Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
File:                     ksrhHed02u8FJ0JGPOlU9SHG0nI.mft (raw, json)
Hash identifier:          rgG1poPZOUJW52hSxrpi1hrDhZgqwq+jQq5wINoAweQ=
Subject key identifier:   B1:FE:17:05:D9:EA:C4:CA:62:62:10:70:A3:56:61:64:B0:AB:63:4A
Authority key identifier: 92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72
Certificate issuer:       /CN=92cae11de774daef052742463ce954f521c6d272
Certificate serial:       019A71B76EBA9D892D7FC7B0902BB77DA15F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
Manifest number:          1117
Signing time:             Tue 11 Nov 2025 07:00:38 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:38 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:38 +0000
Files and hashes:         1: ksrhHed02u8FJ0JGPOlU9SHG0nI.crl (hash: kc1PNPNVCZMSC+JcC6lp3zyCDO6MBr8WD6WF2U2ao/Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:6e:ba:9d:89:2d:7f:c7:b0:90:2b:b7:7d:a1:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92cae11de774daef052742463ce954f521c6d272
        Validity
            Not Before: Nov 11 07:00:38 2025 GMT
            Not After : Nov 12 07:00:38 2025 GMT
        Subject: CN=b1fe1705d9eac4ca62621070a3566164b0ab634a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:8d:25:f9:5f:7b:95:e0:24:b3:64:fb:a4:b8:
                    71:3c:a0:c2:de:39:f7:d8:0b:50:62:09:d1:6f:4c:
                    bf:6e:17:e8:5f:66:e4:9e:26:99:5b:3d:48:f8:a1:
                    6a:52:e8:c6:3f:99:b3:da:ac:89:2a:7a:d6:3f:44:
                    f9:7f:cb:91:6a:09:c5:68:db:fb:5c:b9:5e:78:f5:
                    44:1e:6f:05:4d:59:1c:be:d5:66:5b:1d:96:32:95:
                    65:f2:ea:f3:31:cf:95:5a:31:90:c4:d8:cb:3b:5b:
                    5c:35:22:7a:78:56:5b:7f:58:82:13:df:af:39:d1:
                    31:15:ee:a7:73:5c:55:cd:50:3d:02:46:ab:3e:8d:
                    93:1b:0b:e4:95:b1:cb:fd:a7:1b:56:af:5b:43:37:
                    e1:ed:49:87:f9:51:77:27:db:ba:34:ba:60:f9:76:
                    38:a9:4a:bd:bb:85:2b:4f:7a:81:12:5b:81:72:dc:
                    19:38:35:16:85:5b:8d:0e:3d:b7:01:1b:30:04:37:
                    75:81:cc:d8:e8:68:83:23:02:30:c5:ff:a0:64:eb:
                    16:12:b7:cf:2d:98:3f:30:40:cf:3d:9b:18:32:6d:
                    57:c7:6c:38:de:76:3b:57:5d:e1:22:55:3c:20:fc:
                    00:70:b4:9c:56:54:e5:20:d9:3b:8c:56:40:fe:0c:
                    5b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:FE:17:05:D9:EA:C4:CA:62:62:10:70:A3:56:61:64:B0:AB:63:4A
            X509v3 Authority Key Identifier:
                keyid:92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:49:c9:a3:14:9a:4f:84:6e:9e:e7:c0:86:d4:b9:53:c7:7f:
         06:2d:17:8d:89:5b:f2:e9:06:b4:c7:c1:f0:fb:fa:77:fe:18:
         52:a0:34:04:76:0f:e7:67:5e:64:94:a2:4a:d0:2a:e1:f4:64:
         01:c0:93:09:5e:ae:dd:8c:b9:b0:f1:c9:6f:75:48:1d:8c:51:
         13:96:43:4b:3a:8b:e6:9a:4d:df:af:62:48:35:f0:5d:35:3d:
         40:33:b5:54:00:97:3e:f9:10:76:ef:fd:1d:b9:c5:f2:e1:50:
         35:11:ea:95:24:77:64:c0:be:f0:35:fa:cb:d4:c7:7b:4d:cc:
         75:a6:65:40:fb:c3:ff:5e:6d:04:56:50:aa:ec:82:79:96:b4:
         67:33:c8:3d:53:b8:76:93:06:e6:f4:7e:05:09:10:e5:df:25:
         08:b7:42:10:8e:8e:ab:a7:61:dc:55:dd:81:8e:0f:68:94:a3:
         fc:c4:0d:ad:79:ef:9e:27:5b:b8:38:03:d5:1a:9a:fe:02:2f:
         a0:c4:e8:2a:d9:52:c5:3d:9e:30:10:ac:80:e6:4f:9d:c5:6f:
         ed:a0:be:70:d8:4d:53:b2:76:31:55:a4:46:dd:f1:18:09:dd:
         1c:8c:04:ce:06:1a:28:c2:75:15:aa:7b:c5:5b:37:b3:1b:9c:
         51:2f:ba:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt266nYktf8ewkCu3faFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyY2FlMTFkZTc3NGRhZWYwNTI3NDI0NjNjZTk1NGY1MjFj
NmQyNzIwHhcNMjUxMTExMDcwMDM4WhcNMjUxMTEyMDcwMDM4WjAzMTEwLwYDVQQD
EyhiMWZlMTcwNWQ5ZWFjNGNhNjI2MjEwNzBhMzU2NjE2NGIwYWI2MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjY0l+V97leAks2T7pLhxPKDC3jn3
2AtQYgnRb0y/bhfoX2bkniaZWz1I+KFqUujGP5mz2qyJKnrWP0T5f8uRagnFaNv7
XLleePVEHm8FTVkcvtVmWx2WMpVl8urzMc+VWjGQxNjLO1tcNSJ6eFZbf1iCE9+v
OdExFe6nc1xVzVA9AkarPo2TGwvklbHL/acbVq9bQzfh7UmH+VF3J9u6NLpg+XY4
qUq9u4UrT3qBEluBctwZODUWhVuNDj23ARswBDd1gczY6GiDIwIwxf+gZOsWErfP
LZg/MEDPPZsYMm1Xx2w43nY7V13hIlU8IPwAcLScVlTlINk7jFZA/gxbtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLH+FwXZ6sTKYmIQcKNWYWSwq2NKMB8GA1UdIwQY
MBaAFJLK4R3ndNrvBSdCRjzpVPUhxtJyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQt
ZWZmNmZkN2QzYjI4LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQtZWZmNmZkN2QzYjI4
LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARknJoxSa
T4RunufAhtS5U8d/Bi0XjYlb8ukGtMfB8Pv6d/4YUqA0BHYP52deZJSiStAq4fRk
AcCTCV6u3Yy5sPHJb3VIHYxRE5ZDSzqL5ppN369iSDXwXTU9QDO1VACXPvkQdu/9
HbnF8uFQNRHqlSR3ZMC+8DX6y9THe03MdaZlQPvD/15tBFZQquyCeZa0ZzPIPVO4
dpMG5vR+BQkQ5d8lCLdCEI6Oq6dh3FXdgY4PaJSj/MQNrXnvnidbuDgD1Rqa/gIv
oMToKtlSxT2eMBCsgOZPncVv7aC+cNhNU7J2MVWkRt3xGAndHIwEzgYaKMJ1Fap7
xVs3sxucUS+6QQ==
-----END CERTIFICATE-----