Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
File:                     kffw_3S3yfrqKXjtlehAmEkE3NY.mft (raw, json)
Hash identifier:          UAFw1g2AdP4DbLk48b651O/Sl7u6J+0Do8OldG0/JMI=
Subject key identifier:   13:AC:D2:24:4F:32:B5:5C:40:CB:A4:A6:6D:A1:52:03:C1:28:55:B1
Authority key identifier: 91:F7:F0:FF:74:B7:C9:FA:EA:29:78:ED:95:E8:40:98:49:04:DC:D6
Certificate issuer:       /CN=91f7f0ff74b7c9faea2978ed95e840984904dcd6
Certificate serial:       0198744FB58AA3410FD8396C7961F62FC6EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
Manifest number:          09D3
Signing time:             Mon 04 Aug 2025 09:00:37 +0000
Manifest this update:     Mon 04 Aug 2025 09:00:37 +0000
Manifest next update:     Tue 05 Aug 2025 09:00:37 +0000
Files and hashes:         1: kffw_3S3yfrqKXjtlehAmEkE3NY.crl (hash: 0BiadO2l8sPt6PikOGT9kd9c+WreOsqLUr/I7ps4uvo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:4f:b5:8a:a3:41:0f:d8:39:6c:79:61:f6:2f:c6:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f7f0ff74b7c9faea2978ed95e840984904dcd6
        Validity
            Not Before: Aug  4 09:00:37 2025 GMT
            Not After : Aug  5 09:00:37 2025 GMT
        Subject: CN=13acd2244f32b55c40cba4a66da15203c12855b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ba:54:29:5f:f3:58:8c:73:e4:26:6a:2b:da:
                    b0:7f:12:80:55:97:99:74:b7:48:93:ce:81:63:b8:
                    96:19:57:fb:03:de:74:e7:dc:f2:c5:1d:f6:08:05:
                    e2:6c:68:a2:4f:e0:f6:1c:cf:48:6a:d9:37:a1:09:
                    0e:4a:f2:3c:51:1e:f9:e4:0b:b1:15:a1:77:86:ae:
                    2e:8b:a6:19:f8:2f:63:9e:a5:d2:76:82:d5:06:5d:
                    2a:d0:cd:f5:b4:b6:d1:c2:67:db:b9:29:ef:aa:65:
                    1d:ff:07:4c:15:da:85:0d:cc:6a:2d:d6:ad:65:77:
                    c4:0f:3d:16:c3:30:b5:37:67:5b:86:85:c6:21:60:
                    94:de:b8:76:d1:48:e7:bc:d6:df:63:92:e7:77:5d:
                    62:b2:de:90:63:af:f5:4d:90:57:83:5a:d2:67:33:
                    4d:34:7e:13:20:ec:e9:6c:af:37:c7:55:11:36:be:
                    a2:45:8b:44:ce:c0:bf:9c:98:86:69:30:34:66:bd:
                    40:31:16:c5:76:18:ec:65:bf:5e:0d:c5:39:f8:61:
                    3c:ed:b5:a6:72:ce:4a:54:09:b1:19:68:b4:48:a7:
                    ed:6f:3d:c1:ec:be:fa:aa:61:e7:d5:e5:61:2a:90:
                    58:8c:f7:a5:53:43:e5:5e:d7:ab:8c:ef:69:d2:dd:
                    f4:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:AC:D2:24:4F:32:B5:5C:40:CB:A4:A6:6D:A1:52:03:C1:28:55:B1
