Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
File:                     KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft (raw, json)
Hash identifier:          kGhSScKjLBGfor6OYTcUZkRkRVmGKLtJzOJEnM3Pekw=
Subject key identifier:   9A:52:8C:93:33:53:1D:8B:BE:FD:C3:DA:16:28:79:4E:23:A0:FD:08
Authority key identifier: 28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6
Certificate issuer:       /CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
Certificate serial:       019A4E8685A704949D27787FE2738A646C9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
Manifest number:          0A9F
Signing time:             Tue 04 Nov 2025 11:00:30 +0000
Manifest this update:     Tue 04 Nov 2025 11:00:30 +0000
Manifest next update:     Wed 05 Nov 2025 11:00:30 +0000
Files and hashes:         1: KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl (hash: jrJ8POoRfd7KEb12t+crNJCf6WyRaGgsqMap+bOY/bg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:86:85:a7:04:94:9d:27:78:7f:e2:73:8a:64:6c:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
        Validity
            Not Before: Nov  4 11:00:30 2025 GMT
            Not After : Nov  5 11:00:30 2025 GMT
        Subject: CN=9a528c9333531d8bbefdc3da1628794e23a0fd08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d9:fe:5d:99:8b:60:f8:97:66:14:16:a8:9d:
                    a6:34:a2:9b:5e:ef:16:ee:6c:29:3c:79:48:20:22:
                    26:3a:1b:3d:7c:a6:51:65:88:8b:47:f4:91:ea:f5:
                    2f:e6:f5:b1:82:5c:e5:1f:75:86:56:e6:a2:79:12:
                    f8:e4:53:72:0c:cf:1e:31:c4:06:90:9c:c1:99:29:
                    fe:72:ac:c5:ee:54:ed:db:d5:4b:db:49:dc:8f:e8:
                    dc:b5:f6:45:16:2d:e5:61:dd:2e:d3:90:42:8e:ac:
                    51:bc:1f:4a:60:6f:23:38:6c:81:1c:b2:4f:37:e8:
                    4d:e5:61:c2:4f:06:98:40:c0:ff:f5:48:4a:21:9d:
                    bc:3e:d9:52:a6:ca:ad:a1:49:56:79:26:36:cd:31:
                    21:85:31:6c:fc:58:c8:66:19:3d:41:30:41:2f:13:
                    f1:58:d0:60:b1:63:2d:d1:70:7c:73:8d:b2:3b:7c:
                    10:39:e6:d2:8b:36:ca:41:fa:6d:8c:51:b3:f3:40:
                    35:14:13:f7:4e:11:65:7e:ce:99:2c:74:ec:e9:e9:
                    51:9e:d4:ae:d8:84:d2:ee:a1:c7:48:6a:7a:a3:23:
                    2a:13:00:96:48:4a:d9:8a:de:18:75:25:a2:3b:e3:
                    ad:45:e9:cf:f0:e3:eb:5e:cb:d0:a3:cc:fe:bc:f6:
                    55:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:52:8C:93:33:53:1D:8B:BE:FD:C3:DA:16:28:79:4E:23:A0:FD:08
            X509v3 Authority Key Identifier:
                keyid:28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:9b:53:71:69:f6:8d:89:0d:69:39:6e:36:b2:21:8a:68:d1:
         d4:d3:bb:44:9b:b7:00:36:d2:af:f7:ac:e1:2b:fe:ed:5c:bd:
         a7:98:d9:c1:4a:c1:a6:20:66:c3:c4:00:6c:88:56:cb:dc:56:
         40:05:34:7e:7f:4d:06:8d:92:b3:8d:35:8e:78:c8:72:3c:69:
         51:fc:f2:bc:51:51:f2:8b:cc:ca:4f:a5:c4:9b:1f:0e:4d:5a:
         ed:32:a4:36:46:63:30:27:28:09:20:09:51:e9:16:68:60:47:
         59:d0:b2:c1:d1:85:ba:86:a0:60:f6:a8:a7:94:2b:00:90:6a:
         10:2b:c4:4f:b8:51:f7:72:4a:54:a8:ff:d0:0b:aa:df:3e:d2:
         02:ec:a2:8f:13:50:28:eb:c7:82:62:42:d9:ab:51:a1:73:c9:
         6a:6c:17:1c:5f:55:9b:6c:1a:a4:81:96:ba:79:4f:01:80:5c:
         d6:7b:66:38:8b:c4:1a:54:5f:25:6b:fe:8c:6e:df:6f:40:f2:
         6b:69:52:fb:cb:3d:57:d8:1c:dc:35:95:bd:c7:8e:1f:0e:46:
         29:8f:30:40:bf:38:bd:ea:92:e2:b5:5d:bb:5c:3a:5d:1a:49:
         7e:b0:c0:78:89:e0:2c:74:8e:85:c5:96:54:1f:f3:e8:57:00:
         f4:c8:7b:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhoWnBJSdJ3h/4nOKZGybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MWE3ZjA3YmU1YzMxMzhjYjQzYzJjMThiMjlhYTU0Njg1
NDRiYTYwHhcNMjUxMTA0MTEwMDMwWhcNMjUxMTA1MTEwMDMwWjAzMTEwLwYDVQQD
Eyg5YTUyOGM5MzMzNTMxZDhiYmVmZGMzZGExNjI4Nzk0ZTIzYTBmZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstn+XZmLYPiXZhQWqJ2mNKKbXu8W
7mwpPHlIICImOhs9fKZRZYiLR/SR6vUv5vWxglzlH3WGVuaieRL45FNyDM8eMcQG
kJzBmSn+cqzF7lTt29VL20ncj+jctfZFFi3lYd0u05BCjqxRvB9KYG8jOGyBHLJP
N+hN5WHCTwaYQMD/9UhKIZ28PtlSpsqtoUlWeSY2zTEhhTFs/FjIZhk9QTBBLxPx
WNBgsWMt0XB8c42yO3wQOebSizbKQfptjFGz80A1FBP3ThFlfs6ZLHTs6elRntSu
2ITS7qHHSGp6oyMqEwCWSErZit4YdSWiO+OtRenP8OPrXsvQo8z+vPZVHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpSjJMzUx2Lvv3D2hYoeU4joP0IMB8GA1UdIwQY
MBaAFCgafwe+XDE4y0PCwYspqlRoVEumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQt
NTJjY2Y2NWJkNjdiLzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQtNTJjY2Y2NWJkNjdi
LzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARptTcWn2
jYkNaTluNrIhimjR1NO7RJu3ADbSr/es4Sv+7Vy9p5jZwUrBpiBmw8QAbIhWy9xW
QAU0fn9NBo2Ss401jnjIcjxpUfzyvFFR8ovMyk+lxJsfDk1a7TKkNkZjMCcoCSAJ
UekWaGBHWdCywdGFuoagYPaop5QrAJBqECvET7hR93JKVKj/0Auq3z7SAuyijxNQ
KOvHgmJC2atRoXPJamwXHF9Vm2wapIGWunlPAYBc1ntmOIvEGlRfJWv+jG7fb0Dy
a2lS+8s9V9gc3DWVvceOHw5GKY8wQL84veqS4rVdu1w6XRpJfrDAeIngLHSOhcWW
VB/z6FcA9Mh7YQ==
-----END CERTIFICATE-----