Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          BIsoX0vFN6kfhNrSdzsj/Me8DfaNCpLYUXIx5BzfdJs=
Subject key identifier:   99:1F:75:45:2C:C5:DB:D2:0D:D3:94:4D:83:8D:F2:18:D2:9B:09:8D
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       019A725C85CE36BF6206C28AB9341B9726DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          02CB
Signing time:             Tue 11 Nov 2025 10:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 10:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 10:00:57 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: N62XgGNXAK7lT5JAccKcmDLiz+wvBVwi8dEvMUC83Y4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:85:ce:36:bf:62:06:c2:8a:b9:34:1b:97:26:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: Nov 11 10:00:57 2025 GMT
            Not After : Nov 12 10:00:57 2025 GMT
        Subject: CN=991f75452cc5dbd20dd3944d838df218d29b098d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:36:4b:1e:26:f2:e4:76:74:f7:f4:09:08:52:
                    73:b4:e5:18:fb:1d:40:21:84:17:6d:21:66:33:7e:
                    ae:1a:3f:67:6d:1e:5d:f0:bb:50:55:f0:61:78:c0:
                    d9:79:b9:c0:41:d9:95:68:b2:c4:8c:5d:5c:c9:ed:
                    72:56:60:80:7d:10:2d:fb:bf:a4:9e:a9:7a:44:99:
                    3e:38:d8:4d:8c:1d:e7:22:23:a7:15:aa:6e:44:ef:
                    d1:a3:8e:c7:a0:99:c7:92:b7:3a:ab:20:e1:54:a8:
                    06:31:e4:09:c4:69:63:67:4b:7b:3e:29:2d:9a:2c:
                    a6:35:d6:00:b7:3e:1c:bd:9a:a9:00:e3:61:63:3d:
                    92:ed:82:d5:dd:9d:32:15:99:79:7d:d6:97:70:a6:
                    07:64:ea:c6:e4:a1:8e:0f:ee:b9:8c:57:05:df:5a:
                    76:81:5b:0e:e8:1d:c7:61:f6:67:eb:6e:1d:b8:69:
                    f4:7d:1b:e7:19:88:a8:2a:0b:7b:14:7e:c7:3e:df:
                    d8:10:9a:61:ca:ca:74:fc:d5:d0:f4:22:df:79:b7:
                    c6:7e:2f:bb:7a:9a:9f:84:b7:ae:88:ef:27:1f:54:
                    5e:de:08:9d:1b:23:4b:79:60:36:22:b7:06:07:b9:
                    07:e4:cc:22:84:a9:6d:78:83:6f:e1:01:90:d7:8e:
                    94:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:1F:75:45:2C:C5:DB:D2:0D:D3:94:4D:83:8D:F2:18:D2:9B:09:8D
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:a4:ed:3c:54:96:d0:71:2a:a4:df:01:94:af:dd:44:da:d6:
         0c:e5:2f:c5:c3:39:cf:0f:50:a9:3f:27:57:5a:d2:a3:2d:41:
         e8:80:9e:5b:8c:b8:01:1a:07:fa:e3:fa:ed:43:c2:21:0a:33:
         eb:fa:e9:5b:9b:e9:21:88:af:60:d8:0a:71:1f:e3:35:5a:7b:
         f7:d7:5a:dc:9b:89:43:6d:6f:8a:86:6b:7e:06:21:07:13:92:
         b1:a2:f3:41:ea:9d:e2:0f:6d:bf:0d:92:d2:da:bd:31:24:e6:
         3a:d8:09:fb:4b:9a:04:dd:54:9c:82:ea:5e:f0:3a:24:4e:5c:
         8d:c0:5b:cf:77:f7:46:91:89:65:7d:0c:2a:8a:88:b0:53:be:
         2e:27:e6:ae:03:61:0e:c1:9e:23:ee:aa:d6:2a:e4:f3:fc:d8:
         9e:1a:fc:0e:76:a6:2e:91:61:13:21:db:a0:d0:31:da:39:3a:
         ee:cb:2d:39:87:0b:6e:3b:36:a1:b6:43:38:a1:ad:dd:3c:41:
         95:15:f5:5d:9f:a2:d4:09:33:e8:74:b7:3b:9e:40:86:cb:17:
         1c:4f:a1:18:f6:52:cd:a5:61:1c:9d:e3:fe:9c:8d:db:33:a7:
         36:52:c1:7f:6b:7f:5d:a3:f5:fa:59:af:e9:f8:dc:22:9c:92:
         7f:5a:d5:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXIXONr9iBsKKuTQblybdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjUxMTExMTAwMDU3WhcNMjUxMTEyMTAwMDU3WjAzMTEwLwYDVQQD
Eyg5OTFmNzU0NTJjYzVkYmQyMGRkMzk0NGQ4MzhkZjIxOGQyOWIwOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjZLHiby5HZ09/QJCFJztOUY+x1A
IYQXbSFmM36uGj9nbR5d8LtQVfBheMDZebnAQdmVaLLEjF1cye1yVmCAfRAt+7+k
nql6RJk+ONhNjB3nIiOnFapuRO/Ro47HoJnHkrc6qyDhVKgGMeQJxGljZ0t7Pikt
miymNdYAtz4cvZqpAONhYz2S7YLV3Z0yFZl5fdaXcKYHZOrG5KGOD+65jFcF31p2
gVsO6B3HYfZn624duGn0fRvnGYioKgt7FH7HPt/YEJphysp0/NXQ9CLfebfGfi+7
epqfhLeuiO8nH1Re3gidGyNLeWA2IrcGB7kH5MwihKlteINv4QGQ146UzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkfdUUsxdvSDdOUTYON8hjSmwmNMB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATaTtPFSW
0HEqpN8BlK/dRNrWDOUvxcM5zw9QqT8nV1rSoy1B6ICeW4y4ARoH+uP67UPCIQoz
6/rpW5vpIYivYNgKcR/jNVp799da3JuJQ21vioZrfgYhBxOSsaLzQeqd4g9tvw2S
0tq9MSTmOtgJ+0uaBN1UnILqXvA6JE5cjcBbz3f3RpGJZX0MKoqIsFO+LifmrgNh
DsGeI+6q1irk8/zYnhr8DnamLpFhEyHboNAx2jk67sstOYcLbjs2obZDOKGt3TxB
lRX1XZ+i1Akz6HS3O55AhssXHE+hGPZSzaVhHJ3j/pyN2zOnNlLBf2t/XaP1+lmv
6fjcIpySf1rVeQ==
-----END CERTIFICATE-----