Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
File:                     kyIxLx0huzs4bKOqlzrGzSVLcDk.mft (raw, json)
Hash identifier:          9BGh/AcpEItS8fCkv2X6omy7SKtcX8n/GGX2QLY7lR0=
Subject key identifier:   94:09:D6:81:E4:A6:B5:DF:68:18:91:C3:22:8B:F3:43:68:B5:19:5D
Authority key identifier: 93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39
Certificate issuer:       /CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
Certificate serial:       019A4DAAD3D8F26B8884D88F2644D2C33B9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 07:00:32 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:32 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:32 +0000
Files and hashes:         1: kyIxLx0huzs4bKOqlzrGzSVLcDk.crl (hash: 17Jw892HvfJaeuIOSsfiZVU4Xc9MEe1eZwSwWXINf6Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:aa:d3:d8:f2:6b:88:84:d8:8f:26:44:d2:c3:3b:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039
        Validity
            Not Before: Nov  4 07:00:32 2025 GMT
            Not After : Nov  5 07:00:32 2025 GMT
        Subject: CN=9409d681e4a6b5df681891c3228bf34368b5195d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:75:1a:f8:1f:55:b8:0c:fa:7a:1b:2b:d6:d9:
                    e2:26:4e:b5:6c:b1:7a:b4:00:5d:9c:fe:10:37:40:
                    f0:04:b0:fc:45:77:e3:58:44:27:84:de:86:c0:23:
                    83:b7:df:97:29:dc:7c:95:3a:ba:8f:70:1e:8d:6b:
                    57:7a:23:4e:d4:cc:75:02:a7:a7:12:df:31:a6:bb:
                    de:b8:93:0d:54:fa:55:c5:98:98:cf:1a:ac:b9:0d:
                    d6:62:45:ef:e1:93:6d:f9:1e:13:f2:bc:64:83:7b:
                    11:87:56:cc:85:b0:40:d6:65:c8:b3:8f:86:16:fd:
                    1a:f7:a6:8c:82:1a:ec:25:66:ac:18:9f:d6:32:dc:
                    be:e8:30:43:41:58:c5:66:24:55:6e:83:13:66:17:
                    ca:6b:dd:29:0f:30:71:e8:fc:95:b3:24:3c:9e:7d:
                    fa:36:69:58:0a:03:e1:b3:61:2e:14:70:ca:59:7a:
                    a4:de:22:1e:c4:18:e8:0b:30:17:1c:3d:5f:59:9f:
                    9d:da:49:72:7d:e3:30:69:44:6b:26:98:b1:c7:de:
                    6d:12:40:6f:e2:1c:7e:45:89:01:02:c8:d1:51:42:
                    64:ba:af:0f:29:47:d6:0b:1a:cc:e5:f7:ae:6f:a9:
                    35:f3:cc:17:d6:72:78:5c:05:62:33:f9:e1:96:8e:
                    e8:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:09:D6:81:E4:A6:B5:DF:68:18:91:C3:22:8B:F3:43:68:B5:19:5D
            X509v3 Authority Key Identifier:
                keyid:93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:ac:f0:44:72:b2:70:03:ca:7b:31:26:97:bb:09:0a:0c:39:
         5c:22:ac:e4:22:5b:c4:24:42:c9:a5:36:8f:0c:94:17:8e:0c:
         92:33:98:aa:0e:42:1b:54:de:82:b7:ad:a1:97:57:b2:79:e1:
         1b:ba:8a:ac:65:7c:56:94:2f:81:ad:34:2c:5f:e9:66:12:f7:
         a9:57:0d:d8:35:25:81:4a:0f:40:86:b3:2a:ec:ea:fb:c5:0d:
         4d:67:b0:1a:0d:e9:36:e4:ab:04:83:db:b8:90:c6:bf:23:9d:
         98:35:6e:bf:6e:50:7a:21:dd:7a:90:c9:b8:14:a8:69:74:89:
         40:56:74:2b:b5:36:9e:f6:14:1a:53:c6:fc:ad:38:af:80:e5:
         c3:26:48:3b:66:63:a9:7e:f4:09:12:03:0e:b0:85:c3:49:d9:
         4b:84:57:67:b1:93:07:6c:ae:44:c1:a9:a4:f8:9c:5e:6d:ab:
         d9:eb:38:e6:fe:f0:3e:1b:2b:23:54:d4:81:b3:da:59:79:aa:
         66:f0:02:0c:ea:a8:6a:1a:18:35:91:7c:20:5f:ba:4f:2e:c5:
         c4:43:2a:23:07:44:89:9f:df:b1:6a:6c:0a:4d:92:b2:20:91:
         61:65:77:27:92:4d:87:01:a1:26:ec:2f:f8:14:ce:14:2b:fc:
         f9:95:fb:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqtPY8muIhNiPJkTSwzubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjIzMTJmMWQyMWJiM2IzODZjYTNhYTk3M2FjNmNkMjU0
YjcwMzkwHhcNMjUxMTA0MDcwMDMyWhcNMjUxMTA1MDcwMDMyWjAzMTEwLwYDVQQD
Eyg5NDA5ZDY4MWU0YTZiNWRmNjgxODkxYzMyMjhiZjM0MzY4YjUxOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHUa+B9VuAz6ehsr1tniJk61bLF6
tABdnP4QN0DwBLD8RXfjWEQnhN6GwCODt9+XKdx8lTq6j3AejWtXeiNO1Mx1Aqen
Et8xprveuJMNVPpVxZiYzxqsuQ3WYkXv4ZNt+R4T8rxkg3sRh1bMhbBA1mXIs4+G
Fv0a96aMghrsJWasGJ/WMty+6DBDQVjFZiRVboMTZhfKa90pDzBx6PyVsyQ8nn36
NmlYCgPhs2EuFHDKWXqk3iIexBjoCzAXHD1fWZ+d2klyfeMwaURrJpixx95tEkBv
4hx+RYkBAsjRUUJkuq8PKUfWCxrM5feub6k188wX1nJ4XAViM/nhlo7ocQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQJ1oHkprXfaBiRwyKL80NotRldMB8GA1UdIwQY
MBaAFJMiMS8dIbs7OGyjqpc6xs0lS3A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMt
YzI2Nzc4MDliNGE3LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMtYzI2Nzc4MDliNGE3
LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZazwRHKy
cAPKezEml7sJCgw5XCKs5CJbxCRCyaU2jwyUF44MkjOYqg5CG1TegretoZdXsnnh
G7qKrGV8VpQvga00LF/pZhL3qVcN2DUlgUoPQIazKuzq+8UNTWewGg3pNuSrBIPb
uJDGvyOdmDVuv25QeiHdepDJuBSoaXSJQFZ0K7U2nvYUGlPG/K04r4DlwyZIO2Zj
qX70CRIDDrCFw0nZS4RXZ7GTB2yuRMGppPicXm2r2es45v7wPhsrI1TUgbPaWXmq
ZvACDOqoahoYNZF8IF+6Ty7FxEMqIwdEiZ/fsWpsCk2SsiCRYWV3J5JNhwGhJuwv
+BTOFCv8+ZX7UQ==
-----END CERTIFICATE-----