Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
File:                     KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json)
Hash identifier:          t/bqUHXltCsPblg990IUg0QX3vDAxkGKTmaU6OgZtUk=
Subject key identifier:   B7:F9:2E:36:3E:75:73:88:EB:61:59:00:0F:75:FC:D6:29:AC:41:3A
Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0
Certificate issuer:       /CN=2a6534aac9442a394d139a1a8303dc04959c1da0
Certificate serial:       019A4EF589316D79AA171061D35400459E1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
Manifest number:          1021
Signing time:             Tue 04 Nov 2025 13:01:45 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:45 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:45 +0000
Files and hashes:         1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: yqPbH+oJx57Tr2rdp/qurADpqDhBXaCdoA5mi/KNS30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:89:31:6d:79:aa:17:10:61:d3:54:00:45:9e:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0
        Validity
            Not Before: Nov  4 13:01:45 2025 GMT
            Not After : Nov  5 13:01:45 2025 GMT
        Subject: CN=b7f92e363e757388eb6159000f75fcd629ac413a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a1:69:8f:a9:26:df:57:e7:02:e0:70:75:58:
                    0d:3f:c7:28:bf:5d:89:6f:4c:6f:a2:c7:1c:e8:64:
                    9c:f5:4f:6c:4f:46:c6:b6:13:29:d7:c0:ef:0b:16:
                    69:9e:d4:4a:c5:76:0a:44:af:f0:35:60:07:ad:31:
                    81:d0:2a:88:fb:aa:82:20:c2:a7:90:2b:c0:22:cb:
                    0e:44:2d:52:a3:a4:a6:46:a9:ab:4a:66:41:6a:cc:
                    d4:c3:dc:51:4a:71:26:8a:8d:af:80:83:d1:09:99:
                    3f:3a:80:c7:74:43:01:c7:b0:47:5c:d5:2d:a6:47:
                    18:95:33:c3:4a:00:7c:2b:79:c9:ea:1f:a4:35:d0:
                    70:52:1f:ea:f8:51:a7:c8:a8:c8:92:65:dc:24:4c:
                    6e:9d:3e:46:0c:b7:23:2f:cb:ce:2c:76:22:e2:10:
                    45:14:a4:2b:45:8d:7e:16:4b:78:55:16:67:47:8c:
                    c8:74:35:f8:b6:bf:d3:86:4c:b9:78:c0:3a:e3:24:
                    5d:da:52:f7:48:13:76:05:0c:05:39:6e:88:6c:ca:
                    50:b7:df:da:6b:31:ee:1b:01:af:e4:39:bc:58:5c:
                    0b:dd:f2:37:5e:9e:45:19:93:ba:64:b6:03:a2:80:
                    be:dc:64:b7:fb:1d:09:01:cc:3f:40:d3:f2:d5:9e:
                    af:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:F9:2E:36:3E:75:73:88:EB:61:59:00:0F:75:FC:D6:29:AC:41:3A
            X509v3 Authority Key Identifier:
                keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:95:1d:6d:88:b8:e1:60:8e:90:89:5a:7f:7b:37:89:7f:eb:
         8a:51:80:b8:56:ff:8b:af:81:00:27:4d:bd:9c:85:f2:c3:de:
         2d:4d:eb:41:18:44:40:0b:e7:7b:fb:06:eb:c5:44:bf:6d:8d:
         96:e5:ad:52:3a:a6:08:57:6d:b5:4b:6b:b8:db:81:c8:25:fb:
         2e:d5:fe:23:63:8b:9d:43:51:99:e8:a4:39:68:dd:49:22:33:
         15:78:8d:fa:92:a9:d8:2a:17:98:63:34:70:1c:c5:ce:ef:46:
         a7:8c:ac:92:2a:93:b8:fd:bd:b6:62:1a:5b:6a:6b:b2:b9:b1:
         37:20:a0:89:08:ec:f2:48:fb:ca:30:b2:87:79:4b:b4:91:8f:
         9d:8b:a2:9e:ae:ea:d7:3d:a2:36:89:c7:98:7a:b6:bf:f9:65:
         a2:66:14:9b:33:62:6d:09:bf:3e:f5:4c:81:b5:0e:be:e3:fb:
         8e:d8:f4:e5:65:94:5f:80:da:13:f7:5c:6b:da:cd:89:9e:f6:
         b6:0b:a4:b3:c8:ad:cc:ca:25:c0:99:8c:5d:89:37:0e:e0:4e:
         12:5b:59:46:86:03:1c:53:6c:0e:63:4a:79:88:50:d6:28:85:
         67:25:66:c6:de:96:87:cb:e4:ac:3a:d5:b1:ea:aa:3e:8c:b5:
         23:48:af:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9YkxbXmqFxBh01QARZ4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5
YzFkYTAwHhcNMjUxMTA0MTMwMTQ1WhcNMjUxMTA1MTMwMTQ1WjAzMTEwLwYDVQQD
EyhiN2Y5MmUzNjNlNzU3Mzg4ZWI2MTU5MDAwZjc1ZmNkNjI5YWM0MTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKFpj6km31fnAuBwdVgNP8cov12J
b0xvoscc6GSc9U9sT0bGthMp18DvCxZpntRKxXYKRK/wNWAHrTGB0CqI+6qCIMKn
kCvAIssORC1So6SmRqmrSmZBaszUw9xRSnEmio2vgIPRCZk/OoDHdEMBx7BHXNUt
pkcYlTPDSgB8K3nJ6h+kNdBwUh/q+FGnyKjIkmXcJExunT5GDLcjL8vOLHYi4hBF
FKQrRY1+Fkt4VRZnR4zIdDX4tr/Thky5eMA64yRd2lL3SBN2BQwFOW6IbMpQt9/a
azHuGwGv5Dm8WFwL3fI3Xp5FGZO6ZLYDooC+3GS3+x0JAcw/QNPy1Z6v5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLf5LjY+dXOI62FZAA91/NYprEE6MB8GA1UdIwQY
MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt
ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw
LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdJUdbYi4
4WCOkIlaf3s3iX/rilGAuFb/i6+BACdNvZyF8sPeLU3rQRhEQAvne/sG68VEv22N
luWtUjqmCFdttUtruNuByCX7LtX+I2OLnUNRmeikOWjdSSIzFXiN+pKp2CoXmGM0
cBzFzu9Gp4yskiqTuP29tmIaW2prsrmxNyCgiQjs8kj7yjCyh3lLtJGPnYuinq7q
1z2iNonHmHq2v/llomYUmzNibQm/PvVMgbUOvuP7jtj05WWUX4DaE/dca9rNiZ72
tguks8itzMolwJmMXYk3DuBOEltZRoYDHFNsDmNKeYhQ1iiFZyVmxt6Wh8vkrDrV
seqqPoy1I0ivdQ==
-----END CERTIFICATE-----