Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
File:                     KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json)
Hash identifier:          WpOyagmLnfvmtBb139Cmbsjgs84kM141VABHxcp/SSY=
Subject key identifier:   BA:01:FF:73:0D:35:C5:B4:B1:73:D4:A0:49:72:C5:D9:32:EA:2C:9C
Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1
Certificate issuer:       /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
Certificate serial:       0198733DCD3BCF224013BA3E49D1EAA5FDAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
Manifest number:          10EC
Signing time:             Mon 04 Aug 2025 04:01:26 +0000
Manifest this update:     Mon 04 Aug 2025 04:01:26 +0000
Manifest next update:     Tue 05 Aug 2025 04:01:26 +0000
Files and hashes:         1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: NAxSKkq+/L8I9prLXcZL1f5LYSuSwDwFc0qjLZH6kFk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:3d:cd:3b:cf:22:40:13:ba:3e:49:d1:ea:a5:fd:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
        Validity
            Not Before: Aug  4 04:01:26 2025 GMT
            Not After : Aug  5 04:01:26 2025 GMT
        Subject: CN=ba01ff730d35c5b4b173d4a04972c5d932ea2c9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:6e:87:2a:cd:11:21:f8:e8:96:50:f6:dc:72:
                    86:8b:e0:7a:05:c1:38:cd:34:36:18:ad:e6:06:03:
                    d1:5f:99:d8:cc:1e:5e:34:bc:44:c0:ff:d4:1c:2f:
                    bf:e9:74:54:3a:75:7f:31:b8:6c:b4:f1:24:38:6c:
                    79:ce:f6:c3:20:41:5c:aa:40:18:55:01:17:f7:a1:
                    2f:15:b6:d5:f0:f2:83:2e:e3:b8:5c:eb:75:ef:b0:
                    db:39:cc:fa:94:96:bf:2e:d6:26:b0:b9:80:19:37:
                    a0:e8:23:ba:db:90:d4:bb:20:2c:b1:d1:17:5d:af:
                    cf:8e:ac:36:8a:3e:3e:85:37:98:c8:e8:e7:2f:ea:
                    7d:1a:ee:ac:c5:e6:c5:d4:2a:53:9a:cb:8a:d7:c3:
                    f0:43:f8:9d:80:31:9f:70:58:07:1e:4f:97:99:d2:
                    f8:6a:eb:2f:8e:18:83:9e:75:4f:d3:e2:86:51:a9:
                    38:f6:b5:d8:43:a0:b4:31:80:1d:25:ba:f3:f0:a2:
                    70:0b:49:ed:a5:1b:e0:67:4a:dd:13:de:63:36:42:
                    c5:3e:09:d4:ac:7f:9d:01:33:f7:bc:71:a6:1d:19:
                    2a:f9:08:eb:d2:7d:9e:6a:f7:93:27:a2:d0:db:17:
                    53:a9:5e:7d:83:ba:8d:6b:13:57:80:39:4b:3b:39:
                    4f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:01:FF:73:0D:35:C5:B4:B1:73:D4:A0:49:72:C5:D9:32:EA:2C:9C
            X509v3 Authority Key Identifier:
                keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:ba:64:3a:f9:37:59:b7:f9:7c:bd:66:1c:4a:3c:67:b5:12:
         75:07:d3:7a:2d:78:9d:b7:5f:5f:1f:e7:02:10:36:58:0b:e2:
         75:64:ab:87:6f:de:4f:96:93:64:6a:d2:9f:6f:0e:f8:d0:47:
         7f:83:b3:d8:36:23:bb:71:55:69:26:1c:4a:7b:26:5d:15:aa:
         b9:7b:90:12:c3:dd:14:ae:85:13:3e:7a:87:5f:88:09:e8:ab:
         d4:26:9c:e5:45:b8:fb:82:d6:96:69:6a:b9:67:56:35:c7:cc:
         ff:d7:93:27:89:a1:6c:07:2f:ef:04:1d:6a:10:9b:bb:22:27:
         22:0e:07:75:f3:86:1c:24:91:51:98:d7:7b:cb:b4:4d:df:01:
         90:17:54:07:0e:07:75:9c:01:fc:22:df:51:29:b3:bc:eb:a7:
         1c:25:73:6a:53:78:93:e9:27:15:19:c1:2a:93:6b:20:35:18:
         0c:b6:44:d3:da:05:2d:b5:39:7c:36:64:49:f0:bf:cd:58:81:
         38:ae:cf:31:7d:3b:f8:ce:17:a9:e2:de:cf:1a:c7:22:bc:e2:
         c3:da:5f:df:91:28:81:e3:dc:3c:7b:cf:6d:df:7a:43:d4:fa:
         e7:f1:69:d2:45:97:af:eb:07:df:55:0a:01:77:6d:ce:da:f2:
         35:21:20:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzPc07zyJAE7o+SdHqpf2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx
OGM4YjEwHhcNMjUwODA0MDQwMTI2WhcNMjUwODA1MDQwMTI2WjAzMTEwLwYDVQQD
EyhiYTAxZmY3MzBkMzVjNWI0YjE3M2Q0YTA0OTcyYzVkOTMyZWEyYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm6HKs0RIfjollD23HKGi+B6BcE4
zTQ2GK3mBgPRX5nYzB5eNLxEwP/UHC+/6XRUOnV/MbhstPEkOGx5zvbDIEFcqkAY
VQEX96EvFbbV8PKDLuO4XOt177DbOcz6lJa/LtYmsLmAGTeg6CO625DUuyAssdEX
Xa/Pjqw2ij4+hTeYyOjnL+p9Gu6sxebF1CpTmsuK18PwQ/idgDGfcFgHHk+XmdL4
ausvjhiDnnVP0+KGUak49rXYQ6C0MYAdJbrz8KJwC0ntpRvgZ0rdE95jNkLFPgnU
rH+dATP3vHGmHRkq+Qjr0n2eaveTJ6LQ2xdTqV59g7qNaxNXgDlLOzlPDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLoB/3MNNcW0sXPUoElyxdky6iycMB8GA1UdIwQY
MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt
N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk
LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIbpkOvk3
Wbf5fL1mHEo8Z7USdQfTei14nbdfXx/nAhA2WAvidWSrh2/eT5aTZGrSn28O+NBH
f4Oz2DYju3FVaSYcSnsmXRWquXuQEsPdFK6FEz56h1+ICeir1Cac5UW4+4LWlmlq
uWdWNcfM/9eTJ4mhbAcv7wQdahCbuyInIg4HdfOGHCSRUZjXe8u0Td8BkBdUBw4H
dZwB/CLfUSmzvOunHCVzalN4k+knFRnBKpNrIDUYDLZE09oFLbU5fDZkSfC/zViB
OK7PMX07+M4XqeLezxrHIrziw9pf35EogePcPHvPbd96Q9T65/Fp0kWXr+sH31UK
AXdtztryNSEg6g==
-----END CERTIFICATE-----