Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          BQEMT1vGu5WRG1si5YBnRa0MeBMmnjBltWTRPtbuW88=
Subject key identifier:   A3:2A:67:6E:ED:9B:60:E8:56:11:41:3A:28:E5:2E:3D:BD:8E:6A:17
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       019A4F6278075F93E52FA1853C3867A7BF56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          13DF
Signing time:             Tue 04 Nov 2025 15:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 15:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 15:00:44 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: b+jWkRWhqI3vwWx0krIBup/Bq+yn2dZ2y0OpeNbNT+s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 15:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:78:07:5f:93:e5:2f:a1:85:3c:38:67:a7:bf:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Nov  4 15:00:44 2025 GMT
            Not After : Nov  5 15:00:44 2025 GMT
        Subject: CN=a32a676eed9b60e85611413a28e52e3dbd8e6a17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:c4:a7:ff:73:34:77:1f:47:0e:d1:d0:ee:07:
                    b5:a1:85:bc:5a:82:de:26:b5:8b:9c:8b:d1:37:35:
                    30:57:1d:7e:65:44:de:3b:88:77:28:b2:da:33:fa:
                    41:4f:e3:1c:dc:e6:f8:0e:05:92:bf:98:8d:9c:25:
                    cc:4a:1b:f7:83:82:7f:21:27:54:9b:5f:71:e3:c8:
                    0b:d0:15:1d:e7:71:72:30:a3:d1:1f:f0:93:7e:66:
                    8d:f6:09:32:24:78:ea:94:60:ae:bf:33:a4:39:fc:
                    62:ff:92:55:b1:63:bf:0c:d8:60:e1:0d:3d:23:4e:
                    89:7d:ae:5b:4c:95:b8:2e:08:31:0d:e8:36:79:b5:
                    bf:a3:00:f3:16:75:88:07:8c:a0:fe:00:74:49:1b:
                    62:07:09:b7:b7:5f:d9:5a:51:8d:37:91:8f:33:56:
                    94:bf:e9:ea:f1:38:68:7d:27:93:a2:8f:53:74:a6:
                    2f:e1:3f:a4:77:58:cc:74:ff:66:3c:1c:16:ec:c0:
                    e8:48:77:78:3d:e1:fb:71:b2:a4:91:d9:15:4b:60:
                    5e:7d:12:d2:9c:0a:95:52:07:c1:aa:8c:58:8e:15:
                    f6:41:0b:80:51:b0:e4:f1:ed:76:2a:32:32:ce:d8:
                    7a:bf:ac:c7:e9:6a:a1:03:70:7d:bc:4c:75:66:af:
                    5b:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:2A:67:6E:ED:9B:60:E8:56:11:41:3A:28:E5:2E:3D:BD:8E:6A:17
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:36:9d:ca:95:b3:e9:7a:19:11:49:95:ca:36:88:e1:02:8f:
         b0:c2:75:e1:99:a1:06:4f:41:5f:36:71:d5:c3:05:64:ae:33:
         bc:84:5c:44:f4:0f:43:cb:15:7f:13:f4:10:f8:c8:68:45:99:
         f0:10:47:18:b5:b9:76:14:6b:84:c6:1e:0d:6b:34:7b:6d:d2:
         2d:62:cf:c9:c5:61:fe:76:7d:51:93:73:8e:81:c2:57:a4:18:
         35:58:0e:bd:c3:f9:ab:54:ed:7f:d0:13:ea:a7:e9:fd:a7:1a:
         0c:7d:98:21:cd:86:cf:7b:94:93:08:d2:1d:4c:1d:6d:aa:aa:
         a3:3a:18:43:dd:6f:10:cb:4d:03:d1:d8:de:ac:37:73:bb:31:
         e0:b3:37:86:ab:5c:d2:7b:a6:db:14:73:4d:a2:e6:46:40:96:
         38:89:53:21:21:d3:c8:37:7b:77:99:2e:bb:45:e8:8d:e0:8d:
         ed:7c:64:6e:91:16:80:ab:dc:ed:7c:0f:a7:8c:7d:e4:ec:58:
         c0:52:c0:c8:bd:b6:ff:31:50:33:37:65:ee:b3:35:e3:1f:e1:
         f4:ca:00:9b:32:df:29:0d:9c:4e:da:55:30:b8:dc:78:75:69:
         8b:81:53:63:a4:2d:0f:05:b1:ca:db:e6:6c:5b:39:51:14:cd:
         1e:7f:07:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYngHX5PlL6GFPDhnp79WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjUxMTA0MTUwMDQ0WhcNMjUxMTA1MTUwMDQ0WjAzMTEwLwYDVQQD
EyhhMzJhNjc2ZWVkOWI2MGU4NTYxMTQxM2EyOGU1MmUzZGJkOGU2YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsSn/3M0dx9HDtHQ7ge1oYW8WoLe
JrWLnIvRNzUwVx1+ZUTeO4h3KLLaM/pBT+Mc3Ob4DgWSv5iNnCXMShv3g4J/ISdU
m19x48gL0BUd53FyMKPRH/CTfmaN9gkyJHjqlGCuvzOkOfxi/5JVsWO/DNhg4Q09
I06Jfa5bTJW4LggxDeg2ebW/owDzFnWIB4yg/gB0SRtiBwm3t1/ZWlGNN5GPM1aU
v+nq8ThofSeToo9TdKYv4T+kd1jMdP9mPBwW7MDoSHd4PeH7cbKkkdkVS2BefRLS
nAqVUgfBqoxYjhX2QQuAUbDk8e12KjIyzth6v6zH6WqhA3B9vEx1Zq9b6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMqZ27tm2DoVhFBOijlLj29jmoXMB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhjadypWz
6XoZEUmVyjaI4QKPsMJ14ZmhBk9BXzZx1cMFZK4zvIRcRPQPQ8sVfxP0EPjIaEWZ
8BBHGLW5dhRrhMYeDWs0e23SLWLPycVh/nZ9UZNzjoHCV6QYNVgOvcP5q1Ttf9AT
6qfp/acaDH2YIc2Gz3uUkwjSHUwdbaqqozoYQ91vEMtNA9HY3qw3c7sx4LM3hqtc
0num2xRzTaLmRkCWOIlTISHTyDd7d5kuu0XojeCN7XxkbpEWgKvc7XwPp4x95OxY
wFLAyL22/zFQMzdl7rM14x/h9MoAmzLfKQ2cTtpVMLjceHVpi4FTY6QtDwWxytvm
bFs5URTNHn8HIg==
-----END CERTIFICATE-----