Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
File:                     kdTzrA50tq60hL0U9ocdmjBCK30.mft (raw, json)
Hash identifier:          d6WjJ/X3UTivKauO5WaJVA4Esw1aBLAnUYqQl9qxYao=
Subject key identifier:   BB:81:E8:D2:22:7A:7C:08:16:FE:0C:6E:F3:2D:64:AA:77:20:E3:85
Authority key identifier: 91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D
Certificate issuer:       /CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
Certificate serial:       019923A0A6484421818D01799646A5CF364F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
Manifest number:          E9
Signing time:             Sun 07 Sep 2025 10:02:34 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:34 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:34 +0000
Files and hashes:         1: kdTzrA50tq60hL0U9ocdmjBCK30.crl (hash: 0+9QSA0EuBUAVvbo7CryVyqfAnSl+wZ9k1VEmc+QL6U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:a6:48:44:21:81:8d:01:79:96:46:a5:cf:36:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
        Validity
            Not Before: Sep  7 10:02:34 2025 GMT
            Not After : Sep  8 10:02:34 2025 GMT
        Subject: CN=bb81e8d2227a7c0816fe0c6ef32d64aa7720e385
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:88:87:18:d7:1f:f1:77:36:32:77:3f:6b:1b:
                    23:b7:1b:32:64:aa:18:d8:ee:83:1e:ee:0a:70:8f:
                    8d:35:39:95:b6:21:00:9a:f8:82:77:f5:c4:71:79:
                    34:29:f3:e2:6b:24:d0:ad:e5:4b:1b:7c:c7:03:9a:
                    90:26:9a:e6:a3:71:80:59:fb:61:5a:bc:e3:0e:64:
                    7c:27:e8:de:22:4b:c0:63:7d:f8:91:0b:ef:87:f5:
                    5e:b6:4e:73:65:74:dc:46:aa:c2:86:b8:40:38:c2:
                    d1:a7:3a:2c:80:68:d4:79:29:12:0c:af:1a:a5:9a:
                    24:07:e9:7d:e8:cb:8a:90:f4:ea:42:d6:f6:ea:3b:
                    26:73:80:91:a9:88:c8:86:11:0d:91:c3:37:ab:57:
                    74:7e:17:84:4a:07:d3:f6:94:1b:54:bd:3f:d9:33:
                    f8:ff:93:9e:d1:b3:e4:a6:ce:fb:30:d7:db:9d:6b:
                    74:ff:d4:b2:12:15:73:00:29:42:f1:72:9b:de:0e:
                    23:47:e3:a2:0c:5d:24:10:ff:d7:ac:9e:3c:13:8b:
                    d8:99:c3:04:1c:fe:a0:dd:d1:21:53:7d:31:25:1b:
                    97:a7:3c:e0:35:58:8a:c9:e9:f4:e8:e2:9a:e8:5b:
                    36:dc:e1:f7:85:16:43:4a:86:fe:05:a9:bc:f7:04:
                    88:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:81:E8:D2:22:7A:7C:08:16:FE:0C:6E:F3:2D:64:AA:77:20:E3:85
            X509v3 Authority Key Identifier:
                keyid:91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:3b:2d:11:63:47:cc:28:1b:43:98:20:9c:fa:d0:aa:43:3e:
         17:d1:c1:25:7d:80:14:94:37:29:0f:62:4b:da:39:7e:c3:22:
         97:33:55:e3:2f:e6:44:a4:47:1a:ff:c4:ad:30:30:23:7f:73:
         70:a5:58:c0:d5:df:73:9c:dd:3f:8e:94:d5:ca:6a:0b:4a:11:
         6a:97:65:86:d1:78:94:db:58:b0:46:fa:fc:38:d9:9d:23:ba:
         8a:d8:fa:64:02:cd:19:21:da:f0:6f:cb:29:e7:88:e9:bb:7f:
         6c:0e:0f:0e:fa:87:10:ae:48:26:50:0d:8b:b8:a7:e0:ec:d7:
         dc:60:19:df:ef:3d:9a:60:79:5b:b6:f8:d6:61:7d:0f:4e:2d:
         f1:b3:d5:13:81:19:4b:47:2a:f0:12:6a:4e:14:cc:7d:5c:d9:
         1e:47:bf:05:ed:fc:12:6e:6d:5d:98:12:37:14:8b:12:59:83:
         06:d7:a1:41:32:7a:85:84:25:ca:c9:59:4a:50:d2:12:5f:dc:
         a2:dc:7f:74:68:44:ce:e2:c1:9a:0a:4f:cb:bb:86:80:8a:fa:
         c3:b7:d8:9b:7b:ea:e1:5d:97:04:80:29:18:08:8f:5c:e0:9f:
         b5:97:ef:85:5f:da:3c:cb:f6:b4:ae:c1:2d:98:1a:79:7a:85:
         7c:18:e4:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoKZIRCGBjQF5lkalzzZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDRmM2FjMGU3NGI2YWViNDg0YmQxNGY2ODcxZDlhMzA0
MjJiN2QwHhcNMjUwOTA3MTAwMjM0WhcNMjUwOTA4MTAwMjM0WjAzMTEwLwYDVQQD
EyhiYjgxZThkMjIyN2E3YzA4MTZmZTBjNmVmMzJkNjRhYTc3MjBlMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9IiHGNcf8Xc2Mnc/axsjtxsyZKoY
2O6DHu4KcI+NNTmVtiEAmviCd/XEcXk0KfPiayTQreVLG3zHA5qQJprmo3GAWfth
WrzjDmR8J+jeIkvAY334kQvvh/Vetk5zZXTcRqrChrhAOMLRpzosgGjUeSkSDK8a
pZokB+l96MuKkPTqQtb26jsmc4CRqYjIhhENkcM3q1d0fheESgfT9pQbVL0/2TP4
/5Oe0bPkps77MNfbnWt0/9SyEhVzAClC8XKb3g4jR+OiDF0kEP/XrJ48E4vYmcME
HP6g3dEhU30xJRuXpzzgNViKyen06OKa6Fs23OH3hRZDSob+Bam89wSIEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLuB6NIienwIFv4MbvMtZKp3IOOFMB8GA1UdIwQY
MBaAFJHU86wOdLautIS9FPaHHZowQit9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEt
YWExMDQ3MzJmNTczLzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEtYWExMDQ3MzJmNTcz
LzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASjstEWNH
zCgbQ5ggnPrQqkM+F9HBJX2AFJQ3KQ9iS9o5fsMilzNV4y/mRKRHGv/ErTAwI39z
cKVYwNXfc5zdP46U1cpqC0oRapdlhtF4lNtYsEb6/DjZnSO6itj6ZALNGSHa8G/L
KeeI6bt/bA4PDvqHEK5IJlANi7in4OzX3GAZ3+89mmB5W7b41mF9D04t8bPVE4EZ
S0cq8BJqThTMfVzZHke/Be38Em5tXZgSNxSLElmDBtehQTJ6hYQlyslZSlDSEl/c
otx/dGhEzuLBmgpPy7uGgIr6w7fYm3vq4V2XBIApGAiPXOCftZfvhV/aPMv2tK7B
LZgaeXqFfBjk7A==
-----END CERTIFICATE-----