Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
File:                     KhQFaUht0XjbWDoKHklt8iMYXTU.mft (raw, json)
Hash identifier:          zSuMpUd4sEEco74u22bAa2rEhF2m7ZcmOfODX1atKow=
Subject key identifier:   E5:76:B7:5D:D6:77:C5:2C:D3:92:38:D5:17:68:A0:A7:30:C1:40:CB
Authority key identifier: 2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35
Certificate issuer:       /CN=2a140569486dd178db583a0a1e496df223185d35
Certificate serial:       0198744FA2158719ADC2D166C156EE12D54A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
Manifest number:          085D
Signing time:             Mon 04 Aug 2025 09:00:32 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:32 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:32 +0000
Files and hashes:         1: KhQFaUht0XjbWDoKHklt8iMYXTU.crl (hash: 5lTSPqMMqf4dTzMiMcfrSf41rfBJOg08FUXB3HWc4p4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:a2:15:87:19:ad:c2:d1:66:c1:56:ee:12:d5:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a140569486dd178db583a0a1e496df223185d35
        Validity
            Not Before: Aug  4 09:00:32 2025 GMT
            Not After : Aug  5 09:00:32 2025 GMT
        Subject: CN=e576b75dd677c52cd39238d51768a0a730c140cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:bc:a4:16:ad:7c:a0:98:79:2d:eb:4b:22:ed:
                    57:23:4f:7b:f7:7c:22:56:41:1d:30:0d:a3:2f:c4:
                    61:eb:34:ee:81:bc:4d:ee:6a:e6:02:c5:ee:e4:42:
                    b9:03:a8:f0:a0:ab:ca:bb:16:28:c9:ba:33:a7:b7:
                    2c:79:8a:30:95:8e:39:f9:03:a9:d6:da:37:2c:91:
                    6a:e2:0e:0d:3d:df:55:5b:82:fd:66:cf:25:08:ec:
                    7a:e6:4a:a2:c2:8e:c6:1c:54:44:b5:fe:bf:b9:a7:
                    85:8b:ca:ba:59:81:b1:2e:7b:70:f8:c3:64:28:e7:
                    77:46:44:26:ee:58:9a:19:9e:c3:58:62:7d:bc:64:
                    01:39:96:f9:9f:b4:0f:94:39:8b:49:c3:20:50:c2:
                    7e:2a:21:c8:6d:2a:f4:cf:d9:db:1b:49:60:4a:a3:
                    a3:44:a7:a9:b7:cd:2b:c6:8f:92:0b:83:1e:2f:69:
                    a5:45:ba:4d:23:7d:db:bd:9a:ea:98:32:0b:ed:ea:
                    a3:bd:e3:4c:e4:c4:d6:73:b1:78:2b:e6:92:aa:13:
                    a9:cc:ed:d3:35:a9:f4:00:1c:1c:23:f7:88:85:2e:
                    50:db:ab:c1:8a:a0:34:64:64:f9:27:ba:93:69:67:
                    a9:8b:f2:3f:38:6d:9f:7d:4d:a1:90:45:bc:9a:69:
                    8c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:76:B7:5D:D6:77:C5:2C:D3:92:38:D5:17:68:A0:A7:30:C1:40:CB
            X509v3 Authority Key Identifier:
                keyid:2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:39:2a:e2:db:62:88:6a:be:36:83:fc:17:98:73:1e:d3:29:
         40:87:20:29:a7:7b:de:83:8f:2c:47:c6:ef:3a:31:51:72:be:
         88:7c:45:85:f0:f5:ad:54:85:cd:9d:12:c8:28:3f:53:21:5b:
         9e:69:9d:41:a5:68:cf:ea:25:86:f9:db:5b:c0:ee:50:72:18:
         fc:29:ce:f1:43:37:f2:97:a9:f0:06:17:79:1e:0f:66:1d:32:
         87:53:a0:c8:1a:23:fb:c0:16:c7:ff:4b:55:1a:02:3e:7f:d0:
         d5:99:df:6f:a3:50:9f:e7:72:37:23:6e:11:53:ab:52:74:aa:
         fb:19:d7:b1:26:e2:2b:d1:6f:74:b0:6f:ea:88:fe:71:99:71:
         3b:cf:bf:a8:29:1d:45:84:9f:70:98:f4:7e:47:c5:ef:2b:ec:
         b9:33:3a:9b:2c:d3:cc:33:5a:9e:51:21:af:75:aa:5a:4d:54:
         73:61:bf:30:79:bc:f9:33:18:9e:d9:64:a9:74:fe:f0:e7:83:
         29:31:e5:26:7d:56:3a:c4:06:cc:85:95:f8:36:99:0e:1a:de:
         e3:b1:99:4c:be:22:88:33:77:fb:04:15:d8:51:3a:6f:dd:0b:
         7b:85:f3:50:c5:14:0d:fa:2a:18:bf:7c:dc:22:4a:e2:67:d4:
         7f:db:48:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T6IVhxmtwtFmwVbuEtVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTQwNTY5NDg2ZGQxNzhkYjU4M2EwYTFlNDk2ZGYyMjMx
ODVkMzUwHhcNMjUwODA0MDkwMDMyWhcNMjUwODA1MDkwMDMyWjAzMTEwLwYDVQQD
EyhlNTc2Yjc1ZGQ2NzdjNTJjZDM5MjM4ZDUxNzY4YTBhNzMwYzE0MGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbykFq18oJh5LetLIu1XI09793wi
VkEdMA2jL8Rh6zTugbxN7mrmAsXu5EK5A6jwoKvKuxYoybozp7cseYowlY45+QOp
1to3LJFq4g4NPd9VW4L9Zs8lCOx65kqiwo7GHFREtf6/uaeFi8q6WYGxLntw+MNk
KOd3RkQm7liaGZ7DWGJ9vGQBOZb5n7QPlDmLScMgUMJ+KiHIbSr0z9nbG0lgSqOj
RKept80rxo+SC4MeL2mlRbpNI33bvZrqmDIL7eqjveNM5MTWc7F4K+aSqhOpzO3T
Nan0ABwcI/eIhS5Q26vBiqA0ZGT5J7qTaWepi/I/OG2ffU2hkEW8mmmMqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOV2t13Wd8Us05I41RdooKcwwUDLMB8GA1UdIwQY
MBaAFCoUBWlIbdF421g6Ch5JbfIjGF01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2Yt
NTRiZDY0OWI0ODUyLzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2YtNTRiZDY0OWI0ODUy
LzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQjkq4tti
iGq+NoP8F5hzHtMpQIcgKad73oOPLEfG7zoxUXK+iHxFhfD1rVSFzZ0SyCg/UyFb
nmmdQaVoz+olhvnbW8DuUHIY/CnO8UM38pep8AYXeR4PZh0yh1OgyBoj+8AWx/9L
VRoCPn/Q1Znfb6NQn+dyNyNuEVOrUnSq+xnXsSbiK9FvdLBv6oj+cZlxO8+/qCkd
RYSfcJj0fkfF7yvsuTM6myzTzDNanlEhr3WqWk1Uc2G/MHm8+TMYntlkqXT+8OeD
KTHlJn1WOsQGzIWV+DaZDhre47GZTL4iiDN3+wQV2FE6b90Le4XzUMUUDfoqGL98
3CJK4mfUf9tIVA==
-----END CERTIFICATE-----