Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
File:                     kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft (raw, json)
Hash identifier:          S/AYal6c4GkDGeKPtMWGs7eP59bwQEMKHYrH2SUFQtY=
Subject key identifier:   94:47:9D:59:EE:C8:26:BA:13:90:E0:4F:05:4A:BD:0A:00:2A:F9:F2
Authority key identifier: 90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D
Certificate issuer:       /CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
Certificate serial:       019A71B7ED1E34594FBD3638521BD7841951
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
Manifest number:          086F
Signing time:             Tue 11 Nov 2025 07:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:10 +0000
Files and hashes:         1: kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl (hash: y2TlaU/Bb7Vb0CRTPFWr+AnKBHa5bqTfnfuOogUpRY8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ed:1e:34:59:4f:bd:36:38:52:1b:d7:84:19:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d
        Validity
            Not Before: Nov 11 07:01:10 2025 GMT
            Not After : Nov 12 07:01:10 2025 GMT
        Subject: CN=94479d59eec826ba1390e04f054abd0a002af9f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b7:b1:60:0d:5f:02:d1:70:0f:ad:5f:6e:72:
                    ff:1a:58:2b:bc:9c:36:61:d5:65:ef:00:b4:01:78:
                    04:fb:2e:e3:87:cc:e6:9f:bd:d3:dc:21:15:d2:62:
                    c6:aa:30:61:5d:51:ed:7d:6f:ce:a4:99:f6:d8:ba:
                    58:e1:ba:bf:2f:a1:f3:67:f2:43:80:8b:4a:e0:92:
                    98:31:77:6a:63:d0:65:75:70:a5:a8:78:a9:5c:33:
                    50:ac:53:54:9a:14:68:b0:60:14:1b:6f:1a:80:f1:
                    11:48:11:d9:1a:bc:88:c4:46:d9:53:f5:b0:04:17:
                    1c:5d:79:eb:6d:12:6e:c8:e4:48:a6:49:05:8b:b7:
                    13:b4:7d:24:81:0d:32:22:fb:96:82:44:ea:98:85:
                    d3:e1:17:cf:57:57:84:df:f6:1f:fc:8c:8d:9b:b2:
                    39:e7:ba:26:6a:61:4d:ad:ba:d6:85:a5:fb:d5:98:
                    9d:0d:0b:47:04:57:4a:c4:bb:48:c4:41:dd:d2:71:
                    66:7a:83:91:0a:ff:5f:d0:4e:7f:01:0c:43:7f:5a:
                    79:6a:cf:77:7c:aa:16:20:db:5e:ca:87:15:50:9c:
                    90:3e:65:d0:03:1e:1d:08:f6:e8:8f:08:2a:dc:87:
                    7c:d1:51:b9:92:43:96:62:f9:0f:6f:9d:b9:ba:7f:
                    05:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:47:9D:59:EE:C8:26:BA:13:90:E0:4F:05:4A:BD:0A:00:2A:F9:F2
            X509v3 Authority Key Identifier:
                keyid:90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:1d:23:2f:67:ce:f1:92:6b:e3:0d:1a:cd:80:c7:e3:65:cf:
         e1:cc:e1:04:12:b7:16:a8:8f:d0:21:fb:11:8d:e4:55:4e:92:
         13:bb:1f:a9:e6:e9:6e:74:09:12:4c:7b:e4:33:74:ca:ee:5f:
         66:23:db:e9:e6:7f:28:1f:35:9f:51:b1:c9:31:0a:0d:a0:7b:
         c9:74:01:f9:2e:1a:dd:84:4f:d7:f1:98:d9:2f:ec:36:44:04:
         f3:e3:74:97:31:68:60:84:13:2d:14:b9:63:db:de:3e:35:dc:
         af:a0:05:87:79:82:55:ed:da:d1:80:92:67:e1:4e:3a:a3:dc:
         68:99:2d:1d:a6:4c:c5:86:a0:c0:6c:d5:65:e2:20:54:35:4f:
         ee:2f:7d:3f:c5:97:b5:4b:63:63:dd:91:ba:71:17:7a:06:2b:
         5e:2c:ef:44:f6:95:09:12:a4:c6:6e:99:ae:1c:71:1f:56:d7:
         b3:20:c9:e4:9e:12:68:23:86:4a:79:4f:8a:d8:9d:ca:e8:e0:
         c0:86:c4:82:a3:6b:53:f7:f7:57:3b:ea:9a:a5:c4:44:d1:fe:
         48:8d:4c:c2:d2:7a:65:69:44:b7:8e:f0:48:45:51:75:19:a2:
         c2:b1:27:46:bd:8e:a2:84:da:15:c2:a9:6e:be:05:7e:5e:ec:
         40:73:62:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+0eNFlPvTY4UhvXhBlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjU5MjhjNzUyYWQ5YTA4Y2ZlYjFiODhmNDYzYzNjMGRk
MmU4NWQwHhcNMjUxMTExMDcwMTEwWhcNMjUxMTEyMDcwMTEwWjAzMTEwLwYDVQQD
Eyg5NDQ3OWQ1OWVlYzgyNmJhMTM5MGUwNGYwNTRhYmQwYTAwMmFmOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rexYA1fAtFwD61fbnL/GlgrvJw2
YdVl7wC0AXgE+y7jh8zmn73T3CEV0mLGqjBhXVHtfW/OpJn22LpY4bq/L6HzZ/JD
gItK4JKYMXdqY9BldXClqHipXDNQrFNUmhRosGAUG28agPERSBHZGryIxEbZU/Ww
BBccXXnrbRJuyORIpkkFi7cTtH0kgQ0yIvuWgkTqmIXT4RfPV1eE3/Yf/IyNm7I5
57omamFNrbrWhaX71ZidDQtHBFdKxLtIxEHd0nFmeoORCv9f0E5/AQxDf1p5as93
fKoWINteyocVUJyQPmXQAx4dCPbojwgq3Id80VG5kkOWYvkPb525un8FhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJRHnVnuyCa6E5DgTwVKvQoAKvnyMB8GA1UdIwQY
MBaAFJD1kox1KtmgjP6xuI9GPDwN0uhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYt
MDRhNmNkODE2YTAzLzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYtMDRhNmNkODE2YTAz
LzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjx0jL2fO
8ZJr4w0azYDH42XP4czhBBK3FqiP0CH7EY3kVU6SE7sfqebpbnQJEkx75DN0yu5f
ZiPb6eZ/KB81n1GxyTEKDaB7yXQB+S4a3YRP1/GY2S/sNkQE8+N0lzFoYIQTLRS5
Y9vePjXcr6AFh3mCVe3a0YCSZ+FOOqPcaJktHaZMxYagwGzVZeIgVDVP7i99P8WX
tUtjY92RunEXegYrXizvRPaVCRKkxm6ZrhxxH1bXsyDJ5J4SaCOGSnlPitidyujg
wIbEgqNrU/f3VzvqmqXERNH+SI1MwtJ6ZWlEt47wSEVRdRmiwrEnRr2OooTaFcKp
br4Ffl7sQHNibw==
-----END CERTIFICATE-----