Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          9YdUF9A2+6hzO4Zkh0WM/wG92XMg+CemV6qUHEcim70=
Subject key identifier:   98:EB:59:B8:6F:A8:0E:9D:D2:95:73:99:C6:B0:89:4B:A9:8B:A2:5D
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       019A71B841FC923A64A309047F86B99243C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          09EC
Signing time:             Tue 11 Nov 2025 07:01:32 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:32 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:32 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: 4qFbWJNhrD7HhMIHZ46JCtUJ+SXgq8eAilEZ+Lfbvn4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:41:fc:92:3a:64:a3:09:04:7f:86:b9:92:43:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: Nov 11 07:01:32 2025 GMT
            Not After : Nov 12 07:01:32 2025 GMT
        Subject: CN=98eb59b86fa80e9dd2957399c6b0894ba98ba25d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:8a:40:e6:19:05:e0:63:92:10:18:8f:79:0c:
                    03:6f:ba:8b:60:89:05:90:b5:ee:2e:34:c5:0f:60:
                    97:cf:d3:c6:19:5b:3d:f4:53:2c:2b:02:8a:bf:8b:
                    dc:00:25:95:63:a5:5b:9c:a5:28:0f:13:d7:38:8a:
                    8f:9f:dc:bc:d8:4b:a6:c0:1e:2c:bd:5f:35:f8:dd:
                    b8:8b:6d:8c:00:b0:84:ae:81:b6:5e:93:79:22:bd:
                    8a:71:78:d1:e8:62:54:1f:03:35:8f:81:73:ee:6f:
                    b5:96:89:8d:c1:9f:55:b5:ec:16:7d:2b:87:81:81:
                    f2:be:f5:8d:d6:ee:6c:b1:51:df:b3:f7:7d:21:7e:
                    e7:05:3e:32:d0:9c:2f:1d:89:61:a3:99:67:2b:99:
                    30:0f:78:0c:cb:64:62:a2:bc:18:ba:c6:20:06:42:
                    2a:e6:f6:1a:7e:e9:37:4f:15:01:5d:c2:f1:b5:6b:
                    da:72:7d:0d:7e:f7:72:b3:b0:e2:b0:e6:d6:61:48:
                    24:d3:4c:dd:b6:a6:89:3c:1b:f8:30:eb:bb:3c:47:
                    c6:0c:09:f1:b1:e1:10:3c:7d:d6:c3:15:86:39:5f:
                    e8:4b:b5:83:8a:ec:db:6c:28:fe:a3:48:d0:c4:3d:
                    24:40:2c:87:8a:60:3f:ff:dd:5a:20:4e:85:30:85:
                    b1:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:EB:59:B8:6F:A8:0E:9D:D2:95:73:99:C6:B0:89:4B:A9:8B:A2:5D
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:93:44:c3:97:30:69:a2:1c:db:75:0c:a1:c0:23:99:77:14:
         c5:6d:07:c0:69:f9:f6:0c:28:36:db:d0:c5:fe:5a:56:22:5f:
         22:a6:f8:29:ca:40:76:77:3e:a2:98:83:ae:5f:66:20:45:68:
         5c:1b:82:e0:ce:2e:55:ae:fa:21:b8:75:3c:89:5c:0a:1f:31:
         e8:8d:be:02:80:45:ca:f3:8d:a6:20:a9:87:5e:d2:1e:4d:03:
         dd:a0:87:f9:5f:f8:8f:63:ec:0a:a3:34:cd:63:1c:50:7f:f1:
         fb:ef:53:21:c8:8b:97:52:ac:ee:f5:75:32:dc:b4:da:93:43:
         81:05:db:95:c4:56:aa:96:af:ef:09:10:86:e0:fd:b9:cd:7a:
         8f:b5:18:16:4a:30:03:dc:f1:90:bf:d6:91:41:00:a7:69:28:
         24:c5:24:f4:16:4f:a9:0a:6e:9c:c0:67:98:05:eb:06:69:b4:
         be:8c:9e:ca:a5:49:cb:b0:ef:99:58:2a:56:26:fd:b8:d0:c1:
         d8:d8:e1:de:4d:8e:25:b2:67:d5:75:cb:2f:da:c1:97:7b:9f:
         c2:3b:b7:0d:6a:b6:db:f7:79:f4:e8:ed:92:49:17:36:db:07:
         f3:4b:cd:5d:60:36:6e:e3:00:93:57:95:87:1a:b6:42:a7:80:
         c2:33:95:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEH8kjpkowkEf4a5kkPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjUxMTExMDcwMTMyWhcNMjUxMTEyMDcwMTMyWjAzMTEwLwYDVQQD
Eyg5OGViNTliODZmYTgwZTlkZDI5NTczOTljNmIwODk0YmE5OGJhMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYpA5hkF4GOSEBiPeQwDb7qLYIkF
kLXuLjTFD2CXz9PGGVs99FMsKwKKv4vcACWVY6VbnKUoDxPXOIqPn9y82EumwB4s
vV81+N24i22MALCEroG2XpN5Ir2KcXjR6GJUHwM1j4Fz7m+1lomNwZ9VtewWfSuH
gYHyvvWN1u5ssVHfs/d9IX7nBT4y0JwvHYlho5lnK5kwD3gMy2RiorwYusYgBkIq
5vYafuk3TxUBXcLxtWvacn0Nfvdys7DisObWYUgk00zdtqaJPBv4MOu7PEfGDAnx
seEQPH3WwxWGOV/oS7WDiuzbbCj+o0jQxD0kQCyHimA//91aIE6FMIWx/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjrWbhvqA6d0pVzmcawiUupi6JdMB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF5NEw5cw
aaIc23UMocAjmXcUxW0HwGn59gwoNtvQxf5aViJfIqb4KcpAdnc+opiDrl9mIEVo
XBuC4M4uVa76Ibh1PIlcCh8x6I2+AoBFyvONpiCph17SHk0D3aCH+V/4j2PsCqM0
zWMcUH/x++9TIciLl1Ks7vV1Mty02pNDgQXblcRWqpav7wkQhuD9uc16j7UYFkow
A9zxkL/WkUEAp2koJMUk9BZPqQpunMBnmAXrBmm0voyeyqVJy7DvmVgqVib9uNDB
2Njh3k2OJbJn1XXLL9rBl3ufwju3DWq22/d59OjtkkkXNtsH80vNXWA2buMAk1eV
hxq2QqeAwjOV0A==
-----END CERTIFICATE-----