            X509v3 Authority Key Identifier:
                keyid:91:F7:F0:FF:74:B7:C9:FA:EA:29:78:ED:95:E8:40:98:49:04:DC:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:d2:46:49:71:74:57:35:e3:6b:a2:3c:43:96:65:6a:e9:c4:
         b4:ab:3b:e1:cb:c8:80:16:31:20:d2:52:2e:97:df:9f:77:de:
         51:a5:84:d1:8e:6f:4f:25:04:0c:da:21:3f:1f:1e:d3:e3:04:
         93:a7:f7:31:ea:03:58:7b:5d:37:22:e9:de:37:3e:52:da:44:
         7f:61:d9:bb:8a:03:48:20:c0:6f:a3:48:fd:b8:c2:12:c1:53:
         58:5c:ae:86:45:12:34:7e:6b:85:a0:08:bc:50:f6:f2:ab:47:
         4e:b4:8e:45:bf:20:4a:44:ed:53:2f:74:9f:ea:c8:8e:49:a6:
         92:eb:b7:47:0e:06:99:1d:da:2d:e4:7b:60:1c:2a:0e:41:9a:
         48:e8:25:f5:99:88:4b:71:cf:a7:dd:5b:0c:de:65:d3:91:34:
         28:c6:58:7d:c6:9a:f8:c5:5a:e2:54:82:25:58:ce:62:ca:55:
         31:12:5c:aa:09:63:48:31:1d:48:89:bf:90:be:48:aa:78:cf:
         83:d9:0a:53:6e:85:67:77:38:37:32:38:69:1e:93:83:27:6c:
         42:53:82:26:8d:c4:a7:db:e1:88:a5:52:0d:07:38:05:13:74:
         d0:45:c7:47:36:bf:89:16:14:63:05:0b:9a:c8:9c:9a:32:0c:
         00:a1:3c:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0T7WKo0EP2DlseWH2L8bvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjdmMGZmNzRiN2M5ZmFlYTI5NzhlZDk1ZTg0MDk4NDkw
NGRjZDYwHhcNMjUwODA0MDkwMDM3WhcNMjUwODA1MDkwMDM3WjAzMTEwLwYDVQQD
EygxM2FjZDIyNDRmMzJiNTVjNDBjYmE0YTY2ZGExNTIwM2MxMjg1NWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrpUKV/zWIxz5CZqK9qwfxKAVZeZ
dLdIk86BY7iWGVf7A95059zyxR32CAXibGiiT+D2HM9Iatk3oQkOSvI8UR755Aux
FaF3hq4ui6YZ+C9jnqXSdoLVBl0q0M31tLbRwmfbuSnvqmUd/wdMFdqFDcxqLdat
ZXfEDz0WwzC1N2dbhoXGIWCU3rh20UjnvNbfY5Lnd11ist6QY6/1TZBXg1rSZzNN
NH4TIOzpbK83x1URNr6iRYtEzsC/nJiGaTA0Zr1AMRbFdhjsZb9eDcU5+GE87bWm
cs5KVAmxGWi0SKftbz3B7L76qmHn1eVhKpBYjPelU0PlXterjO9p0t303wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOs0iRPMrVcQMukpm2hUgPBKFWxMB8GA1UdIwQY
MBaAFJH38P90t8n66il47ZXoQJhJBNzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xNzRjM2UtZmE1Yi00OWQxLTlkMjEt
ZTJiZDJlNGM1MjMyLzEva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8xNzRjM2UtZmE1Yi00OWQxLTlkMjEtZTJiZDJlNGM1MjMy
LzEva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAddJGSXF0
VzXja6I8Q5ZlaunEtKs74cvIgBYxINJSLpffn3feUaWE0Y5vTyUEDNohPx8e0+ME
k6f3MeoDWHtdNyLp3jc+UtpEf2HZu4oDSCDAb6NI/bjCEsFTWFyuhkUSNH5rhaAI
vFD28qtHTrSORb8gSkTtUy90n+rIjkmmkuu3Rw4GmR3aLeR7YBwqDkGaSOgl9ZmI
S3HPp91bDN5l05E0KMZYfcaa+MVa4lSCJVjOYspVMRJcqgljSDEdSIm/kL5IqnjP
g9kKU26FZ3c4NzI4aR6TgydsQlOCJo3Ep9vhiKVSDQc4BRN00EXHRza/iRYUYwUL
msicmjIMAKE8Kw==
-----END CERTIFICATE-----