Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
File:                     KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json)
Hash identifier:          m6B1sETWGOp+ASidD7P5mHyhNeKWYquxUTiCdpTj8oE=
Subject key identifier:   A6:93:9D:AB:EC:F2:DF:5C:5B:AA:01:21:AB:DC:3A:4A:5B:02:F9:25
Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF
Certificate issuer:       /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
Certificate serial:       019A722620A4FD0008F07E3FD798A8936953
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 09:01:32 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:32 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:32 +0000
Files and hashes:         1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: 2SVNlvkcEIw1XisLKnKLb3Qpwc38s7CRATJMc80ESko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:20:a4:fd:00:08:f0:7e:3f:d7:98:a8:93:69:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf
        Validity
            Not Before: Nov 11 09:01:32 2025 GMT
            Not After : Nov 12 09:01:32 2025 GMT
        Subject: CN=a6939dabecf2df5c5baa0121abdc3a4a5b02f925
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:bc:e2:4e:46:56:a7:d7:1c:eb:d7:d6:b9:a5:
                    ea:8f:e2:78:e7:a3:e2:56:03:c4:9d:69:0d:c6:a7:
                    e9:d4:99:78:02:6a:85:ea:d8:7b:18:fd:8b:d5:b4:
                    01:f8:27:59:24:f2:f3:b7:c4:79:ea:4d:ba:f0:80:
                    f0:70:c1:b9:2b:1d:49:37:8a:64:7c:0b:6b:00:86:
                    c9:f5:1c:75:10:1a:16:a3:55:07:b5:ec:e4:77:26:
                    2b:57:31:52:ae:10:56:7a:41:21:e8:da:d9:9b:70:
                    e9:84:68:e9:39:f3:08:3e:d6:52:61:a0:41:6c:42:
                    86:45:bf:27:a2:7e:c1:54:f6:62:7d:0a:5c:3f:9d:
                    36:7b:0f:05:c9:d3:39:73:0e:b5:56:e9:47:e0:c3:
                    bd:91:8b:97:e6:d6:a1:77:4b:a4:a4:f7:ec:f6:9c:
                    52:50:48:c5:d6:2e:f6:de:9b:15:8f:52:31:8c:c6:
                    46:8a:f7:f3:2d:ae:26:6b:36:b6:c7:4e:e4:72:50:
                    b7:99:95:3f:19:59:20:b6:df:a7:17:93:97:88:eb:
                    57:55:a1:59:0c:29:77:4a:5c:98:ed:6b:fb:70:c5:
                    8d:e4:f5:11:28:5b:01:c4:c9:90:f7:2b:91:8a:88:
                    f7:81:bf:89:cc:be:26:a1:ef:33:a5:71:f9:33:e2:
                    62:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:93:9D:AB:EC:F2:DF:5C:5B:AA:01:21:AB:DC:3A:4A:5B:02:F9:25
            X509v3 Authority Key Identifier:
                keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         e1:f1:44:a1:94:cf:e1:51:0d:0d:f9:2f:e1:ec:4e:1f:0f:41:
         95:c4:35:72:86:ae:00:f1:63:55:a0:27:08:b9:31:05:81:d2:
         6c:ad:59:e1:db:8c:df:3a:68:18:ec:1b:e5:19:eb:f1:db:7a:
         15:37:74:bd:bd:ce:0b:29:3f:c2:ec:b2:5d:7e:ed:10:30:65:
         37:61:36:6d:a7:58:6f:a9:fd:ef:3d:90:f0:f1:d0:20:2b:12:
         1d:64:20:8d:80:e0:d1:76:80:e8:1c:2f:a3:60:8e:c7:47:e4:
         3f:ba:f7:cb:c2:95:ec:2a:27:f8:49:c3:09:6f:03:85:c0:7c:
         97:a3:9f:b3:66:d6:83:d5:be:81:ea:d0:9b:a7:83:e8:76:f0:
         b6:77:32:7d:86:2a:e4:f8:87:49:77:fc:84:ad:78:6c:b3:32:
         64:0f:ca:24:84:dc:0c:5f:66:fe:ee:70:c6:3c:47:c4:b0:d0:
         78:e1:0d:4f:28:45:77:c6:e4:f2:6d:35:35:0c:5c:cf:a1:7d:
         e1:08:aa:c6:87:c9:ff:69:19:2c:ec:14:b4:13:76:bd:c2:f0:
         b4:f1:f4:53:43:d3:99:9c:65:2c:32:be:78:53:bc:a7:71:eb:
         08:f1:7b:9f:c2:44:4c:ca:02:36:ce:85:8e:a2:ca:b4:95:53:
         3e:99:f5:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiCk/QAI8H4/15iok2lTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl
N2RkZGYwHhcNMjUxMTExMDkwMTMyWhcNMjUxMTEyMDkwMTMyWjAzMTEwLwYDVQQD
EyhhNjkzOWRhYmVjZjJkZjVjNWJhYTAxMjFhYmRjM2E0YTViMDJmOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLziTkZWp9cc69fWuaXqj+J456Pi
VgPEnWkNxqfp1Jl4AmqF6th7GP2L1bQB+CdZJPLzt8R56k268IDwcMG5Kx1JN4pk
fAtrAIbJ9Rx1EBoWo1UHtezkdyYrVzFSrhBWekEh6NrZm3DphGjpOfMIPtZSYaBB
bEKGRb8non7BVPZifQpcP502ew8FydM5cw61VulH4MO9kYuX5tahd0ukpPfs9pxS
UEjF1i723psVj1IxjMZGivfzLa4maza2x07kclC3mZU/GVkgtt+nF5OXiOtXVaFZ
DCl3SlyY7Wv7cMWN5PURKFsBxMmQ9yuRioj3gb+JzL4moe8zpXH5M+JiYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKaTnavs8t9cW6oBIavcOkpbAvklMB8GA1UdIwQY
MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt
MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0
LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4fFEoZTP
4VENDfkv4exOHw9BlcQ1coauAPFjVaAnCLkxBYHSbK1Z4duM3zpoGOwb5Rnr8dt6
FTd0vb3OCyk/wuyyXX7tEDBlN2E2badYb6n97z2Q8PHQICsSHWQgjYDg0XaA6Bwv
o2COx0fkP7r3y8KV7Con+EnDCW8DhcB8l6Ofs2bWg9W+gerQm6eD6HbwtncyfYYq
5PiHSXf8hK14bLMyZA/KJITcDF9m/u5wxjxHxLDQeOENTyhFd8bk8m01NQxcz6F9
4QiqxofJ/2kZLOwUtBN2vcLwtPH0U0PTmZxlLDK+eFO8p3HrCPF7n8JETMoCNs6F
jqLKtJVTPpn1uw==
-----END CERTIFICATE-----