Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
File:                     kyZYOBNEfHvd61oBwydNjkHDAaI.mft (raw, json)
Hash identifier:          moT456DztBdMzbqB6raSC5DK5F9xkUkd8q8ljQyRRhk=
Subject key identifier:   4D:B9:00:30:AC:80:A1:58:A8:82:1B:57:5B:D1:82:78:BD:3E:66:F6
Authority key identifier: 93:26:58:38:13:44:7C:7B:DD:EB:5A:01:C3:27:4D:8E:41:C3:01:A2
Certificate issuer:       /CN=9326583813447c7bddeb5a01c3274d8e41c301a2
Certificate serial:       019A533EE29B871C37B1D0BAF2CEE9E63E7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
Manifest number:          11D6
Signing time:             Wed 05 Nov 2025 09:00:21 +0000
Manifest this update:     Wed 05 Nov 2025 09:00:21 +0000
Manifest next update:     Thu 06 Nov 2025 09:00:21 +0000
Files and hashes:         1: kyZYOBNEfHvd61oBwydNjkHDAaI.crl (hash: 2AdinAirCo0V9wbVCiYK5KUiBGA/GmVGq8H7qiy7ZTs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 09:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:3e:e2:9b:87:1c:37:b1:d0:ba:f2:ce:e9:e6:3e:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9326583813447c7bddeb5a01c3274d8e41c301a2
        Validity
            Not Before: Nov  5 09:00:21 2025 GMT
            Not After : Nov  6 09:00:21 2025 GMT
        Subject: CN=4db90030ac80a158a8821b575bd18278bd3e66f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:04:6b:50:82:a2:f5:55:0f:8f:e0:8a:6c:de:
                    26:9d:0b:ee:89:73:44:6f:0f:14:01:d9:e6:79:40:
                    5f:9b:3d:42:3e:b8:9e:b3:f3:05:b9:67:07:7f:bf:
                    7b:5f:10:76:d0:5d:ea:58:e2:03:9d:0f:bd:2f:f8:
                    68:86:83:da:91:ef:9b:69:c6:53:bb:55:64:a9:0b:
                    ef:03:1a:ed:30:c5:a7:d7:d6:b8:61:6b:47:76:0d:
                    21:a1:f9:63:24:7f:10:49:71:af:55:7e:0f:d2:16:
                    ec:0f:79:68:54:00:67:25:4c:a0:6b:7d:0f:9b:a1:
                    c4:44:9c:d0:0e:5a:a6:5c:6f:72:92:5d:04:7b:b2:
                    99:28:bd:c9:70:d6:b1:8a:e3:7e:b0:c9:fd:0d:fa:
                    1d:37:5d:63:36:35:0a:d7:71:4c:46:4b:3e:a5:6e:
                    1b:e7:2e:c9:38:f8:02:60:0a:c3:13:63:25:44:4a:
                    c3:7b:2d:d7:c4:1a:bd:26:2b:1c:e7:71:f3:90:45:
                    67:22:24:e5:ad:97:6a:e3:b7:e7:18:e6:18:80:6f:
                    f2:e4:15:d4:e7:8d:56:ce:25:d3:63:ff:1f:8d:85:
                    79:b8:04:03:f3:15:0b:c9:54:e1:60:81:2f:f1:63:
                    d6:d2:c0:2a:19:23:ca:7b:cf:9e:9f:6b:b7:ae:30:
                    9d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:B9:00:30:AC:80:A1:58:A8:82:1B:57:5B:D1:82:78:BD:3E:66:F6
