Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
File:                     Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft (raw, json)
Hash identifier:          rDp2pUVZLckygX/oO1uluoJycAcZKmZ+VW7gK3Vb0Vc=
Subject key identifier:   C1:00:4A:DC:D2:73:DB:CE:4C:71:49:6E:BD:DA:C5:19:38:28:11:6B
Authority key identifier: 2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC
Certificate issuer:       /CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
Certificate serial:       019A71B8E463DF27FB263AEEFC023C5DC55E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
Manifest number:          0FD4
Signing time:             Tue 11 Nov 2025 07:02:13 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:13 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:13 +0000
Files and hashes:         1: Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl (hash: k8b44E9THJ510M6aXT86nUm1rxHWmz+fMAdtMntMhhk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:e4:63:df:27:fb:26:3a:ee:fc:02:3c:5d:c5:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a4f2af8437e7193d57885fb63bdb03c03ba19bc
        Validity
            Not Before: Nov 11 07:02:13 2025 GMT
            Not After : Nov 12 07:02:13 2025 GMT
        Subject: CN=c1004adcd273dbce4c71496ebddac5193828116b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:38:cc:1e:ce:ef:b9:fc:4c:58:21:a0:5d:47:
                    aa:16:49:ec:0c:7a:cb:55:1e:0d:5c:54:01:e6:26:
                    31:08:e8:cc:44:75:37:92:8e:eb:0f:37:9d:c9:64:
                    75:32:4f:d4:4e:f1:67:67:26:80:0c:9d:bd:00:bc:
                    3c:92:0b:f2:f1:d8:96:0a:c9:ee:cc:db:ca:6e:2a:
                    4b:f5:e0:af:9c:c8:e5:0b:0f:87:db:32:35:f8:ab:
                    df:e8:22:96:a7:01:41:67:0b:bc:73:0c:22:f9:46:
                    14:8c:98:d7:66:24:fe:f3:d8:ad:23:9a:62:09:da:
                    15:f9:d6:e3:3a:9a:9b:74:c0:c1:4e:a5:2a:93:dd:
                    2b:b4:7b:e6:30:70:cc:60:bd:c0:ea:15:ba:56:da:
                    77:e6:ed:de:55:57:84:00:e3:16:07:2a:36:8d:e4:
                    16:ed:79:3b:01:a2:f2:0f:17:dc:fe:2f:1d:85:91:
                    db:5c:a0:1f:a2:24:0f:7a:0e:c2:d1:31:c1:d1:a1:
                    56:61:bc:1c:6b:67:be:7c:21:c6:f1:38:fe:7c:e7:
                    e3:1b:ec:22:f6:9c:d2:36:80:2e:78:41:07:38:82:
                    40:40:ae:3c:01:63:4c:fd:90:9a:32:44:e2:f3:26:
                    c7:ad:c1:1c:cb:90:09:aa:0c:ef:2a:d4:b9:da:0a:
                    83:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:00:4A:DC:D2:73:DB:CE:4C:71:49:6E:BD:DA:C5:19:38:28:11:6B
            X509v3 Authority Key Identifier:
                keyid:2A:4F:2A:F8:43:7E:71:93:D5:78:85:FB:63:BD:B0:3C:03:BA:19:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/e718db-2e45-4c0c-973f-dfa538428e8f/1/Kk8q-EN-cZPVeIX7Y72wPAO6Gbw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:6f:2f:4c:48:8a:12:3e:a8:c3:f1:74:24:4a:76:06:79:2d:
         f2:94:81:b2:fd:54:43:2d:f5:b8:eb:c4:27:37:1d:7c:a1:c1:
         77:fd:ac:68:75:8a:fe:f4:e8:ef:82:1c:0f:ae:27:df:1a:5c:
         d1:a8:ba:dd:9c:5c:6e:3d:d1:97:23:79:60:27:b7:cd:7a:3a:
         49:d6:96:94:bf:6b:5d:37:82:17:5e:56:d6:ba:e6:5c:59:f3:
         84:88:fa:fa:0c:3a:57:be:c5:bc:f0:38:15:66:f0:7f:9f:53:
         6d:89:3a:1c:89:2d:f7:fd:f6:b6:17:35:57:63:41:f2:13:f4:
         a0:3c:26:bb:3d:7b:db:e0:3d:43:cf:d6:21:ee:f1:1d:53:b9:
         2f:52:cb:87:bd:34:79:55:56:c1:f4:6f:ca:97:6b:f3:1e:71:
         ba:e0:25:8b:97:9a:88:42:f9:8f:01:cb:26:81:4b:88:4b:9a:
         d0:49:a8:d9:24:ce:68:ff:20:3d:f1:c0:bc:ec:37:46:03:94:
         8d:71:fd:b7:f0:16:84:dc:11:bb:43:95:d9:34:e2:01:b2:39:
         05:27:2b:dd:70:74:10:fa:ba:1d:6b:b3:91:de:dc:9c:bd:ec:
         3d:df:c6:76:01:99:85:c4:2a:77:dd:1a:20:2e:c4:81:d4:ac:
         7a:de:6f:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuORj3yf7Jjru/AI8XcVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNGYyYWY4NDM3ZTcxOTNkNTc4ODVmYjYzYmRiMDNjMDNi
YTE5YmMwHhcNMjUxMTExMDcwMjEzWhcNMjUxMTEyMDcwMjEzWjAzMTEwLwYDVQQD
EyhjMTAwNGFkY2QyNzNkYmNlNGM3MTQ5NmViZGRhYzUxOTM4MjgxMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDjMHs7vufxMWCGgXUeqFknsDHrL
VR4NXFQB5iYxCOjMRHU3ko7rDzedyWR1Mk/UTvFnZyaADJ29ALw8kgvy8diWCsnu
zNvKbipL9eCvnMjlCw+H2zI1+Kvf6CKWpwFBZwu8cwwi+UYUjJjXZiT+89itI5pi
CdoV+dbjOpqbdMDBTqUqk90rtHvmMHDMYL3A6hW6Vtp35u3eVVeEAOMWByo2jeQW
7Xk7AaLyDxfc/i8dhZHbXKAfoiQPeg7C0THB0aFWYbwca2e+fCHG8Tj+fOfjG+wi
9pzSNoAueEEHOIJAQK48AWNM/ZCaMkTi8ybHrcEcy5AJqgzvKtS52gqDZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMEAStzSc9vOTHFJbr3axRk4KBFrMB8GA1UdIwQY
MBaAFCpPKvhDfnGT1XiF+2O9sDwDuhm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2Yt
ZGZhNTM4NDI4ZThmLzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lNzE4ZGItMmU0NS00YzBjLTk3M2YtZGZhNTM4NDI4ZThm
LzEvS2s4cS1FTi1jWlBWZUlYN1k3MndQQU82R2J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS28vTEiK
Ej6ow/F0JEp2Bnkt8pSBsv1UQy31uOvEJzcdfKHBd/2saHWK/vTo74IcD64n3xpc
0ai63Zxcbj3RlyN5YCe3zXo6SdaWlL9rXTeCF15W1rrmXFnzhIj6+gw6V77FvPA4
FWbwf59TbYk6HIkt9/32thc1V2NB8hP0oDwmuz172+A9Q8/WIe7xHVO5L1LLh700
eVVWwfRvypdr8x5xuuAli5eaiEL5jwHLJoFLiEua0Emo2STOaP8gPfHAvOw3RgOU
jXH9t/AWhNwRu0OV2TTiAbI5BScr3XB0EPq6HWuzkd7cnL3sPd/GdgGZhcQqd90a
IC7EgdSset5vNA==
-----END CERTIFICATE-----