Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          7A5WDoaBizf8DXg/lq2HDqGoolWbbKJDX8GhmVIqvMY=
Subject key identifier:   4D:BA:A3:12:DC:D4:85:0D:3D:9F:B3:5C:78:11:74:80:6B:5B:24:76
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       019A4D745EC5812165B77728C2A75FF2F18D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          031B
Signing time:             Tue 04 Nov 2025 06:01:03 +0000
Manifest this update:     Tue 04 Nov 2025 06:01:03 +0000
Manifest next update:     Wed 05 Nov 2025 06:01:03 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: J0/jyZHSgTyWLhXZr5ZICQ2tz1UW9LwDK652w0YPPBY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:5e:c5:81:21:65:b7:77:28:c2:a7:5f:f2:f1:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Nov  4 06:01:03 2025 GMT
            Not After : Nov  5 06:01:03 2025 GMT
        Subject: CN=4dbaa312dcd4850d3d9fb35c781174806b5b2476
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:85:7d:ae:67:76:72:bc:ec:4e:b8:a4:eb:5d:
                    cd:40:32:2e:48:d2:53:ef:43:01:9e:81:b7:b9:a5:
                    af:e8:5b:ea:24:36:cc:8d:70:88:ac:e5:0a:b7:87:
                    90:47:3a:25:55:67:67:e5:58:91:76:fc:e5:76:43:
                    a3:81:1a:46:64:2e:50:82:bc:97:cc:2a:a4:7c:88:
                    75:b3:68:c3:f9:3a:c4:a0:c1:eb:52:c9:d0:c0:3c:
                    94:0d:48:bf:2b:68:45:77:01:44:3a:5a:55:f3:43:
                    e7:02:2e:26:af:18:89:3c:75:3e:ad:5c:64:9e:c2:
                    66:70:2d:c6:ef:1d:b9:92:49:23:10:a1:72:95:ea:
                    bc:78:5a:09:65:f0:7a:b6:fb:3d:37:05:f0:b8:4c:
                    8e:49:b8:69:04:98:56:1d:37:27:a2:d9:f3:83:e1:
                    5d:81:ba:28:f9:d5:51:40:2e:98:66:65:b8:e0:25:
                    16:06:3c:98:8f:17:e1:ab:09:b8:04:f7:55:c8:d4:
                    24:97:7d:de:28:0e:b7:c1:39:ea:a3:65:00:36:90:
                    ba:ae:07:c4:57:10:1b:7e:3e:02:df:fa:33:8a:1d:
                    f3:1e:8b:0a:ba:d6:d8:21:5f:76:73:7b:9b:de:26:
                    f5:44:e2:9a:02:e8:30:70:36:70:ed:38:22:3d:05:
                    c3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:BA:A3:12:DC:D4:85:0D:3D:9F:B3:5C:78:11:74:80:6B:5B:24:76
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:1a:a1:e4:64:c0:c5:33:32:b3:82:b3:2b:9f:4c:85:32:ed:
         bf:8d:6e:06:81:3f:c5:09:5e:09:91:40:ec:c0:2d:ec:88:cd:
         6c:d6:c3:a9:cf:71:fb:a0:a2:d3:3d:f7:97:75:e7:3e:58:f7:
         04:fd:c5:10:7d:32:eb:f5:81:68:48:eb:16:2b:f8:78:64:45:
         00:24:18:1a:d6:a0:bb:3b:66:02:2c:63:11:46:bd:d7:72:e7:
         0f:33:2b:cc:04:6f:fb:cf:c1:9a:b8:90:87:37:89:ae:48:6e:
         b5:f2:f3:f7:fb:0c:b2:e2:62:80:7f:50:39:d8:c5:59:fd:9b:
         b9:38:49:c0:c8:6b:2b:f7:6a:65:a4:02:d0:dd:b6:10:b7:65:
         da:b0:03:d5:13:55:27:27:89:e5:f7:51:21:bf:75:54:a8:c7:
         87:1b:9b:4a:93:81:ae:92:ae:a1:ab:d2:5c:bd:18:c5:be:2b:
         fe:b2:6a:0e:e2:b7:81:ac:b1:1b:07:82:03:0e:e1:a8:f4:bf:
         c8:d7:64:6a:a9:34:32:43:aa:9a:2b:05:01:c4:91:0b:6b:06:
         cb:04:ef:c3:e3:ae:7c:0f:e1:f9:77:4d:ce:14:71:02:7b:b5:
         08:76:f9:8b:51:83:87:99:0a:76:a5:9c:8e:20:e7:15:3e:c1:
         a3:6f:ea:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdF7FgSFlt3cowqdf8vGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjUxMTA0MDYwMTAzWhcNMjUxMTA1MDYwMTAzWjAzMTEwLwYDVQQD
Eyg0ZGJhYTMxMmRjZDQ4NTBkM2Q5ZmIzNWM3ODExNzQ4MDZiNWIyNDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4V9rmd2crzsTrik613NQDIuSNJT
70MBnoG3uaWv6FvqJDbMjXCIrOUKt4eQRzolVWdn5ViRdvzldkOjgRpGZC5QgryX
zCqkfIh1s2jD+TrEoMHrUsnQwDyUDUi/K2hFdwFEOlpV80PnAi4mrxiJPHU+rVxk
nsJmcC3G7x25kkkjEKFyleq8eFoJZfB6tvs9NwXwuEyOSbhpBJhWHTcnotnzg+Fd
gboo+dVRQC6YZmW44CUWBjyYjxfhqwm4BPdVyNQkl33eKA63wTnqo2UANpC6rgfE
VxAbfj4C3/ozih3zHosKutbYIV92c3ub3ib1ROKaAugwcDZw7TgiPQXD1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE26oxLc1IUNPZ+zXHgRdIBrWyR2MB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhxqh5GTA
xTMys4KzK59MhTLtv41uBoE/xQleCZFA7MAt7IjNbNbDqc9x+6Ci0z33l3XnPlj3
BP3FEH0y6/WBaEjrFiv4eGRFACQYGtaguztmAixjEUa913LnDzMrzARv+8/BmriQ
hzeJrkhutfLz9/sMsuJigH9QOdjFWf2buThJwMhrK/dqZaQC0N22ELdl2rAD1RNV
JyeJ5fdRIb91VKjHhxubSpOBrpKuoavSXL0Yxb4r/rJqDuK3gayxGweCAw7hqPS/
yNdkaqk0MkOqmisFAcSRC2sGywTvw+OufA/h+XdNzhRxAnu1CHb5i1GDh5kKdqWc
jiDnFT7Bo2/qow==
-----END CERTIFICATE-----