Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          b4FPwDmnlJunQPw4fhGLIkP5GjdGE/UTxplNcl3/iQo=
Subject key identifier:   5B:10:77:73:26:F9:21:70:30:B8:6C:14:46:B1:F6:5F:4B:C9:5B:4A
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       019890DAAA00DA65011CEA0388D32C0BCBA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          1624
Signing time:             Sat 09 Aug 2025 22:01:46 +0000
Manifest this update:     Sat 09 Aug 2025 22:01:46 +0000
Manifest next update:     Sun 10 Aug 2025 22:01:46 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: 8H414+zwkEZzuFcXzZ4dEMeHtCQFwRUBfpj4YeRpgOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 22:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:90:da:aa:00:da:65:01:1c:ea:03:88:d3:2c:0b:cb:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: Aug  9 22:01:46 2025 GMT
            Not After : Aug 10 22:01:46 2025 GMT
        Subject: CN=5b10777326f9217030b86c1446b1f65f4bc95b4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:21:15:04:77:67:c0:a4:e1:4e:bb:06:fb:b5:
                    f6:6f:3d:a1:3a:82:01:26:6f:c4:6e:77:b6:ae:a7:
                    25:99:04:24:dc:01:ed:b6:41:e0:75:78:3b:63:aa:
                    55:28:73:59:fd:56:ad:c5:3e:00:d6:a6:87:f2:50:
                    18:ec:71:7e:c3:de:81:14:30:6b:3f:5b:8d:de:d1:
                    2e:91:a0:c4:0a:f4:7a:72:09:cd:dc:bd:d1:7f:e5:
                    aa:d9:c2:1f:f5:2b:f5:06:0f:ae:d2:83:0b:f5:cb:
                    0a:68:c8:05:5c:f4:39:63:9e:aa:b6:e4:c6:c6:b8:
                    9e:ed:76:22:f1:1c:e4:1b:81:a9:64:7e:54:f0:ee:
                    dd:b6:aa:23:45:c7:f8:d4:dd:5c:98:01:5a:75:85:
                    37:fe:13:dc:e7:c1:7c:07:be:d4:97:4d:56:a6:10:
                    b0:83:1a:91:a9:38:09:bb:14:1a:e6:84:bb:a4:59:
                    dd:00:f9:6f:b1:96:91:00:62:43:4c:f2:35:d3:85:
                    62:ef:3b:59:7f:41:97:d9:3d:dd:82:2a:75:b4:36:
                    21:a6:e9:2e:85:eb:84:a1:cc:94:47:a1:71:0f:27:
                    17:0e:60:1d:a9:bb:17:66:b7:be:fc:b3:22:e0:3f:
                    6a:38:76:4a:e9:46:d8:47:bf:94:38:58:92:da:2c:
                    22:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:10:77:73:26:F9:21:70:30:B8:6C:14:46:B1:F6:5F:4B:C9:5B:4A
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:0a:be:16:65:22:34:f2:27:5e:bc:ef:0b:76:51:4d:c4:4d:
         1b:21:98:e4:9d:f3:e2:bc:a7:7d:d8:67:46:a9:6f:1a:ed:30:
         be:ef:8c:57:20:6d:da:8e:5d:63:98:ad:33:44:d8:4c:1f:43:
         d9:7e:db:03:e9:cf:71:d6:26:4f:bb:ad:86:8b:52:93:05:31:
         84:74:cf:1d:69:8b:d5:af:c1:e3:c5:5c:1b:12:8d:4c:5e:2f:
         db:b1:79:f5:be:1e:1d:bd:9c:df:1f:3f:a9:48:e2:fa:d3:b9:
         2f:f3:ad:db:b9:14:eb:8f:e3:85:dc:83:e4:79:6b:dd:d8:48:
         13:44:51:2c:77:ea:74:dd:e5:4c:03:3e:44:a9:65:16:56:29:
         80:74:b6:4a:a2:fd:d6:b0:73:71:6d:14:34:72:e3:1f:05:3e:
         a9:e7:9c:34:dc:b5:30:be:19:56:64:54:ed:8f:dd:98:cf:f5:
         80:2a:b2:e0:2f:ae:65:91:96:20:be:40:f5:4a:14:20:98:a3:
         c3:e6:b8:e6:b5:de:2f:dd:0e:1a:f6:16:cb:b0:00:8a:89:9c:
         f1:eb:5e:45:fb:8d:8f:9b:5d:e5:ca:99:f9:5b:09:ac:0b:2b:
         b0:7d:94:88:9a:d3:3b:66:73:6f:76:00:4f:df:22:ca:a9:a3:
         c6:31:07:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiQ2qoA2mUBHOoDiNMsC8uiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjUwODA5MjIwMTQ2WhcNMjUwODEwMjIwMTQ2WjAzMTEwLwYDVQQD
Eyg1YjEwNzc3MzI2ZjkyMTcwMzBiODZjMTQ0NmIxZjY1ZjRiYzk1YjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiEVBHdnwKThTrsG+7X2bz2hOoIB
Jm/Ebne2rqclmQQk3AHttkHgdXg7Y6pVKHNZ/VatxT4A1qaH8lAY7HF+w96BFDBr
P1uN3tEukaDECvR6cgnN3L3Rf+Wq2cIf9Sv1Bg+u0oML9csKaMgFXPQ5Y56qtuTG
xrie7XYi8RzkG4GpZH5U8O7dtqojRcf41N1cmAFadYU3/hPc58F8B77Ul01WphCw
gxqRqTgJuxQa5oS7pFndAPlvsZaRAGJDTPI104Vi7ztZf0GX2T3dgip1tDYhpuku
heuEocyUR6FxDycXDmAdqbsXZre+/LMi4D9qOHZK6UbYR7+UOFiS2iwiqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsQd3Mm+SFwMLhsFEax9l9LyVtKMB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZAq+FmUi
NPInXrzvC3ZRTcRNGyGY5J3z4rynfdhnRqlvGu0wvu+MVyBt2o5dY5itM0TYTB9D
2X7bA+nPcdYmT7uthotSkwUxhHTPHWmL1a/B48VcGxKNTF4v27F59b4eHb2c3x8/
qUji+tO5L/Ot27kU64/jhdyD5Hlr3dhIE0RRLHfqdN3lTAM+RKllFlYpgHS2SqL9
1rBzcW0UNHLjHwU+qeecNNy1ML4ZVmRU7Y/dmM/1gCqy4C+uZZGWIL5A9UoUIJij
w+a45rXeL90OGvYWy7AAiomc8eteRfuNj5td5cqZ+VsJrAsrsH2UiJrTO2Zzb3YA
T98iyqmjxjEHkg==
-----END CERTIFICATE-----