Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
File:                     Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft (raw, json)
Hash identifier:          EZABvERERNM/CN9JgrFBawh3XX5jmh6CCe/3KophuEY=
Subject key identifier:   12:81:EB:71:03:54:96:8D:63:A4:95:8E:A4:55:DF:AB:F6:A5:08:35
Authority key identifier: 2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC
Certificate issuer:       /CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
Certificate serial:       019923A05A0DA6642DFF049D059048E26DDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
Manifest number:          0F27
Signing time:             Sun 07 Sep 2025 10:02:15 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:15 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:15 +0000
Files and hashes:         1: Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl (hash: GNvWeL8oP660g2khuJV9EODCkALIWcLlJU5/GuH/+1U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:5a:0d:a6:64:2d:ff:04:9d:05:90:48:e2:6d:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
        Validity
            Not Before: Sep  7 10:02:15 2025 GMT
            Not After : Sep  8 10:02:15 2025 GMT
        Subject: CN=1281eb710354968d63a4958ea455dfabf6a50835
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f7:53:18:db:01:08:2d:8a:da:c6:fe:0f:5e:
                    94:56:8a:24:ed:45:8b:84:44:8f:6c:f7:cd:1c:ab:
                    40:63:61:64:16:9a:9b:be:34:26:93:9a:3b:83:e5:
                    bf:58:97:d2:6d:ae:e4:58:14:8e:00:8d:7e:33:7f:
                    b9:f4:f9:65:1d:fc:a6:26:73:e4:15:18:65:30:2d:
                    fe:68:28:5f:70:9c:3e:3e:23:df:86:e1:fa:50:8b:
                    6d:11:ed:20:2c:52:e6:22:a5:57:97:3b:0b:89:80:
                    66:ba:1d:a0:51:3f:33:31:39:fe:61:35:76:41:f0:
                    99:7c:54:e4:85:6b:e2:9a:26:6d:36:e5:b2:be:f6:
                    31:7c:b9:f2:fa:df:7a:34:b3:73:a3:fc:65:a4:d1:
                    7b:51:17:69:cd:cb:7b:59:ce:14:dd:96:b5:0c:3d:
                    ff:0a:8a:76:8c:3e:1d:63:e4:ad:bd:2d:35:1e:5d:
                    c3:dd:26:e8:3b:21:23:62:b5:d0:54:12:62:4e:60:
                    63:97:cb:00:bc:b4:df:a6:bd:9c:21:49:74:4d:96:
                    9f:78:2a:24:76:c0:fd:b0:51:a2:b2:ad:97:2c:8b:
                    d1:80:49:96:7c:d6:40:03:ae:ad:78:ec:d4:ca:b3:
                    5f:54:30:2f:39:7b:8f:8b:e2:8e:2a:c1:40:ee:4b:
                    56:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:81:EB:71:03:54:96:8D:63:A4:95:8E:A4:55:DF:AB:F6:A5:08:35
            X509v3 Authority Key Identifier:
                keyid:2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:98:20:38:78:cc:d6:46:83:3c:59:c9:17:49:b7:30:a5:09:
         fb:15:99:8a:d2:d1:2f:7e:15:49:48:3f:5d:80:bc:b7:e4:9c:
         86:81:3d:92:7f:32:08:1b:11:ca:fd:fb:70:80:0e:be:7a:cd:
         91:cd:25:23:44:88:9e:e9:d6:23:1c:65:3b:d3:f5:5a:73:18:
         ba:5b:62:c6:de:05:26:4e:0f:09:da:b3:fb:dd:9e:31:6a:71:
         ea:61:48:e6:47:e3:82:eb:e1:44:bb:2a:8e:7b:29:a3:f4:6d:
         e7:46:5c:69:72:1a:74:b7:bd:ad:5e:a7:7f:e9:62:17:c9:ae:
         c2:8f:c8:ad:10:1f:23:1a:dc:dc:e9:59:b3:7e:5d:1e:c2:af:
         65:31:55:9a:a9:44:c0:10:2f:1b:99:c5:01:3c:e4:78:d3:1a:
         89:a0:c7:69:1e:fc:9d:0d:1a:93:9a:0f:fc:ae:28:f7:81:ea:
         2a:2f:3c:7e:92:ce:73:7c:01:1d:a7:76:d8:a0:20:c2:61:1b:
         37:0c:00:96:78:d1:e8:cd:34:bc:fb:11:17:80:70:9b:70:53:
         a6:c4:ca:64:dc:71:2f:84:8f:91:a1:fb:96:46:8c:a3:a7:5d:
         02:4a:f8:ef:ec:06:6c:0e:19:b5:11:3e:ea:85:72:cb:4c:11:
         42:26:3a:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoFoNpmQt/wSdBZBI4m3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGYyYWY4NDM3ZTcxOTNkNTc4ODVmYjYzYmRiMDNjMDNi
YTE5YmMwHhcNMjUwOTA3MTAwMjE1WhcNMjUwOTA4MTAwMjE1WjAzMTEwLwYDVQQD
EygxMjgxZWI3MTAzNTQ5NjhkNjNhNDk1OGVhNDU1ZGZhYmY2YTUwODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/dTGNsBCC2K2sb+D16UVook7UWL
hESPbPfNHKtAY2FkFpqbvjQmk5o7g+W/WJfSba7kWBSOAI1+M3+59PllHfymJnPk
FRhlMC3+aChfcJw+PiPfhuH6UIttEe0gLFLmIqVXlzsLiYBmuh2gUT8zMTn+YTV2
QfCZfFTkhWvimiZtNuWyvvYxfLny+t96NLNzo/xlpNF7URdpzct7Wc4U3Za1DD3/
Cop2jD4dY+StvS01Hl3D3SboOyEjYrXQVBJiTmBjl8sAvLTfpr2cIUl0TZafeCok
dsD9sFGisq2XLIvRgEmWfNZAA66teOzUyrNfVDAvOXuPi+KOKsFA7ktWEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKB63EDVJaNY6SVjqRV36v2pQg1MB8GA1UdIwQY
MBaAFCpPKvhDfnGT1XiF+2O9sDwDuhm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2Yt
ZGZhNTM4NDI4ZThmLzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2YtZGZhNTM4NDI4ZThm
LzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA5ggOHjM
1kaDPFnJF0m3MKUJ+xWZitLRL34VSUg/XYC8t+SchoE9kn8yCBsRyv37cIAOvnrN
kc0lI0SInunWIxxlO9P1WnMYultixt4FJk4PCdqz+92eMWpx6mFI5kfjguvhRLsq
jnspo/Rt50ZcaXIadLe9rV6nf+liF8muwo/IrRAfIxrc3OlZs35dHsKvZTFVmqlE
wBAvG5nFATzkeNMaiaDHaR78nQ0ak5oP/K4o94HqKi88fpLOc3wBHad22KAgwmEb
NwwAlnjR6M00vPsRF4Bwm3BTpsTKZNxxL4SPkaH7lkaMo6ddAkr47+wGbA4ZtRE+
6oVyy0wRQiY6Mw==
-----END CERTIFICATE-----