Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          8alJkV7MeWPJRQ08OJc/1pQlJd961TFaeUYlXv9Vyio=
Subject key identifier:   FC:DE:54:43:16:4B:A2:AC:B9:A8:4A:FA:7E:9F:84:38:4D:48:0B:83
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       019923A0C928AB7653C0EDBBB882C56CC902
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          1670
Signing time:             Sun 07 Sep 2025 10:02:43 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:43 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:43 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: wUXJq2PVfd8XOQPAVsbcTxZuFBqN72s59xUmL+AexZ4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:c9:28:ab:76:53:c0:ed:bb:b8:82:c5:6c:c9:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Sep  7 10:02:43 2025 GMT
            Not After : Sep  8 10:02:43 2025 GMT
        Subject: CN=fcde5443164ba2acb9a84afa7e9f84384d480b83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d7:07:69:99:49:19:12:78:9d:b4:64:02:82:
                    39:a7:e0:59:57:e0:d2:88:6b:66:f1:3a:3f:31:41:
                    6a:ec:c5:5b:01:81:72:69:2a:4a:ae:07:b0:3c:86:
                    c7:d9:a9:65:46:21:1c:eb:c3:57:d0:cd:c5:17:c5:
                    b2:13:18:69:12:9c:b3:c1:5d:a8:b9:85:df:d7:fc:
                    2c:95:3e:70:27:28:e6:00:ff:3c:fd:fa:7c:84:57:
                    56:2c:b9:19:e0:a9:c7:71:8d:dc:f8:5f:c3:d8:5e:
                    7a:1c:67:de:86:ae:2a:1f:da:1f:40:70:6b:d7:a6:
                    a1:31:94:72:57:74:16:5d:c6:b3:b5:c5:fe:67:0c:
                    91:38:65:98:7a:a7:5c:74:78:3e:af:d9:8b:7a:3a:
                    66:9b:1a:32:b8:e3:e2:d5:b6:58:d4:c1:87:f2:78:
                    87:4b:97:9e:6b:90:0d:8e:38:8e:8a:13:00:11:c2:
                    1c:db:ad:cf:d6:c9:4d:9c:a7:70:e1:c3:69:23:30:
                    a8:bb:e3:4a:25:da:d3:9b:ee:ba:63:1b:d2:b3:de:
                    da:0c:e3:4f:22:24:72:b3:15:06:eb:b7:d9:a6:af:
                    d0:24:36:6f:07:96:0e:66:64:93:ff:f0:b0:a4:68:
                    38:a2:77:92:c2:91:91:80:3c:23:68:dc:09:b9:a8:
                    63:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:DE:54:43:16:4B:A2:AC:B9:A8:4A:FA:7E:9F:84:38:4D:48:0B:83
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:d2:75:43:eb:f1:8f:bf:a6:4b:4d:05:e8:79:91:51:2e:f9:
         03:e4:72:2a:a0:6a:08:17:93:22:24:36:0e:18:d5:c3:f8:54:
         1d:27:7c:5b:72:19:76:cd:e2:0d:36:fc:4d:1d:00:bf:f8:0c:
         9a:dc:3e:21:4e:00:42:9d:0c:ac:d0:af:8c:c3:f3:bd:fb:20:
         42:d8:2a:ef:29:73:06:69:0f:6a:1c:b0:9b:d3:55:37:88:19:
         24:95:4c:29:8e:2f:eb:7d:5d:0d:85:c4:07:f9:7f:eb:e8:29:
         02:b1:13:74:ef:33:59:d5:5f:de:63:27:21:40:f9:e8:34:82:
         dc:88:6d:68:ff:05:de:51:44:bd:88:c0:59:a6:70:df:88:9f:
         3f:6a:22:1e:e7:24:61:2f:af:09:b4:24:79:46:7a:a0:35:05:
         ae:6f:9d:8f:3d:30:7b:a8:f5:32:51:54:ec:25:21:7b:13:06:
         61:4b:96:bd:e4:05:01:be:9f:59:fe:15:f6:17:12:e4:cc:90:
         ea:37:ec:2a:83:f2:37:0e:86:44:1d:09:91:5e:b8:cd:1f:f7:
         55:d3:53:54:ec:24:07:00:94:f9:25:02:a2:20:fe:f7:a5:6a:
         c7:32:d7:df:30:40:ac:87:14:91:f6:83:46:93:c3:fe:1a:fd:
         25:69:19:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoMkoq3ZTwO27uILFbMkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjUwOTA3MTAwMjQzWhcNMjUwOTA4MTAwMjQzWjAzMTEwLwYDVQQD
EyhmY2RlNTQ0MzE2NGJhMmFjYjlhODRhZmE3ZTlmODQzODRkNDgwYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztcHaZlJGRJ4nbRkAoI5p+BZV+DS
iGtm8To/MUFq7MVbAYFyaSpKrgewPIbH2allRiEc68NX0M3FF8WyExhpEpyzwV2o
uYXf1/wslT5wJyjmAP88/fp8hFdWLLkZ4KnHcY3c+F/D2F56HGfehq4qH9ofQHBr
16ahMZRyV3QWXcaztcX+ZwyROGWYeqdcdHg+r9mLejpmmxoyuOPi1bZY1MGH8niH
S5eea5ANjjiOihMAEcIc263P1slNnKdw4cNpIzCou+NKJdrTm+66YxvSs97aDONP
IiRysxUG67fZpq/QJDZvB5YOZmST//CwpGg4oneSwpGRgDwjaNwJuahjFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzeVEMWS6KsuahK+n6fhDhNSAuDMB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsNJ1Q+vx
j7+mS00F6HmRUS75A+RyKqBqCBeTIiQ2DhjVw/hUHSd8W3IZds3iDTb8TR0Av/gM
mtw+IU4AQp0MrNCvjMPzvfsgQtgq7ylzBmkPahywm9NVN4gZJJVMKY4v631dDYXE
B/l/6+gpArETdO8zWdVf3mMnIUD56DSC3IhtaP8F3lFEvYjAWaZw34ifP2oiHuck
YS+vCbQkeUZ6oDUFrm+djz0we6j1MlFU7CUhexMGYUuWveQFAb6fWf4V9hcS5MyQ
6jfsKoPyNw6GRB0JkV64zR/3VdNTVOwkBwCU+SUCoiD+96VqxzLX3zBArIcUkfaD
RpPD/hr9JWkZIA==
-----END CERTIFICATE-----