:
                    75:79:fd:1b:53:8b:4e:2f:fb:54:64:7f:8e:ea:0c:
                    95:74:46:67:2a:12:33:03:58:ff:a0:c7:04:30:2c:
                    17:f9:41:fe:e2:37:09:31:1d:61:13:bb:d1:33:e7:
                    6b:0c:db:af:ed:c6:17:7e:00:38:91:c2:69:77:ac:
                    cb:30:70:97:73:3b:b0:52:5e:ec:1d:57:9d:02:66:
                    fe:0d:be:42:6e:34:21:84:31:d2:e0:22:d1:b4:0a:
                    47:a0:12:16:e0:01:70:33:79:42:53:2c:2d:9c:aa:
                    f5:ad:93:35:eb:06:3b:bf:86:dd:64:45:13:e8:0c:
                    7e:98:73:84:83:87:a6:be:79:ae:f3:ba:0b:dd:40:
                    9a:87:f2:0e:61:e7:07:8e:43:ab:50:ae:89:74:83:
                    f6:f2:26:d1:42:17:a8:da:d9:50:af:ff:85:bc:d5:
                    b0:89:8f:52:18:f8:81:da:e5:d6:92:79:75:bb:a6:
                    cb:3e:73:82:e2:08:d9:22:d0:47:16:74:8f:51:75:
                    bf:a9:e3:ff:12:60:23:6f:46:e1:24:79:f3:ad:16:
                    c6:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:29:56:69:1B:78:96:2B:80:9E:3B:E5:0D:2B:DF:FB:F5:4D:27:5A
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:5e:9d:d9:3e:c5:1c:8f:8f:d8:ed:29:48:8a:ff:ee:e2:c1:
         cd:78:bc:53:ce:5a:88:74:f8:87:f2:ae:b9:3b:43:29:b9:3e:
         78:69:fa:ff:f6:bb:4b:89:ef:90:2a:0c:7b:6c:c5:e7:cc:1d:
         1f:40:22:dc:12:9a:5b:5e:da:b5:43:86:55:90:e4:7f:29:b0:
         e0:e1:99:47:97:0a:e9:ae:43:a7:d4:78:c0:c7:18:a6:21:77:
         d7:12:e4:37:95:b1:d6:ac:e9:2c:25:c6:4f:84:e9:29:71:36:
         a6:23:f9:7d:67:d0:2c:8d:69:1f:59:05:6c:2b:eb:32:7c:20:
         c2:ce:b4:84:35:11:6d:90:f4:b3:b9:a6:80:18:e9:e6:ee:8c:
         65:c3:d2:eb:c3:8c:34:b2:dd:1b:7f:72:b6:20:67:49:59:eb:
         61:1f:6b:42:1a:3d:87:e8:da:5b:fb:77:cc:77:9a:df:9f:01:
         71:42:7b:b7:13:0e:f2:da:e3:4a:b2:1a:fc:51:bf:ab:b1:e8:
         a8:fe:41:2f:56:c3:85:a6:91:0e:db:0a:6b:1e:10:39:ea:d9:
         cd:70:a2:e9:3d:75:5c:0a:e8:4e:39:a2:08:37:0b:eb:53:b4:
         70:19:e7:07:52:3b:24:96:d9:d1:7c:ba:00:05:32:9f:73:ae:
         fa:fc:4d:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9AcINvLlR2iDpiVQW18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUxMTExMDcwMTAyWhcNMjUxMTEyMDcwMTAyWjAzMTEwLwYDVQQD
EygwYjI5NTY2OTFiNzg5NjJiODA5ZTNiZTUwZDJiZGZmYmY1NGQyNzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttWEjKpd4C1NiR8hs0QBqIdhcfdJ
GoUk56JpKkHFMl5Xtv5XW3pgZN549iF1ef0bU4tOL/tUZH+O6gyVdEZnKhIzA1j/
oMcEMCwX+UH+4jcJMR1hE7vRM+drDNuv7cYXfgA4kcJpd6zLMHCXczuwUl7sHVed
Amb+Db5CbjQhhDHS4CLRtApHoBIW4AFwM3lCUywtnKr1rZM16wY7v4bdZEUT6Ax+
mHOEg4emvnmu87oL3UCah/IOYecHjkOrUK6JdIP28ibRQheo2tlQr/+FvNWwiY9S
GPiB2uXWknl1u6bLPnOC4gjZItBHFnSPUXW/qeP/EmAjb0bhJHnzrRbGLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAspVmkbeJYrgJ475Q0r3/v1TSdaMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC16d2T7F
HI+P2O0pSIr/7uLBzXi8U85aiHT4h/KuuTtDKbk+eGn6//a7S4nvkCoMe2zF58wd
H0Ai3BKaW17atUOGVZDkfymw4OGZR5cK6a5Dp9R4wMcYpiF31xLkN5Wx1qzpLCXG
T4TpKXE2piP5fWfQLI1pH1kFbCvrMnwgws60hDURbZD0s7mmgBjp5u6MZcPS68OM
NLLdG39ytiBnSVnrYR9rQho9h+jaW/t3zHea358BcUJ7txMO8trjSrIa/FG/q7Ho
qP5BL1bDhaaRDtsKax4QOerZzXCi6T11XAroTjmiCDcL61O0cBnnB1I7JJbZ0Xy6
AAUyn3Ou+vxNHQ==
-----END CERTIFICATE-----