            X509v3 Authority Key Identifier:
                keyid:93:26:58:38:13:44:7C:7B:DD:EB:5A:01:C3:27:4D:8E:41:C3:01:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:5d:95:62:9d:8b:a5:42:91:0d:7a:d4:51:fa:dc:83:7c:e7:
         25:40:14:39:34:0a:0b:6d:de:7d:2d:4c:63:e3:88:c5:69:ec:
         26:d9:48:8d:fe:50:67:fa:5e:32:c4:96:a1:de:57:06:ce:89:
         60:36:7e:8e:d0:6f:d3:94:72:bb:d2:00:c7:cf:e5:60:2a:06:
         df:fd:e3:52:55:c9:e2:88:c5:d6:75:ff:ba:93:bc:3f:80:96:
         5e:0d:69:68:a8:88:d2:73:69:ef:fa:c5:3b:2e:9e:87:bc:e6:
         dc:e4:a6:90:e0:1b:26:4a:26:f0:f1:69:25:83:7e:a3:6b:d0:
         c7:c7:44:ca:4f:e0:69:d5:ca:ca:0b:e3:05:fd:a8:8b:24:c8:
         64:64:13:aa:a1:ae:a9:5d:fd:49:c7:4d:f1:44:a8:c5:8d:2a:
         97:24:31:f6:3f:b4:f1:69:63:20:47:be:69:05:d1:13:af:aa:
         39:fa:08:59:02:69:54:4c:a3:af:17:3e:b0:63:68:ff:6f:ae:
         53:a3:4e:39:6e:c8:0d:9f:e0:68:60:70:0a:8d:80:7f:07:14:
         35:7a:d5:10:f2:d5:dd:d6:c7:23:62:ed:48:ae:23:33:a7:c0:
         a8:fc:1b:6b:f8:2c:8f:fa:54:3f:51:d3:3f:e7:f5:53:55:47:
         b5:07:fd:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTPuKbhxw3sdC68s7p5j59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjY1ODM4MTM0NDdjN2JkZGViNWEwMWMzMjc0ZDhlNDFj
MzAxYTIwHhcNMjUxMTA1MDkwMDIxWhcNMjUxMTA2MDkwMDIxWjAzMTEwLwYDVQQD
Eyg0ZGI5MDAzMGFjODBhMTU4YTg4MjFiNTc1YmQxODI3OGJkM2U2NmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3QRrUIKi9VUPj+CKbN4mnQvuiXNE
bw8UAdnmeUBfmz1CPries/MFuWcHf797XxB20F3qWOIDnQ+9L/hohoPake+bacZT
u1VkqQvvAxrtMMWn19a4YWtHdg0hofljJH8QSXGvVX4P0hbsD3loVABnJUyga30P
m6HERJzQDlqmXG9ykl0Ee7KZKL3JcNaxiuN+sMn9DfodN11jNjUK13FMRks+pW4b
5y7JOPgCYArDE2MlRErDey3XxBq9Jisc53HzkEVnIiTlrZdq47fnGOYYgG/y5BXU
541WziXTY/8fjYV5uAQD8xULyVThYIEv8WPW0sAqGSPKe8+en2u3rjCdFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE25ADCsgKFYqIIbV1vRgni9Pmb2MB8GA1UdIwQY
MBaAFJMmWDgTRHx73etaAcMnTY5BwwGiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81ZGVjMDYtOGIxYi00Yzc2LWE1NGMt
NjliNGI0ZmI5ZDEyLzEva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81ZGVjMDYtOGIxYi00Yzc2LWE1NGMtNjliNGI0ZmI5ZDEy
LzEva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU12VYp2L
pUKRDXrUUfrcg3znJUAUOTQKC23efS1MY+OIxWnsJtlIjf5QZ/peMsSWod5XBs6J
YDZ+jtBv05Ryu9IAx8/lYCoG3/3jUlXJ4ojF1nX/upO8P4CWXg1paKiI0nNp7/rF
Oy6eh7zm3OSmkOAbJkom8PFpJYN+o2vQx8dEyk/gadXKygvjBf2oiyTIZGQTqqGu
qV39ScdN8USoxY0qlyQx9j+08WljIEe+aQXRE6+qOfoIWQJpVEyjrxc+sGNo/2+u
U6NOOW7IDZ/gaGBwCo2AfwcUNXrVEPLV3dbHI2LtSK4jM6fAqPwba/gsj/pUP1HT
P+f1U1VHtQf9lA==
-----END CERTIFICATE-----