Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          YUaF3b/qiJyt+qHnL3qknNs1IEYSJXShf6NvS6wnZ0A=
Subject key identifier:   2A:3D:D3:D4:C9:A3:97:B3:B8:8F:87:C6:E3:AB:33:AC:26:42:3C:B2
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       019A4DE1E11EBDA1AA5FCA258E8ADA546554
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          07F1
Signing time:             Tue 04 Nov 2025 08:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:39 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: eiIHMT8jcXWf3yqJyyVL/bWUUg63qi9vh+GZVNHU1mo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:e1:1e:bd:a1:aa:5f:ca:25:8e:8a:da:54:65:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Nov  4 08:00:39 2025 GMT
            Not After : Nov  5 08:00:39 2025 GMT
        Subject: CN=2a3dd3d4c9a397b3b88f87c6e3ab33ac26423cb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:7f:52:2a:17:79:37:a1:39:76:64:5c:0b:9c:
                    2e:29:c9:4f:08:88:9c:3b:c4:ac:9e:01:25:72:fd:
                    e3:8a:76:3b:c8:cb:93:06:84:2c:d2:02:cd:6f:9a:
                    4b:8b:95:44:57:9f:c8:63:97:d0:ec:68:51:12:5f:
                    6e:3c:7f:f3:d1:0b:cb:74:e9:02:df:9d:a6:b6:32:
                    30:29:1f:e4:dc:fa:fb:dd:32:4a:18:6a:39:62:9f:
                    1f:f8:34:c1:13:10:4f:a8:56:05:c5:80:71:28:40:
                    4d:08:ed:bd:4f:c8:18:3e:f6:85:95:78:cc:8b:10:
                    48:6e:72:e1:c2:13:1c:6b:cb:df:73:f2:38:9b:ea:
                    df:d9:a5:ec:d5:71:77:44:14:a9:96:46:d8:00:9f:
                    0a:5e:33:a1:c6:0a:a5:fe:cc:e9:f1:7b:79:67:40:
                    21:1c:53:71:56:7a:ce:29:ab:03:3c:f5:5b:bb:73:
                    fa:25:11:7b:b0:9c:a7:92:10:c3:38:2b:b3:90:5c:
                    47:ba:64:34:0b:e7:8b:57:24:5f:26:09:63:84:12:
                    64:c5:bf:1e:da:11:5a:ad:d9:56:f2:54:e8:0a:f8:
                    4a:da:98:65:f2:af:ee:fb:88:b1:de:25:f9:d8:a9:
                    ac:8b:a2:19:34:64:f8:ee:f0:85:e0:ea:0d:b0:d1:
                    0e:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:3D:D3:D4:C9:A3:97:B3:B8:8F:87:C6:E3:AB:33:AC:26:42:3C:B2
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:81:1c:83:c2:65:13:75:e9:8f:b4:1c:4d:ed:01:a3:f4:5e:
         1a:4d:e7:5f:50:b7:02:af:3c:08:0e:ed:cf:5b:c7:89:ae:87:
         62:45:a4:a3:51:18:a2:0a:f9:31:ba:66:76:86:7e:99:b4:06:
         84:21:80:ad:ae:a9:3b:86:a8:af:c9:74:64:d4:66:22:bc:6a:
         dd:08:40:4e:1a:87:31:5a:b8:ae:c7:58:48:9e:98:6e:3d:1b:
         5c:9d:e5:23:83:be:c6:36:78:59:82:f2:4a:74:ea:91:4c:74:
         94:40:ae:e6:a3:e0:f4:2a:4b:f8:1d:a3:0a:b5:30:16:3f:75:
         2f:3c:bc:c7:c2:21:13:5a:09:e0:8f:64:f3:2b:96:bf:ec:c7:
         10:4d:a6:6e:1b:51:54:d8:7e:e1:e7:5a:44:d4:b5:74:b3:1e:
         e6:67:f8:76:fe:86:4e:24:b4:c1:d5:16:35:e9:c7:4c:ca:05:
         a8:5b:7a:58:0e:50:84:13:c0:52:c5:19:c0:3c:b7:fe:fc:25:
         c9:40:fd:f2:7e:b3:d8:58:1f:6d:34:e6:00:19:c6:20:61:ac:
         60:9f:9a:c8:5e:b1:e6:48:8a:54:95:bc:d9:05:e4:3b:23:92:
         02:29:0d:3f:a3:56:e1:12:41:2d:88:ec:b8:dc:cc:09:e3:92:
         de:a6:3c:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4eEevaGqX8oljoraVGVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjUxMTA0MDgwMDM5WhcNMjUxMTA1MDgwMDM5WjAzMTEwLwYDVQQD
EygyYTNkZDNkNGM5YTM5N2IzYjg4Zjg3YzZlM2FiMzNhYzI2NDIzY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy39SKhd5N6E5dmRcC5wuKclPCIic
O8SsngElcv3jinY7yMuTBoQs0gLNb5pLi5VEV5/IY5fQ7GhREl9uPH/z0QvLdOkC
352mtjIwKR/k3Pr73TJKGGo5Yp8f+DTBExBPqFYFxYBxKEBNCO29T8gYPvaFlXjM
ixBIbnLhwhMca8vfc/I4m+rf2aXs1XF3RBSplkbYAJ8KXjOhxgql/szp8Xt5Z0Ah
HFNxVnrOKasDPPVbu3P6JRF7sJynkhDDOCuzkFxHumQ0C+eLVyRfJgljhBJkxb8e
2hFardlW8lToCvhK2phl8q/u+4ix3iX52Kmsi6IZNGT47vCF4OoNsNEOewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCo909TJo5ezuI+HxuOrM6wmQjyyMB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa4Ecg8Jl
E3Xpj7QcTe0Bo/ReGk3nX1C3Aq88CA7tz1vHia6HYkWko1EYogr5MbpmdoZ+mbQG
hCGAra6pO4aor8l0ZNRmIrxq3QhAThqHMVq4rsdYSJ6Ybj0bXJ3lI4O+xjZ4WYLy
SnTqkUx0lECu5qPg9CpL+B2jCrUwFj91Lzy8x8IhE1oJ4I9k8yuWv+zHEE2mbhtR
VNh+4edaRNS1dLMe5mf4dv6GTiS0wdUWNenHTMoFqFt6WA5QhBPAUsUZwDy3/vwl
yUD98n6z2FgfbTTmABnGIGGsYJ+ayF6x5kiKVJW82QXkOyOSAikNP6NW4RJBLYjs
uNzMCeOS3qY8wg==
-----END CERTIFICATE-----