Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.mft
File:                     kc04OOdPhNIERp3vJ7j-ehQAFLo.mft (raw, json)
Hash identifier:          xc7NnRgK1/5/4fKQgoMnNwkYF80fRyKuDUVWBxc+9tI=
Subject key identifier:   BD:C6:80:02:4B:B1:81:53:BF:CB:48:9B:E8:93:6D:79:C8:6E:80:6C
Authority key identifier: 91:CD:38:38:E7:4F:84:D2:04:46:9D:EF:27:B8:FE:7A:14:00:14:BA
Certificate issuer:       /CN=91cd3838e74f84d204469def27b8fe7a140014ba
Certificate serial:       019A7112ECF923E4BD438104C3D809DBCDD9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kc04OOdPhNIERp3vJ7j-ehQAFLo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.mft
Manifest number:          98
Signing time:             Tue 11 Nov 2025 04:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 04:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 04:00:56 +0000
Files and hashes:         1: kc04OOdPhNIERp3vJ7j-ehQAFLo.crl (hash: bCnSV4spi86rVBr9ajydtaYdpLwanZpCj3184KC6i78=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kc04OOdPhNIERp3vJ7j-ehQAFLo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:12:ec:f9:23:e4:bd:43:81:04:c3:d8:09:db:cd:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91cd3838e74f84d204469def27b8fe7a140014ba
        Validity
            Not Before: Nov 11 04:00:56 2025 GMT
            Not After : Nov 12 04:00:56 2025 GMT
        Subject: CN=bdc680024bb18153bfcb489be8936d79c86e806c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:94:a3:07:fe:31:e3:5f:f0:2a:8a:b2:f0:50:
                    2a:4d:b5:42:8a:8d:6a:d4:15:b3:f7:69:d5:70:1a:
                    9f:98:1e:e0:77:fc:fd:6a:2a:5b:64:f2:5d:a4:0b:
                    e6:77:b8:e0:74:f2:1c:8a:09:68:7a:5e:27:d2:b3:
                    28:92:6e:63:18:e0:bc:8b:31:cd:5a:cd:43:3c:5d:
                    f0:2e:b4:b0:78:5b:af:6f:a5:eb:48:ac:37:ba:dd:
                    e2:c5:1b:9c:8a:fd:bd:c8:fc:67:44:15:d1:b8:d1:
                    17:69:c8:e7:65:61:3c:0b:8b:02:7a:45:ea:67:2f:
                    8c:82:fe:4d:2c:0c:b8:08:8c:bf:08:a6:60:19:05:
                    34:63:0b:c2:6e:86:c3:80:09:18:e6:30:a9:1d:99:
                    f1:53:ba:a9:a1:a3:13:5c:69:7d:be:94:60:c0:04:
                    9d:9f:f0:47:fb:c0:ef:c1:05:be:87:9d:03:2e:7b:
                    c7:ad:4f:d7:e0:ed:fb:e0:9d:e3:b1:49:44:af:67:
                    2d:92:fa:0e:c2:13:79:25:d8:84:7e:c0:61:75:5d:
                    86:5b:07:a6:1a:d7:23:fa:3c:c2:07:a0:08:8e:0c:
                    b9:e6:ef:49:04:9b:54:d9:41:4c:42:a1:85:20:f2:
                    12:ad:82:cc:b9:9e:e9:3d:2a:63:4f:00:a3:31:ff:
                    30:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:C6:80:02:4B:B1:81:53:BF:CB:48:9B:E8:93:6D:79:C8:6E:80:6C
            X509v3 Authority Key Identifier:
