Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
File:                     KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft (raw, json)
Hash identifier:          t3TjRhmQz2mci14R4foXV7oP0H2jasVg1PxIQ3FOc0E=
Subject key identifier:   25:4A:2A:99:3A:6E:BA:6E:61:23:6B:63:17:48:7B:B0:2B:77:8B:1D
Authority key identifier: 28:FA:45:6D:1C:23:67:86:21:95:4F:FB:F4:93:A3:23:DE:2C:44:84
Certificate issuer:       /CN=28fa456d1c23678621954ffbf493a323de2c4484
Certificate serial:       019A71B8CAEF2957B01DC6FF77A9C243EA8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
Manifest number:          0C5A
Signing time:             Tue 11 Nov 2025 07:02:07 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:07 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:07 +0000
Files and hashes:         1: KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl (hash: loIQWVSnwbUx3zonfQjEdXa0LLcsMMJdBs3lwpELw+g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:ca:ef:29:57:b0:1d:c6:ff:77:a9:c2:43:ea:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28fa456d1c23678621954ffbf493a323de2c4484
        Validity
            Not Before: Nov 11 07:02:07 2025 GMT
            Not After : Nov 12 07:02:07 2025 GMT
        Subject: CN=254a2a993a6eba6e61236b6317487bb02b778b1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:bd:15:c1:dc:3c:80:27:93:a9:aa:87:d4:c1:
                    04:a3:6b:31:06:8f:93:0e:b9:c6:1a:6f:67:7e:4a:
                    28:75:13:ea:fc:0e:8f:bf:d6:2e:bc:67:54:7a:c1:
                    dd:de:2d:58:c3:51:7c:80:5e:5c:07:33:58:65:ad:
                    45:f5:5d:8b:2f:b7:7b:0b:96:b7:5a:9c:58:01:9f:
                    cb:7d:07:db:9f:03:68:2f:22:83:22:86:cb:30:9a:
                    da:c7:be:df:e2:82:5f:c1:4e:da:05:b6:ab:0c:65:
                    de:9b:63:94:9a:1c:5b:62:a4:3c:06:c9:1b:84:d1:
                    a9:cc:7d:f6:bf:af:26:f9:b3:12:9b:96:da:af:24:
                    d7:15:8b:14:85:58:34:34:2e:e9:90:36:65:c2:02:
                    60:36:b5:eb:66:b6:df:00:a0:f4:7f:4e:f7:f6:e5:
                    d3:da:b6:05:2f:21:4f:19:0a:66:bb:4c:d9:60:7d:
                    57:d9:b1:cb:79:6d:83:ee:be:94:be:3f:6b:fc:0d:
                    68:84:56:20:fc:5b:36:8f:12:15:5d:b4:82:1b:75:
                    01:fe:69:5a:2c:9f:df:94:ff:a2:4c:4c:b4:f5:0c:
                    eb:bf:3f:84:84:6b:52:6f:46:b0:09:88:a9:02:fc:
                    31:b4:fb:a2:15:d2:e5:eb:ad:8b:f7:1f:89:0a:08:
                    a5:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:4A:2A:99:3A:6E:BA:6E:61:23:6B:63:17:48:7B:B0:2B:77:8B:1D
            X509v3 Authority Key Identifier:
