Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
File:                     kXWIXPl40u9mE3YhRTC57WjFtFg.mft (raw, json)
Hash identifier:          SUJoHm1ATA/DYCRpTCFyqJQS26VE6P1vlCAIveI0DEo=
Subject key identifier:   05:99:19:41:AA:B7:92:D7:F0:6F:38:89:29:19:3D:42:14:50:57:CD
Authority key identifier: 91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58
Certificate issuer:       /CN=9175885cf978d2ef661376214530b9ed68c5b458
Certificate serial:       019A71B8E1B6FA1B9D5AC1914B3E03D0899D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
Manifest number:          0A3C
Signing time:             Tue 11 Nov 2025 07:02:12 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:12 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:12 +0000
Files and hashes:         1: kXWIXPl40u9mE3YhRTC57WjFtFg.crl (hash: qJO0n5JUEqi8hbpkNEKzm/BJPfkQRnvR7DZGS0pQmus=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:e1:b6:fa:1b:9d:5a:c1:91:4b:3e:03:d0:89:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9175885cf978d2ef661376214530b9ed68c5b458
        Validity
            Not Before: Nov 11 07:02:12 2025 GMT
            Not After : Nov 12 07:02:12 2025 GMT
        Subject: CN=05991941aab792d7f06f388929193d42145057cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:8d:e1:70:69:79:48:d5:46:7f:72:26:2f:e6:
                    b2:58:21:a8:5b:b8:07:8a:c9:76:2d:20:83:f3:d0:
                    a6:64:8e:48:13:ba:05:82:25:ca:74:d5:54:f6:43:
                    35:99:f6:c7:36:6c:92:21:e5:45:85:83:4f:75:77:
                    0d:4a:13:34:5b:12:cd:97:75:7d:37:a1:aa:96:0a:
                    f9:bb:98:a5:82:7c:5a:3d:23:c1:58:e1:96:81:d5:
                    10:5b:9d:ae:13:21:a4:6a:3e:0b:9b:9d:b9:d6:fd:
                    57:3c:82:65:a3:7b:17:1b:9e:5c:7f:98:f2:2f:4c:
                    db:cb:46:6e:fb:02:39:f5:fa:1f:ac:b1:dd:0d:52:
                    54:36:b9:0c:d6:25:a1:a1:6d:a8:0e:b0:ad:cf:71:
                    9b:6b:0f:35:53:a2:85:10:76:62:c0:cc:cc:c3:04:
                    72:e4:45:f9:6f:f1:95:06:18:a0:a9:cb:bc:50:92:
                    e2:2f:74:d1:65:6a:4e:5c:9e:65:7f:b9:db:a6:ea:
                    0f:7e:a3:bc:b7:1e:eb:c4:2f:42:48:07:7e:a7:00:
                    7c:b5:7e:69:21:f7:63:f7:ea:17:75:22:c6:37:28:
                    87:86:f9:a4:3c:81:a9:99:7e:8d:94:b4:85:ec:27:
                    c3:da:c9:5a:b7:a8:0f:5f:bd:16:a0:88:29:79:55:
                    c7:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:99:19:41:AA:B7:92:D7:F0:6F:38:89:29:19:3D:42:14:50:57:CD
            X509v3 Authority Key Identifier:
                keyid:91:75:88:5C:F9:78:D2:EF:66:13:76:21:45:30:B9:ED:68:C5:B4:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXWIXPl40u9mE3YhRTC57WjFtFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c485d9-2736-49b1-9a44-1b95819cfc9c/1/kXWIXPl40u9mE3YhRTC57WjFtFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:21:77:7a:06:ea:91:7a:bb:19:b3:e9:8a:18:b8:34:bf:c4:
         29:07:d6:f7:11:b2:4a:02:80:7b:50:37:c2:f6:82:5e:87:4d:
         e2:01:b3:2e:a4:73:a9:7d:66:85:a1:04:8a:59:93:81:7c:33:
         90:4c:f9:7d:63:86:21:00:3b:7b:2d:99:2b:10:80:2c:a6:88:
         1a:c9:e9:c9:cd:54:9f:32:ab:b8:95:6d:6b:dc:17:ef:c8:ff:
         ad:55:ff:ee:8e:22:ad:35:d9:c4:85:82:da:5b:db:91:12:66:
         0e:0e:b1:fa:f8:99:ad:a4:77:e9:aa:72:f0:f5:ab:c3:a7:e2:
         d8:6c:0a:04:15:1c:1c:c7:45:f0:06:aa:41:4e:75:e4:5c:d1:
         15:a9:6b:0a:44:44:43:57:0c:7d:8e:e7:d6:df:4d:73:a9:b5:
         3c:ee:f4:e7:40:c3:63:23:06:03:96:52:85:c4:d3:80:0b:40:
         c9:70:72:23:b7:8d:c6:92:8a:e6:67:b5:bb:e4:38:e3:f5:4e:
         a5:ff:8b:fc:39:c6:ff:e5:d7:7e:39:dc:1e:75:3e:91:f5:8d:
         b6:4b:fb:ae:95:60:cf:72:ef:f8:0f:27:22:aa:23:65:36:35:
         27:d2:03:26:12:ed:41:92:f1:eb:3a:1a:ec:99:4d:bd:1b:4f:
         d0:7b:e1:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOG2+hudWsGRSz4D0ImdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzU4ODVjZjk3OGQyZWY2NjEzNzYyMTQ1MzBiOWVkNjhj
NWI0NTgwHhcNMjUxMTExMDcwMjEyWhcNMjUxMTEyMDcwMjEyWjAzMTEwLwYDVQQD
EygwNTk5MTk0MWFhYjc5MmQ3ZjA2ZjM4ODkyOTE5M2Q0MjE0NTA1N2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI3hcGl5SNVGf3ImL+ayWCGoW7gH
isl2LSCD89CmZI5IE7oFgiXKdNVU9kM1mfbHNmySIeVFhYNPdXcNShM0WxLNl3V9
N6Gqlgr5u5ilgnxaPSPBWOGWgdUQW52uEyGkaj4Lm5251v1XPIJlo3sXG55cf5jy
L0zby0Zu+wI59fofrLHdDVJUNrkM1iWhoW2oDrCtz3Gbaw81U6KFEHZiwMzMwwRy
5EX5b/GVBhigqcu8UJLiL3TRZWpOXJ5lf7nbpuoPfqO8tx7rxC9CSAd+pwB8tX5p
Ifdj9+oXdSLGNyiHhvmkPIGpmX6NlLSF7CfD2slat6gPX70WoIgpeVXHbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWZGUGqt5LX8G84iSkZPUIUUFfNMB8GA1UdIwQY
MBaAFJF1iFz5eNLvZhN2IUUwue1oxbRYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQt
MWI5NTgxOWNmYzljLzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNDg1ZDktMjczNi00OWIxLTlhNDQtMWI5NTgxOWNmYzlj
LzEva1hXSVhQbDQwdTltRTNZaFJUQzU3V2pGdEZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApiF3egbq
kXq7GbPpihi4NL/EKQfW9xGySgKAe1A3wvaCXodN4gGzLqRzqX1mhaEEilmTgXwz
kEz5fWOGIQA7ey2ZKxCALKaIGsnpyc1UnzKruJVta9wX78j/rVX/7o4irTXZxIWC
2lvbkRJmDg6x+viZraR36apy8PWrw6fi2GwKBBUcHMdF8AaqQU515FzRFalrCkRE
Q1cMfY7n1t9Nc6m1PO7050DDYyMGA5ZShcTTgAtAyXByI7eNxpKK5me1u+Q44/VO
pf+L/DnG/+XXfjncHnU+kfWNtkv7rpVgz3Lv+A8nIqojZTY1J9IDJhLtQZLx6zoa
7JlNvRtP0Hvhvg==
-----END CERTIFICATE-----