                keyid:91:CD:38:38:E7:4F:84:D2:04:46:9D:EF:27:B8:FE:7A:14:00:14:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kc04OOdPhNIERp3vJ7j-ehQAFLo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/a94c18-15ca-4b9e-8380-2afc98afdcc7/1/kc04OOdPhNIERp3vJ7j-ehQAFLo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:eb:f7:a5:49:b0:61:49:d2:dd:23:80:52:d5:96:47:89:4e:
         12:5a:62:c8:6f:4d:07:3b:f0:94:61:dc:a0:d4:15:05:38:fb:
         5f:62:78:d4:72:ca:3a:12:23:45:1e:25:47:b4:c9:75:51:64:
         36:22:fa:76:c4:41:62:b0:a9:62:e0:7b:a1:2a:dc:47:cc:db:
         56:29:80:c4:f2:17:bf:b8:e4:61:b9:08:6d:b9:86:05:52:f8:
         9f:cf:09:83:e1:83:77:7d:12:2f:31:fa:41:c5:3e:31:a5:b7:
         a8:74:70:90:76:73:f9:e4:aa:90:9c:b0:9e:5a:3b:9c:49:6c:
         84:31:82:e6:f6:05:35:70:96:dc:7a:62:29:60:93:3c:63:a2:
         2a:14:c0:fb:f6:ee:c2:9d:07:2e:ff:70:dc:9c:13:ea:fe:1c:
         10:35:fa:7a:3a:65:45:02:31:f6:73:1c:5e:4d:21:e9:27:38:
         7e:5a:54:f8:40:0c:91:aa:72:cb:f9:1d:c3:13:30:af:c5:1d:
         ee:f6:cd:60:6a:13:3a:c1:3c:aa:40:17:16:90:66:a0:ee:ad:
         17:6c:9b:d4:2e:2d:84:6c:8e:ec:ba:18:c9:49:77:68:82:a1:
         58:d5:59:25:91:79:10:01:a7:94:a2:1f:7c:34:58:a2:d2:f9:
         4f:db:5e:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEuz5I+S9Q4EEw9gJ283ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxY2QzODM4ZTc0Zjg0ZDIwNDQ2OWRlZjI3YjhmZTdhMTQw
MDE0YmEwHhcNMjUxMTExMDQwMDU2WhcNMjUxMTEyMDQwMDU2WjAzMTEwLwYDVQQD
EyhiZGM2ODAwMjRiYjE4MTUzYmZjYjQ4OWJlODkzNmQ3OWM4NmU4MDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpSjB/4x41/wKoqy8FAqTbVCio1q
1BWz92nVcBqfmB7gd/z9aipbZPJdpAvmd7jgdPIcigloel4n0rMokm5jGOC8izHN
Ws1DPF3wLrSweFuvb6XrSKw3ut3ixRuciv29yPxnRBXRuNEXacjnZWE8C4sCekXq
Zy+Mgv5NLAy4CIy/CKZgGQU0YwvCbobDgAkY5jCpHZnxU7qpoaMTXGl9vpRgwASd
n/BH+8DvwQW+h50DLnvHrU/X4O374J3jsUlEr2ctkvoOwhN5JdiEfsBhdV2GWwem
Gtcj+jzCB6AIjgy55u9JBJtU2UFMQqGFIPISrYLMuZ7pPSpjTwCjMf8wZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3GgAJLsYFTv8tIm+iTbXnIboBsMB8GA1UdIwQY
MBaAFJHNODjnT4TSBEad7ye4/noUABS6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2MwNE9PZFBoTklFUnAzdko3ai1laFFBRkxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9hOTRjMTgtMTVjYS00YjllLTgzODAt
MmFmYzk4YWZkY2M3LzEva2MwNE9PZFBoTklFUnAzdko3ai1laFFBRkxvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9hOTRjMTgtMTVjYS00YjllLTgzODAtMmFmYzk4YWZkY2M3
LzEva2MwNE9PZFBoTklFUnAzdko3ai1laFFBRkxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgev3pUmw
YUnS3SOAUtWWR4lOElpiyG9NBzvwlGHcoNQVBTj7X2J41HLKOhIjRR4lR7TJdVFk
NiL6dsRBYrCpYuB7oSrcR8zbVimAxPIXv7jkYbkIbbmGBVL4n88Jg+GDd30SLzH6
QcU+MaW3qHRwkHZz+eSqkJywnlo7nElshDGC5vYFNXCW3HpiKWCTPGOiKhTA+/bu
wp0HLv9w3JwT6v4cEDX6ejplRQIx9nMcXk0h6Sc4flpU+EAMkapyy/kdwxMwr8Ud
7vbNYGoTOsE8qkAXFpBmoO6tF2yb1C4thGyO7LoYyUl3aIKhWNVZJZF5EAGnlKIf
fDRYotL5T9teYg==
-----END CERTIFICATE-----