                keyid:28:FA:45:6D:1C:23:67:86:21:95:4F:FB:F4:93:A3:23:DE:2C:44:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPpFbRwjZ4YhlU_79JOjI94sRIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/b1acab-9a8b-423e-b0bc-f45a2a634704/1/KPpFbRwjZ4YhlU_79JOjI94sRIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:6a:ce:11:6a:53:84:16:d5:95:90:7c:83:5f:7f:db:20:6a:
         4e:d8:45:0d:65:ea:77:82:fc:27:37:62:bd:43:fc:4d:e2:0f:
         2f:e6:52:ef:de:29:2b:99:ff:cf:df:fb:9a:04:45:c2:93:c8:
         f7:e9:2a:11:bf:42:ae:64:48:c8:ae:1a:91:3d:bf:94:21:96:
         26:7a:ba:81:ec:86:a9:ff:26:f7:34:ea:a7:92:27:73:60:8d:
         c0:23:b7:91:b5:8c:f4:07:18:03:40:ca:c4:a2:50:79:ad:56:
         12:df:03:4b:80:7a:37:53:b2:bd:9f:07:28:ca:ee:8f:c7:a9:
         4a:1a:28:a6:06:39:8c:db:fc:a7:d8:28:4a:94:74:8a:e6:91:
         62:f1:d1:65:49:74:ac:b1:7a:ed:33:7a:83:6e:5e:99:cc:6e:
         32:34:22:13:a7:44:27:b3:14:0d:a1:51:31:69:5a:bc:02:cc:
         bd:30:a3:30:fd:41:42:42:2c:5f:c0:57:55:f3:25:1b:b4:15:
         4f:11:5d:67:28:c7:60:98:e6:5b:ae:34:4d:1f:c6:85:5e:42:
         bb:ea:ce:4b:93:66:2f:25:05:9f:18:d6:04:1c:59:6d:08:d8:
         fd:b1:f4:25:ec:08:0f:fc:76:9a:e0:4a:1c:c2:e5:14:f3:6f:
         b4:e3:34:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMrvKVewHcb/d6nCQ+qLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZmE0NTZkMWMyMzY3ODYyMTk1NGZmYmY0OTNhMzIzZGUy
YzQ0ODQwHhcNMjUxMTExMDcwMjA3WhcNMjUxMTEyMDcwMjA3WjAzMTEwLwYDVQQD
EygyNTRhMmE5OTNhNmViYTZlNjEyMzZiNjMxNzQ4N2JiMDJiNzc4YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL0Vwdw8gCeTqaqH1MEEo2sxBo+T
DrnGGm9nfkoodRPq/A6Pv9YuvGdUesHd3i1Yw1F8gF5cBzNYZa1F9V2LL7d7C5a3
WpxYAZ/LfQfbnwNoLyKDIobLMJrax77f4oJfwU7aBbarDGXem2OUmhxbYqQ8Bskb
hNGpzH32v68m+bMSm5baryTXFYsUhVg0NC7pkDZlwgJgNrXrZrbfAKD0f0739uXT
2rYFLyFPGQpmu0zZYH1X2bHLeW2D7r6Uvj9r/A1ohFYg/Fs2jxIVXbSCG3UB/mla
LJ/flP+iTEy09Qzrvz+EhGtSb0awCYipAvwxtPuiFdLl662L9x+JCgilYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCVKKpk6brpuYSNrYxdIe7Ard4sdMB8GA1UdIwQY
MBaAFCj6RW0cI2eGIZVP+/SToyPeLESEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iMWFjYWItOWE4Yi00MjNlLWIwYmMt
ZjQ1YTJhNjM0NzA0LzEvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iMWFjYWItOWE4Yi00MjNlLWIwYmMtZjQ1YTJhNjM0NzA0
LzEvS1BwRmJSd2paNFlobFVfNzlKT2pJOTRzUklRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVmrOEWpT
hBbVlZB8g19/2yBqTthFDWXqd4L8JzdivUP8TeIPL+ZS794pK5n/z9/7mgRFwpPI
9+kqEb9CrmRIyK4akT2/lCGWJnq6geyGqf8m9zTqp5Inc2CNwCO3kbWM9AcYA0DK
xKJQea1WEt8DS4B6N1OyvZ8HKMruj8epShoopgY5jNv8p9goSpR0iuaRYvHRZUl0
rLF67TN6g25emcxuMjQiE6dEJ7MUDaFRMWlavALMvTCjMP1BQkIsX8BXVfMlG7QV
TxFdZyjHYJjmW640TR/GhV5Cu+rOS5NmLyUFnxjWBBxZbQjY/bH0JewID/x2muBK
HMLlFPNvtOM0gg==
-----END CERTIFICATE-----