Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          3paVv5EWce2z1DrkyMolLFWO0c5E23zYuuPaM3T4O4w=
Subject key identifier:   25:9E:0F:BC:2C:93:EB:98:1A:53:69:A2:77:69:3F:93:28:A5:76:C9
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       0198A04EAA863F158489476DC2A68521F6CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          0540
Signing time:             Tue 12 Aug 2025 22:02:46 +0000
Manifest this update:     Tue 12 Aug 2025 22:02:46 +0000
Manifest next update:     Wed 13 Aug 2025 22:02:46 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: +azcQxlYwWvrhcUM2W/SgoQOmP8fgqLLhH6nPgbnp8s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 Aug 2025 22:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:a0:4e:aa:86:3f:15:84:89:47:6d:c2:a6:85:21:f6:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Aug 12 22:02:46 2025 GMT
            Not After : Aug 13 22:02:46 2025 GMT
        Subject: CN=259e0fbc2c93eb981a5369a277693f9328a576c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:47:c0:e0:9d:f9:ed:74:a9:b4:d4:b5:5d:a0:
                    e0:c7:c8:3b:1e:dc:19:f7:42:86:c1:e9:02:e3:57:
                    1f:70:41:fe:4a:fb:f2:28:e7:24:7d:11:f6:f1:57:
                    75:46:c7:63:09:e3:dd:5a:5e:86:9a:f1:76:e9:3d:
                    de:86:3d:b1:d5:0c:3b:31:89:ec:b9:4c:42:6d:82:
                    64:4d:76:12:37:a8:a6:f0:f4:db:34:f5:3a:03:62:
                    a8:e8:81:43:02:57:dc:db:05:28:4e:66:9a:6b:08:
                    f9:52:b4:10:a3:e3:14:2a:39:69:d5:12:38:35:df:
                    81:e9:d4:84:79:88:18:b9:5b:77:2c:fe:a6:de:9e:
                    2e:c1:b5:11:57:42:a7:6d:f9:7e:f0:1d:63:4f:6f:
                    47:37:9f:cf:b1:1d:ff:5d:8f:d1:8c:60:a5:c2:9a:
                    da:9d:7e:12:24:a6:a8:15:5d:c9:b3:fb:d1:e1:45:
                    ff:fb:98:37:6a:73:e3:f2:81:54:62:c5:ad:b0:71:
                    dd:31:bd:c5:e6:ac:cb:97:1e:3f:be:bc:5b:2a:b7:
                    c4:03:52:5e:72:59:28:6b:32:71:96:3a:0b:2e:b9:
                    a1:bf:b6:bb:3f:26:15:5f:df:45:34:e1:d5:31:a6:
                    ce:72:1b:f7:43:17:75:d3:86:ca:de:f8:09:df:30:
                    88:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:9E:0F:BC:2C:93:EB:98:1A:53:69:A2:77:69:3F:93:28:A5:76:C9
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:77:2e:19:f7:66:02:4a:1f:d1:67:11:ca:72:7c:a9:39:bd:
         7d:c0:18:00:83:bd:bf:c8:ae:1a:58:c7:47:b0:d7:da:69:10:
         bd:cb:20:5a:24:e9:6b:3b:b2:2d:56:6d:c6:2e:36:62:a7:49:
         ac:eb:63:49:82:82:0c:b8:26:9c:24:56:42:53:b4:85:de:27:
         f6:2a:bb:a4:43:42:2e:33:0f:2f:eb:c1:7d:ba:34:10:6d:3a:
         c7:4c:15:0a:c5:bd:64:a1:6e:17:3e:16:24:af:7b:8d:46:ad:
         89:70:8f:70:a8:65:74:d1:b4:70:2b:e1:7d:98:28:c3:f4:18:
         8c:91:6a:7d:04:9e:6d:ca:9e:72:6f:19:a1:df:48:6c:f4:bb:
         82:99:fa:e3:21:a2:f9:2d:ab:95:81:07:ea:22:b0:1f:58:d4:
         c8:94:ed:69:76:96:3f:d4:27:be:8a:95:d3:9c:a6:19:44:8e:
         d6:a3:10:a0:4d:87:14:32:f0:d6:b4:41:49:b6:5b:46:06:1f:
         7f:c5:fd:87:34:87:7d:a3:e4:db:4e:a5:00:2d:3e:50:20:27:
         50:57:fc:77:21:8f:c3:61:95:99:3a:74:26:3d:dd:ae:59:bf:
         8d:e0:26:e7:45:48:18:a1:db:ae:fa:dc:6d:e5:f2:35:9f:a6:
         ee:cc:01:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZigTqqGPxWEiUdtwqaFIfbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjUwODEyMjIwMjQ2WhcNMjUwODEzMjIwMjQ2WjAzMTEwLwYDVQQD
EygyNTllMGZiYzJjOTNlYjk4MWE1MzY5YTI3NzY5M2Y5MzI4YTU3NmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UfA4J357XSptNS1XaDgx8g7HtwZ
90KGwekC41cfcEH+SvvyKOckfRH28Vd1RsdjCePdWl6GmvF26T3ehj2x1Qw7MYns
uUxCbYJkTXYSN6im8PTbNPU6A2Ko6IFDAlfc2wUoTmaaawj5UrQQo+MUKjlp1RI4
Nd+B6dSEeYgYuVt3LP6m3p4uwbURV0Knbfl+8B1jT29HN5/PsR3/XY/RjGClwpra
nX4SJKaoFV3Js/vR4UX/+5g3anPj8oFUYsWtsHHdMb3F5qzLlx4/vrxbKrfEA1Je
clkoazJxljoLLrmhv7a7PyYVX99FNOHVMabOchv3Qxd104bK3vgJ3zCIVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCWeD7wsk+uYGlNpondpP5MopXbJMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO3cuGfdm
Akof0WcRynJ8qTm9fcAYAIO9v8iuGljHR7DX2mkQvcsgWiTpazuyLVZtxi42YqdJ
rOtjSYKCDLgmnCRWQlO0hd4n9iq7pENCLjMPL+vBfbo0EG06x0wVCsW9ZKFuFz4W
JK97jUatiXCPcKhldNG0cCvhfZgow/QYjJFqfQSebcqecm8Zod9IbPS7gpn64yGi
+S2rlYEH6iKwH1jUyJTtaXaWP9QnvoqV05ymGUSO1qMQoE2HFDLw1rRBSbZbRgYf
f8X9hzSHfaPk206lAC0+UCAnUFf8dyGPw2GVmTp0Jj3drlm/jeAm50VIGKHbrvrc
beXyNZ+m7swBTA==
-----END CERTIFICATE-----