Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
File:                     kWV5napb3fL1Nt2BtybPrtDmCFs.mft (raw, json)
Hash identifier:          5AmS+vZRbASmUL4DBkrjWlC2dzwHjy6TgvDYt/ngwjc=
Subject key identifier:   64:E1:81:E7:ED:86:88:45:42:74:AD:5B:F0:1E:6B:7B:3A:DB:45:51
Authority key identifier: 91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B
Certificate issuer:       /CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
Certificate serial:       019A71B9772D9F51160DCA314325C03FE581
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
Manifest number:          0198
Signing time:             Tue 11 Nov 2025 07:02:51 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:51 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:51 +0000
Files and hashes:         1: kWV5napb3fL1Nt2BtybPrtDmCFs.crl (hash: XWXnc0Ak0MgIu7c5zRjYP+F7greBS3/0m3M8XKoyQtg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:77:2d:9f:51:16:0d:ca:31:43:25:c0:3f:e5:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9165799daa5bddf2f536dd81b726cfaed0e6085b
        Validity
            Not Before: Nov 11 07:02:51 2025 GMT
            Not After : Nov 12 07:02:51 2025 GMT
        Subject: CN=64e181e7ed8688454274ad5bf01e6b7b3adb4551
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:99:00:02:33:bb:e7:16:c4:c3:b1:b5:ce:13:
                    ab:ec:7d:db:57:ee:b3:8f:c9:37:64:67:4e:ae:8f:
                    c7:0b:f5:99:e0:a7:02:53:6a:e1:77:ea:5b:a3:b3:
                    fa:bd:26:d8:5a:23:57:4d:4f:f9:c5:26:84:2b:c7:
                    c4:cb:6a:fb:72:60:6d:8c:c3:92:ed:08:d6:84:b4:
                    21:c3:6d:42:5a:c1:4f:58:09:c9:26:39:ba:fa:c5:
                    42:88:71:24:bf:3f:61:d1:1b:6d:4c:7b:f1:01:7f:
                    99:dc:25:53:ec:c9:2e:c8:03:2f:7a:68:ea:96:a8:
                    bf:64:93:16:19:bb:21:75:41:d7:fb:17:17:48:f5:
                    6c:74:f4:4f:75:04:c7:00:e7:d2:36:0b:d3:7f:de:
                    9e:df:80:fc:76:43:ab:38:7a:60:82:06:39:3c:ca:
                    0f:cd:cc:f8:47:eb:d5:43:94:11:81:23:ab:d8:3b:
                    96:0b:74:24:02:9d:e8:d2:6c:ae:7d:cf:1c:2d:f5:
                    53:9a:cc:4a:07:1f:89:58:3d:0c:fe:b6:1d:91:68:
                    3e:26:af:2d:21:36:16:d6:c7:ff:8c:f6:15:f6:5c:
                    6c:3d:a8:c0:91:5d:00:7b:81:3d:27:15:0e:df:82:
                    27:10:d9:33:07:83:de:7a:6f:bc:ad:a6:ac:1e:7e:
                    5b:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:E1:81:E7:ED:86:88:45:42:74:AD:5B:F0:1E:6B:7B:3A:DB:45:51
            X509v3 Authority Key Identifier:
