Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
File:                     K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft (raw, json)
Hash identifier:          9M1hfypAngqnNH4XR3rmAblwxsUoW3zTfnmQufvTs7k=
Subject key identifier:   9D:AF:44:42:19:A0:ED:F7:5E:D9:4D:EA:30:13:D9:01:CA:3E:15:28
Authority key identifier: 2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73
Certificate issuer:       /CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73
Certificate serial:       019916BF3E8411806947D4A9494EB3CAC551
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
Manifest number:          0838
Signing time:             Thu 04 Sep 2025 22:00:55 +0000
Manifest this update:     Thu 04 Sep 2025 22:00:55 +0000
Manifest next update:     Fri 05 Sep 2025 22:00:55 +0000
Files and hashes:         1: K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl (hash: 3qUQVLTV0xZScVPdwh+UVdygMXBOjvC6unWISChQ72Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 05 Sep 2025 19:46:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:16:bf:3e:84:11:80:69:47:d4:a9:49:4e:b3:ca:c5:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73
        Validity
            Not Before: Sep  4 22:00:55 2025 GMT
            Not After : Sep  5 22:00:55 2025 GMT
        Subject: CN=9daf444219a0edf75ed94dea3013d901ca3e1528
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0a:ac:ef:b1:42:cd:35:37:92:5f:df:e0:df:
                    ad:4a:34:cb:16:ae:ed:f8:50:04:ad:58:45:4f:a6:
                    92:ac:de:1d:31:aa:cb:cd:be:46:9d:1e:71:0f:17:
                    bf:e8:27:52:2c:b1:85:50:cf:9a:57:16:2b:76:66:
                    6c:23:69:f7:2c:70:29:bc:fb:1f:bf:a5:7f:3e:59:
                    dc:cd:6f:f3:4c:b9:62:6a:41:c3:ea:8d:8a:b6:ed:
                    90:e2:0c:fa:43:6e:28:07:00:03:0c:55:86:ea:28:
                    7f:97:90:34:b1:8a:4b:35:cb:23:f4:08:11:c4:ef:
                    20:61:03:c3:b4:2c:b7:a5:57:c8:bc:c7:7c:d3:00:
                    ef:00:ba:e3:36:72:e3:09:37:ab:71:df:b9:b9:86:
                    86:14:bc:d9:bf:7a:fb:71:cf:f9:bb:2d:ee:04:bd:
                    83:8c:20:8a:ed:d8:ac:79:eb:cb:1f:a4:45:34:23:
                    ba:fd:0d:3f:fb:ca:67:af:73:12:a2:95:cf:8e:77:
                    52:c5:3d:ad:e4:7e:b0:58:70:25:53:57:8b:6c:65:
                    d7:ac:54:e3:f9:af:9c:56:12:3e:ec:6c:22:6a:76:
                    cf:e5:5b:67:13:48:16:b6:a3:27:02:3b:f4:23:32:
                    69:ec:7f:4a:5f:59:00:d5:80:30:32:1f:c7:4a:71:
                    0a:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:AF:44:42:19:A0:ED:F7:5E:D9:4D:EA:30:13:D9:01:CA:3E:15:28
            X509v3 Authority Key Identifier:
                keyid:2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:92:99:4e:9a:20:fd:9a:e1:0b:20:74:d4:05:06:65:a3:cd:
         ff:56:96:73:76:86:28:fd:70:2a:93:8c:5e:dc:91:95:c5:67:
         29:8d:42:1d:37:72:e8:35:28:e3:db:99:e5:f9:74:91:7b:fc:
         49:a8:44:7f:67:48:a4:10:40:67:dc:90:99:b8:a6:86:15:02:
         c2:47:ff:c4:5f:99:d0:d4:5f:dd:63:df:c3:98:aa:f7:be:49:
         7b:69:0d:23:60:a8:b1:db:23:cd:54:ce:4d:f1:ad:90:a8:6b:
         d8:df:91:df:b3:28:51:ea:33:b0:12:61:06:ac:89:93:95:5a:
         bd:4a:3f:c0:fd:5f:0e:e8:47:e1:be:83:f5:75:92:f1:95:4a:
         63:73:90:8f:5e:08:82:76:29:98:02:fe:12:c3:e2:3d:31:fb:
         b5:b4:f4:07:76:ca:83:44:8b:ee:78:37:33:43:61:f3:7f:16:
         b7:6c:a8:db:3f:5a:77:11:42:6f:25:62:fd:8d:5e:88:9c:b5:
         b7:39:8d:7e:3a:d7:0f:81:70:b1:9f:50:cd:8b:6b:f6:cf:d2:
         4d:cb:39:c7:c4:7f:19:79:6e:8e:30:62:55:70:69:ce:92:7a:
         4e:e3:ad:25:0f:72:bd:f3:9c:be:b9:02:2c:50:32:18:c0:99:
         6b:9f:cd:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkWvz6EEYBpR9SpSU6zysVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYjJkMDIzNDFjMTE5NDlhOGM4NzE1M2Y4NjZjMGY2OGYx
YmJkNzMwHhcNMjUwOTA0MjIwMDU1WhcNMjUwOTA1MjIwMDU1WjAzMTEwLwYDVQQD
Eyg5ZGFmNDQ0MjE5YTBlZGY3NWVkOTRkZWEzMDEzZDkwMWNhM2UxNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Qqs77FCzTU3kl/f4N+tSjTLFq7t
+FAErVhFT6aSrN4dMarLzb5GnR5xDxe/6CdSLLGFUM+aVxYrdmZsI2n3LHApvPsf
v6V/PlnczW/zTLliakHD6o2Ktu2Q4gz6Q24oBwADDFWG6ih/l5A0sYpLNcsj9AgR
xO8gYQPDtCy3pVfIvMd80wDvALrjNnLjCTercd+5uYaGFLzZv3r7cc/5uy3uBL2D
jCCK7diseevLH6RFNCO6/Q0/+8pnr3MSopXPjndSxT2t5H6wWHAlU1eLbGXXrFTj
+a+cVhI+7GwianbP5VtnE0gWtqMnAjv0IzJp7H9KX1kA1YAwMh/HSnEKLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2vREIZoO33XtlN6jAT2QHKPhUoMB8GA1UdIwQY
MBaAFCuy0CNBwRlJqMhxU/hmwPaPG71zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYt
NDYwNjU2ZmUzYWI1LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYtNDYwNjU2ZmUzYWI1
LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO5KZTpog
/ZrhCyB01AUGZaPN/1aWc3aGKP1wKpOMXtyRlcVnKY1CHTdy6DUo49uZ5fl0kXv8
SahEf2dIpBBAZ9yQmbimhhUCwkf/xF+Z0NRf3WPfw5iq975Je2kNI2CosdsjzVTO
TfGtkKhr2N+R37MoUeozsBJhBqyJk5VavUo/wP1fDuhH4b6D9XWS8ZVKY3OQj14I
gnYpmAL+EsPiPTH7tbT0B3bKg0SL7ng3M0Nh838Wt2yo2z9adxFCbyVi/Y1eiJy1
tzmNfjrXD4FwsZ9QzYtr9s/STcs5x8R/GXlujjBiVXBpzpJ6TuOtJQ9yvfOcvrkC
LFAyGMCZa5/NhA==
-----END CERTIFICATE-----