Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
File:                     KAYV5gBqhh9mz3MH0w_JNQx2994.mft (raw, json)
Hash identifier:          9aPMHj87iDEFQt/JvMqiKP9NJiNpKD2uSehplGItNao=
Subject key identifier:   B5:F2:2E:91:38:16:6E:33:6D:FF:11:A9:C2:D9:7E:03:03:D5:9A:5C
Authority key identifier: 28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE
Certificate issuer:       /CN=280615e6006a861f66cf7307d30fc9350c76f7de
Certificate serial:       019A72265D90AD32281C0F8E05D07FBACD1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
Manifest number:          171C
Signing time:             Tue 11 Nov 2025 09:01:48 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:48 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:48 +0000
Files and hashes:         1: KAYV5gBqhh9mz3MH0w_JNQx2994.crl (hash: EW09MWFWj8BKWy7ay1kxj4Py/9iqGzsOsrr4r4T82I4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:5d:90:ad:32:28:1c:0f:8e:05:d0:7f:ba:cd:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=280615e6006a861f66cf7307d30fc9350c76f7de
        Validity
            Not Before: Nov 11 09:01:48 2025 GMT
            Not After : Nov 12 09:01:48 2025 GMT
        Subject: CN=b5f22e9138166e336dff11a9c2d97e0303d59a5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8b:e5:22:3b:3b:d1:30:7e:ba:92:5a:2d:ea:
                    18:8d:22:6a:23:20:a8:79:23:36:61:b1:bc:6b:63:
                    42:e2:c6:0f:38:af:29:00:7c:30:38:54:cc:c6:6d:
                    c0:6b:59:06:95:9f:51:cc:20:3f:0d:ef:03:13:32:
                    8e:f3:3a:32:c4:be:c0:e7:22:cf:78:0a:9b:7f:18:
                    63:c7:57:5b:da:a1:1c:aa:e7:da:60:79:87:8d:e4:
                    d6:f6:cb:70:16:a3:7b:e7:78:d9:d1:0b:56:a0:2f:
                    e4:05:23:97:4a:9a:05:88:d7:90:cd:26:9a:82:ca:
                    8d:5e:c9:2e:d5:81:54:bb:90:09:49:bf:84:a2:51:
                    ee:0a:9f:5b:c8:7e:7a:3d:18:ab:fe:9d:23:d0:80:
                    6b:03:fe:7b:a6:7b:5e:15:9b:ef:48:a3:e6:5e:ee:
                    11:1f:df:90:5d:39:8e:5b:73:6b:8c:fd:25:63:ec:
                    6b:5e:cc:2a:de:ff:88:24:6d:4c:5a:11:5e:74:55:
                    da:d5:09:70:2b:e2:6b:92:24:dc:0b:78:f7:69:40:
                    86:44:ad:97:bb:2b:21:af:cd:29:44:d9:97:d5:11:
                    ad:c8:27:96:7e:8d:05:90:ac:c9:4f:de:5e:9f:31:
                    4b:71:bf:93:5d:77:21:29:52:9b:43:33:f7:7f:c5:
                    03:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:F2:2E:91:38:16:6E:33:6D:FF:11:A9:C2:D9:7E:03:03:D5:9A:5C
            X509v3 Authority Key Identifier:
                keyid:28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:a2:6c:18:6a:90:f3:0a:0f:e1:b4:88:75:17:5b:cf:f5:63:
         41:1e:1f:93:ff:2d:93:a0:bb:0a:4b:42:81:84:69:ca:94:2b:
         2e:70:f7:e6:a9:84:6f:e0:cd:3d:c9:be:96:db:5d:72:19:1a:
         60:1b:69:94:c6:23:d4:30:18:14:cf:1d:fe:30:e9:58:97:7b:
         88:9d:95:a5:93:54:8b:44:67:86:24:a4:2d:c8:24:be:64:a9:
         35:f3:93:73:40:d4:ef:83:a9:a4:e1:60:e0:8a:01:85:7b:75:
         a9:a6:0f:8b:d6:47:15:42:91:df:8d:b5:94:f9:06:ac:ed:1a:
         8d:17:d5:82:1e:36:38:46:70:4a:4c:d1:4f:b6:45:ee:4e:89:
         62:cf:2d:2c:17:52:95:57:61:95:d0:89:2c:c3:74:b5:81:44:
         b1:f5:89:3a:b3:71:37:2f:2a:99:92:45:d4:7a:66:af:1c:7e:
         4c:4f:d3:16:a7:f6:ef:2b:ed:2c:db:1e:8b:81:6f:d2:46:ea:
         5c:8a:1d:d2:a4:55:f5:e4:00:5e:07:4d:52:34:10:22:2f:3b:
         7a:72:76:e2:8b:f7:8f:39:73:f8:4f:30:9d:21:27:f1:86:d5:
         31:12:1a:24:8a:04:1b:6d:e9:ba:da:b0:49:eb:02:e6:d8:c5:
         b5:6d:36:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJl2QrTIoHA+OBdB/us0fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MDYxNWU2MDA2YTg2MWY2NmNmNzMwN2QzMGZjOTM1MGM3
NmY3ZGUwHhcNMjUxMTExMDkwMTQ4WhcNMjUxMTEyMDkwMTQ4WjAzMTEwLwYDVQQD
EyhiNWYyMmU5MTM4MTY2ZTMzNmRmZjExYTljMmQ5N2UwMzAzZDU5YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIvlIjs70TB+upJaLeoYjSJqIyCo
eSM2YbG8a2NC4sYPOK8pAHwwOFTMxm3Aa1kGlZ9RzCA/De8DEzKO8zoyxL7A5yLP
eAqbfxhjx1db2qEcqufaYHmHjeTW9stwFqN753jZ0QtWoC/kBSOXSpoFiNeQzSaa
gsqNXsku1YFUu5AJSb+EolHuCp9byH56PRir/p0j0IBrA/57pnteFZvvSKPmXu4R
H9+QXTmOW3NrjP0lY+xrXswq3v+IJG1MWhFedFXa1QlwK+JrkiTcC3j3aUCGRK2X
uyshr80pRNmX1RGtyCeWfo0FkKzJT95enzFLcb+TXXchKVKbQzP3f8UD5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLXyLpE4Fm4zbf8RqcLZfgMD1ZpcMB8GA1UdIwQY
MBaAFCgGFeYAaoYfZs9zB9MPyTUMdvfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEt
YWU5MmI2YWUxYmZlLzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEtYWU5MmI2YWUxYmZl
LzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoKJsGGqQ
8woP4bSIdRdbz/VjQR4fk/8tk6C7CktCgYRpypQrLnD35qmEb+DNPcm+lttdchka
YBtplMYj1DAYFM8d/jDpWJd7iJ2VpZNUi0RnhiSkLcgkvmSpNfOTc0DU74OppOFg
4IoBhXt1qaYPi9ZHFUKR3421lPkGrO0ajRfVgh42OEZwSkzRT7ZF7k6JYs8tLBdS
lVdhldCJLMN0tYFEsfWJOrNxNy8qmZJF1Hpmrxx+TE/TFqf27yvtLNsei4Fv0kbq
XIod0qRV9eQAXgdNUjQQIi87enJ24ov3jzlz+E8wnSEn8YbVMRIaJIoEG23putqw
SesC5tjFtW02MA==
-----END CERTIFICATE-----