                keyid:91:65:79:9D:AA:5B:DD:F2:F5:36:DD:81:B7:26:CF:AE:D0:E6:08:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kWV5napb3fL1Nt2BtybPrtDmCFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/5a81a9-2d4d-4b26-91d1-ea17da2284ff/1/kWV5napb3fL1Nt2BtybPrtDmCFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:33:3e:9a:9b:1d:14:b0:f6:1c:38:a7:0c:b7:a7:71:96:45:
         4d:19:74:09:a4:2b:ce:6d:5a:d3:a4:24:40:2a:f9:44:a4:4b:
         61:43:76:25:17:32:ec:f5:f4:8f:17:15:70:f6:b0:78:09:5c:
         a5:b3:43:27:85:b9:6d:e5:a3:03:fe:bf:c5:ac:0a:fe:29:a0:
         60:9d:88:cc:0d:ed:66:27:5d:aa:36:53:1e:10:c7:eb:e4:09:
         82:1d:46:17:bf:98:b0:90:53:38:e5:3f:93:e1:b5:1d:43:69:
         d1:94:b6:d2:c5:e4:d4:ba:13:77:a2:49:ce:ec:6a:61:f8:46:
         e8:c4:0a:d1:e6:f1:07:62:11:c1:91:ad:5e:03:b8:e3:7c:eb:
         ba:b5:d5:e1:5f:42:80:05:5f:20:f3:05:0d:ba:b9:a8:2b:9f:
         ad:d0:c7:f5:84:fd:44:ca:45:3e:05:f9:7c:ae:92:b0:b4:2c:
         8d:c6:e7:e6:9b:bd:64:73:b2:b5:40:d7:c9:f1:f7:ef:f4:d0:
         75:16:d5:93:34:75:32:e0:18:54:ee:80:9c:9f:02:7f:83:92:
         7a:f0:ed:06:5b:54:20:0c:21:0e:15:1e:e5:b7:2e:d8:85:a7:
         8c:d2:7a:b7:4a:d4:67:61:c7:e2:f9:b4:31:7b:8a:3a:94:95:
         57:2b:ff:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuXctn1EWDcoxQyXAP+WBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNjU3OTlkYWE1YmRkZjJmNTM2ZGQ4MWI3MjZjZmFlZDBl
NjA4NWIwHhcNMjUxMTExMDcwMjUxWhcNMjUxMTEyMDcwMjUxWjAzMTEwLwYDVQQD
Eyg2NGUxODFlN2VkODY4ODQ1NDI3NGFkNWJmMDFlNmI3YjNhZGI0NTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5kAAjO75xbEw7G1zhOr7H3bV+6z
j8k3ZGdOro/HC/WZ4KcCU2rhd+pbo7P6vSbYWiNXTU/5xSaEK8fEy2r7cmBtjMOS
7QjWhLQhw21CWsFPWAnJJjm6+sVCiHEkvz9h0RttTHvxAX+Z3CVT7MkuyAMvemjq
lqi/ZJMWGbshdUHX+xcXSPVsdPRPdQTHAOfSNgvTf96e34D8dkOrOHpgggY5PMoP
zcz4R+vVQ5QRgSOr2DuWC3QkAp3o0myufc8cLfVTmsxKBx+JWD0M/rYdkWg+Jq8t
ITYW1sf/jPYV9lxsPajAkV0Ae4E9JxUO34InENkzB4Peem+8raasHn5biQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGThgefthohFQnStW/Aea3s620VRMB8GA1UdIwQY
MBaAFJFleZ2qW93y9Tbdgbcmz67Q5ghbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEt
ZWExN2RhMjI4NGZmLzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi81YTgxYTktMmQ0ZC00YjI2LTkxZDEtZWExN2RhMjI4NGZm
LzEva1dWNW5hcGIzZkwxTnQyQnR5YlBydERtQ0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnzM+mpsd
FLD2HDinDLencZZFTRl0CaQrzm1a06QkQCr5RKRLYUN2JRcy7PX0jxcVcPaweAlc
pbNDJ4W5beWjA/6/xawK/imgYJ2IzA3tZiddqjZTHhDH6+QJgh1GF7+YsJBTOOU/
k+G1HUNp0ZS20sXk1LoTd6JJzuxqYfhG6MQK0ebxB2IRwZGtXgO443zrurXV4V9C
gAVfIPMFDbq5qCufrdDH9YT9RMpFPgX5fK6SsLQsjcbn5pu9ZHOytUDXyfH37/TQ
dRbVkzR1MuAYVO6AnJ8Cf4OSevDtBltUIAwhDhUe5bcu2IWnjNJ6t0rUZ2HH4vm0
MXuKOpSVVyv/mw==
-----END CERTIFICATE-----