Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          QyPc7amualsrDaWVYT36EkFg6DIp8Uw2ZrLMT01gTtk=
Subject key identifier:   38:C7:B0:FA:30:39:C4:60:66:11:9C:68:78:0A:EB:7F:DD:92:A9:B7
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       019A1D99E90A75A3F66A14A6AF322AD28F76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0C79
Signing time:             Sat 25 Oct 2025 23:00:17 +0000
Manifest this update:     Sat 25 Oct 2025 23:00:17 +0000
Manifest next update:     Sun 26 Oct 2025 23:00:17 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: GM6/WSxsTTAjwTo21y32a5PjI/0OkLxanQiFKHOH9qg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 26 Oct 2025 19:59:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:1d:99:e9:0a:75:a3:f6:6a:14:a6:af:32:2a:d2:8f:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Oct 25 23:00:17 2025 GMT
            Not After : Oct 26 23:00:17 2025 GMT
        Subject: CN=38c7b0fa3039c46066119c68780aeb7fdd92a9b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:88:4d:2b:8f:83:b8:7b:64:a2:3a:33:00:f2:
                    a8:24:e3:f0:36:f2:92:81:51:aa:d2:36:8b:4b:6e:
                    b0:6c:a5:cb:61:ce:38:e2:e4:fb:a5:31:c3:08:fa:
                    95:dd:a9:03:cb:39:c7:e9:63:48:3f:a2:7a:0c:17:
                    70:5b:75:c5:be:e5:19:91:57:d1:4a:a2:49:75:c2:
                    8e:7f:f7:0b:e3:9c:06:b9:a5:4c:3d:70:47:63:15:
                    4d:9b:22:91:b5:55:d7:5d:0e:b9:51:70:d1:cb:35:
                    77:36:7a:10:71:23:b0:70:57:92:eb:03:69:b3:8e:
                    4b:7f:d4:75:1d:3f:81:e1:a1:f0:7f:b5:c4:90:ff:
                    a8:43:90:8f:bb:06:04:f7:87:86:42:d0:75:36:a3:
                    41:b7:8f:b9:9b:5a:cd:d6:77:74:79:9b:54:da:63:
                    00:06:21:d7:b7:f2:9b:36:82:48:4a:34:50:e4:68:
                    af:2d:41:a9:e1:a5:0a:2f:4a:00:f6:76:84:c0:6b:
                    ee:35:81:63:a7:18:37:3b:e8:9f:1a:0f:51:f0:57:
                    fc:f6:a9:22:c6:4a:dd:75:20:3a:92:6e:80:e0:cb:
                    ab:76:88:e7:e8:9a:1a:d0:d3:ce:5c:e5:2b:34:ce:
                    ef:29:3f:88:bd:e7:63:41:38:75:20:51:18:d0:c3:
                    5f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:C7:B0:FA:30:39:C4:60:66:11:9C:68:78:0A:EB:7F:DD:92:A9:B7
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:ea:2b:c7:0f:34:d1:07:9d:1c:b6:0a:aa:5c:ee:39:ee:a8:
         4f:89:9d:fe:b1:e1:99:37:e9:b7:de:5b:40:79:c8:b0:f3:7b:
         96:85:05:e0:16:08:2c:ac:69:31:79:c4:15:00:d5:a2:a0:8f:
         aa:1a:93:1a:ca:0a:25:ae:70:59:18:9d:3c:7e:72:f1:80:6c:
         4b:99:87:e9:0d:16:6a:8b:01:3e:8d:d9:1a:9a:af:9f:26:c6:
         f0:aa:15:33:2a:56:06:84:e0:73:73:42:50:8e:32:24:02:26:
         db:ae:14:02:87:f3:ac:b0:95:de:5f:5c:ab:da:b5:1b:e6:63:
         b5:85:ed:8c:6f:4a:f1:45:bc:89:ce:bc:9e:eb:e2:95:cb:01:
         b6:76:7e:6e:cd:af:a3:da:06:7a:f4:b1:31:9b:67:3c:4d:5f:
         0e:0b:2e:80:50:21:27:98:2a:8d:8a:a3:13:0a:60:e0:09:6d:
         0d:d2:ed:e4:01:59:56:a2:54:77:55:ef:62:7a:a5:e8:0e:13:
         8f:db:7c:fc:e3:18:5b:b7:c7:89:bd:a2:57:82:b7:65:2b:2e:
         83:b6:f4:31:64:08:14:d4:d7:15:53:b7:8b:53:87:c4:b5:e2:
         6f:e6:dc:5e:cb:14:23:7a:fa:ec:3f:39:21:94:6b:d2:72:36:
         46:3b:87:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZodmekKdaP2ahSmrzIq0o92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUxMDI1MjMwMDE3WhcNMjUxMDI2MjMwMDE3WjAzMTEwLwYDVQQD
EygzOGM3YjBmYTMwMzljNDYwNjYxMTljNjg3ODBhZWI3ZmRkOTJhOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IhNK4+DuHtkojozAPKoJOPwNvKS
gVGq0jaLS26wbKXLYc444uT7pTHDCPqV3akDyznH6WNIP6J6DBdwW3XFvuUZkVfR
SqJJdcKOf/cL45wGuaVMPXBHYxVNmyKRtVXXXQ65UXDRyzV3NnoQcSOwcFeS6wNp
s45Lf9R1HT+B4aHwf7XEkP+oQ5CPuwYE94eGQtB1NqNBt4+5m1rN1nd0eZtU2mMA
BiHXt/KbNoJISjRQ5GivLUGp4aUKL0oA9naEwGvuNYFjpxg3O+ifGg9R8Ff89qki
xkrddSA6km6A4Murdojn6Joa0NPOXOUrNM7vKT+IvedjQTh1IFEY0MNfVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDjHsPowOcRgZhGcaHgK63/dkqm3MB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACeorxw80
0QedHLYKqlzuOe6oT4md/rHhmTfpt95bQHnIsPN7loUF4BYILKxpMXnEFQDVoqCP
qhqTGsoKJa5wWRidPH5y8YBsS5mH6Q0WaosBPo3ZGpqvnybG8KoVMypWBoTgc3NC
UI4yJAIm264UAofzrLCV3l9cq9q1G+ZjtYXtjG9K8UW8ic68nuvilcsBtnZ+bs2v
o9oGevSxMZtnPE1fDgsugFAhJ5gqjYqjEwpg4AltDdLt5AFZVqJUd1XvYnql6A4T
j9t8/OMYW7fHib2iV4K3ZSsug7b0MWQIFNTXFVO3i1OHxLXib+bcXssUI3r67D85
IZRr0nI2RjuHmQ==
-----END CERTIFICATE-----