Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
File:                     KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json)
Hash identifier:          HmPqYK4nrkZ8q639Y5wAYA8vaUbV/XXsNBIACdewcqQ=
Subject key identifier:   8E:87:0F:80:64:98:70:E3:13:58:B9:C6:B3:9A:B8:09:2A:A7:8D:74
Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1
Certificate issuer:       /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
Certificate serial:       019A503DF70092C6CB8B34FDBDA2BD687CA5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
Manifest number:          11E3
Signing time:             Tue 04 Nov 2025 19:00:29 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:29 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:29 +0000
Files and hashes:         1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: nvjfpUjwa1JMc5Ph0PXN4Oax1Rsd6NRQOWLWd9PwPEg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3d:f7:00:92:c6:cb:8b:34:fd:bd:a2:bd:68:7c:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
        Validity
            Not Before: Nov  4 19:00:29 2025 GMT
            Not After : Nov  5 19:00:29 2025 GMT
        Subject: CN=8e870f80649870e31358b9c6b39ab8092aa78d74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:27:d9:93:d5:f3:87:e2:43:75:4a:eb:70:06:
                    db:cb:f6:e4:94:b6:fc:fb:13:82:fb:cd:0e:a0:c7:
                    ff:d1:6a:30:71:21:fb:32:94:86:94:aa:94:a5:86:
                    39:88:0d:68:df:81:83:4a:94:be:ec:39:72:0f:58:
                    5f:62:47:46:b6:35:69:5b:8b:df:0a:a5:43:41:02:
                    f2:4d:59:62:32:cb:87:79:31:e4:d3:64:9a:d5:4e:
                    32:e4:07:90:bd:22:c0:dd:85:60:7d:74:60:7c:7a:
                    d5:bd:9c:f5:59:01:66:df:40:cd:73:36:e2:22:a7:
                    33:15:8c:37:1d:fe:c3:4b:7e:81:5d:49:52:fc:4b:
                    ad:93:7b:c3:71:63:63:f0:9e:4c:aa:1b:01:ed:af:
                    60:97:85:64:47:46:61:e3:29:6a:4d:4b:bb:0c:33:
                    a2:90:6e:ba:01:b8:ce:86:75:ea:28:ee:63:f0:96:
                    11:99:12:20:5e:53:b0:e8:7a:39:9b:04:87:d8:79:
                    a3:bb:ae:a3:b2:b1:10:08:09:0c:38:5f:1f:d1:d0:
                    4d:0d:4c:1a:08:77:18:fe:a3:b4:81:7f:55:8c:4c:
                    49:a1:6c:60:0e:04:ed:f1:e5:29:90:ad:8b:8d:3b:
                    6a:40:00:cd:9a:93:fd:9b:ba:05:c5:0f:cc:f8:88:
                    9d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:87:0F:80:64:98:70:E3:13:58:B9:C6:B3:9A:B8:09:2A:A7:8D:74
            X509v3 Authority Key Identifier:
                keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:89:fe:2c:3f:ec:94:05:f3:4e:19:f5:70:17:2c:34:c5:6c:
         af:27:2d:90:55:ab:2d:e7:4c:17:65:06:b3:56:eb:40:9c:74:
         c0:af:79:bd:8c:8c:da:6a:79:a1:ec:dc:dd:3f:a3:2a:71:17:
         61:f6:67:99:2d:69:c1:3a:95:a9:3e:f6:68:e9:79:41:a4:86:
         72:8d:10:80:b0:0a:4b:b4:2d:65:d7:48:be:93:9a:d1:33:5e:
         64:7a:53:da:e3:4e:00:af:16:e2:b7:e9:34:12:e7:13:ff:6d:
         a3:af:1a:ec:ca:d0:9a:13:65:af:e9:57:8b:6e:0f:9a:a2:85:
         8d:07:0c:18:21:96:1a:11:4c:fd:fe:7b:29:7b:ea:5c:37:01:
         38:89:64:84:4f:a8:92:34:3e:fa:72:a8:b9:b4:58:32:ad:66:
         3c:f6:9b:e5:1d:d8:65:55:ee:37:d2:b3:dc:47:58:29:2f:7e:
         eb:25:3f:45:77:70:4e:fe:12:4a:3f:16:0d:50:52:83:9b:f4:
         f7:8f:c1:ca:c9:e6:b1:3d:c7:91:e0:b2:0e:4c:0b:74:91:5f:
         5a:67:e0:a8:28:bd:28:2b:33:de:07:ef:ca:86:c0:5e:14:46:
         50:2d:21:a1:17:7b:19:d5:2c:fe:00:1d:f0:e2:c1:bb:09:63:
         d5:f2:20:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPfcAksbLizT9vaK9aHylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx
OGM4YjEwHhcNMjUxMTA0MTkwMDI5WhcNMjUxMTA1MTkwMDI5WjAzMTEwLwYDVQQD
Eyg4ZTg3MGY4MDY0OTg3MGUzMTM1OGI5YzZiMzlhYjgwOTJhYTc4ZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCfZk9Xzh+JDdUrrcAbby/bklLb8
+xOC+80OoMf/0WowcSH7MpSGlKqUpYY5iA1o34GDSpS+7DlyD1hfYkdGtjVpW4vf
CqVDQQLyTVliMsuHeTHk02Sa1U4y5AeQvSLA3YVgfXRgfHrVvZz1WQFm30DNczbi
IqczFYw3Hf7DS36BXUlS/Eutk3vDcWNj8J5MqhsB7a9gl4VkR0Zh4ylqTUu7DDOi
kG66AbjOhnXqKO5j8JYRmRIgXlOw6Ho5mwSH2Hmju66jsrEQCAkMOF8f0dBNDUwa
CHcY/qO0gX9VjExJoWxgDgTt8eUpkK2LjTtqQADNmpP9m7oFxQ/M+Iid3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6HD4BkmHDjE1i5xrOauAkqp410MB8GA1UdIwQY
MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt
N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk
LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaIn+LD/s
lAXzThn1cBcsNMVsryctkFWrLedMF2UGs1brQJx0wK95vYyM2mp5oezc3T+jKnEX
YfZnmS1pwTqVqT72aOl5QaSGco0QgLAKS7QtZddIvpOa0TNeZHpT2uNOAK8W4rfp
NBLnE/9to68a7MrQmhNlr+lXi24PmqKFjQcMGCGWGhFM/f57KXvqXDcBOIlkhE+o
kjQ++nKoubRYMq1mPPab5R3YZVXuN9Kz3EdYKS9+6yU/RXdwTv4SSj8WDVBSg5v0
94/BysnmsT3HkeCyDkwLdJFfWmfgqCi9KCsz3gfvyobAXhRGUC0hoRd7GdUs/gAd
8OLBuwlj1fIg7w==
-----END CERTIFICATE-----