Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
File:                     KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json)
Hash identifier:          PoWpBdTl6PUCv11n+SdD7CmT7P3pZKBDkbVDYx6JUnw=
Subject key identifier:   99:A1:3C:36:E0:F0:46:71:70:14:5A:C4:1C:64:F3:3C:6F:4B:2B:85
Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D
Certificate issuer:       /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
Certificate serial:       019873E22C899B337951420F9620ED78FF37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
Manifest number:          0F3F
Signing time:             Mon 04 Aug 2025 07:00:59 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:59 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:59 +0000
Files and hashes:         1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: KVqHlWbq3FUaBLpOlwJdktayeF0D9yQKrzCvf0b4b6Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e2:2c:89:9b:33:79:51:42:0f:96:20:ed:78:ff:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
        Validity
            Not Before: Aug  4 07:00:59 2025 GMT
            Not After : Aug  5 07:00:59 2025 GMT
        Subject: CN=99a13c36e0f0467170145ac41c64f33c6f4b2b85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:89:1d:72:ac:ff:7e:84:01:ad:af:32:08:76:
                    45:d1:06:d7:a8:ea:dd:06:ba:67:11:91:92:c2:b2:
                    c0:6d:b1:b5:ba:ea:d2:ae:4a:28:d3:53:82:40:50:
                    73:9a:3e:5f:0f:ec:34:da:ff:ec:b1:07:19:43:95:
                    f6:47:fe:ac:a9:be:33:7c:00:43:28:26:99:06:06:
                    97:a5:b8:29:5c:3d:b2:a4:d9:ec:4b:d1:64:e7:63:
                    e6:29:98:3b:83:24:81:50:fb:5c:89:76:d3:d5:18:
                    78:bc:e1:94:9e:8b:26:43:2a:dc:d5:e5:b7:99:49:
                    8f:ca:a4:67:b8:1e:91:64:71:9d:bb:81:69:5c:90:
                    23:3e:43:17:ca:a7:23:9e:6b:31:15:c1:94:d9:3a:
                    18:27:f4:1f:42:ad:31:30:2e:ce:86:4d:62:05:46:
                    6b:81:53:b4:6b:9f:1e:45:e1:d6:09:31:96:63:bb:
                    b0:64:17:c7:73:56:4e:b3:80:12:6b:29:a2:be:79:
                    6b:1a:0d:75:68:0c:b8:bd:e5:78:af:12:77:9e:76:
                    12:33:0d:6f:c7:82:20:2c:6a:57:a3:21:19:f2:ec:
                    4b:3f:c7:7a:57:e5:d5:fd:ed:03:2a:06:30:cc:40:
                    ed:31:37:6a:03:bc:99:5e:26:61:11:e1:4a:04:32:
                    0b:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A1:3C:36:E0:F0:46:71:70:14:5A:C4:1C:64:F3:3C:6F:4B:2B:85
            X509v3 Authority Key Identifier:
                keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:25:44:1a:23:15:a0:7d:18:6a:00:ce:31:d9:ec:01:6b:00:
         66:d5:2c:cf:4f:44:00:9f:e0:49:36:4b:85:d1:d0:c8:42:ce:
         06:a2:2d:66:52:20:0b:22:5e:f0:c6:fd:ad:51:69:a3:41:63:
         cf:99:ee:b5:6c:8d:4a:b5:05:2c:dd:03:43:fd:52:8d:e5:1f:
         38:aa:ed:8a:ff:67:b0:c2:ec:4d:d8:ea:40:ef:a8:8b:c8:d2:
         ca:e1:29:a4:ad:a6:d0:31:19:39:a0:4b:cd:4f:39:70:bb:68:
         b7:6f:e1:d6:72:72:99:36:ce:9d:f8:f4:2a:e8:b8:2d:19:09:
         10:4b:82:53:f5:16:9a:97:e5:c2:d6:2d:cd:8c:5c:72:68:e1:
         f0:d5:6b:75:f2:a4:95:1f:bc:fa:8f:ee:34:e8:55:68:73:41:
         f9:d2:87:42:db:45:0f:0b:7f:fa:24:a1:d0:04:2a:a1:d0:a3:
         86:ae:b1:4f:9f:56:b7:cb:ee:a5:b4:7a:06:00:38:f1:f1:27:
         75:b4:94:d1:8c:25:83:ef:6c:6e:94:78:ee:44:55:38:95:ce:
         76:12:b3:06:55:c1:71:08:24:4e:ac:7d:de:a4:88:0e:d2:36:
         59:bc:f7:f7:2b:bf:3a:12:17:a9:6f:af:48:36:69:41:51:5b:
         7f:bb:c6:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4iyJmzN5UUIPliDteP83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz
YWYyM2QwHhcNMjUwODA0MDcwMDU5WhcNMjUwODA1MDcwMDU5WjAzMTEwLwYDVQQD
Eyg5OWExM2MzNmUwZjA0NjcxNzAxNDVhYzQxYzY0ZjMzYzZmNGIyYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsokdcqz/foQBra8yCHZF0QbXqOrd
BrpnEZGSwrLAbbG1uurSrkoo01OCQFBzmj5fD+w02v/ssQcZQ5X2R/6sqb4zfABD
KCaZBgaXpbgpXD2ypNnsS9Fk52PmKZg7gySBUPtciXbT1Rh4vOGUnosmQyrc1eW3
mUmPyqRnuB6RZHGdu4FpXJAjPkMXyqcjnmsxFcGU2ToYJ/QfQq0xMC7Ohk1iBUZr
gVO0a58eReHWCTGWY7uwZBfHc1ZOs4ASaymivnlrGg11aAy4veV4rxJ3nnYSMw1v
x4IgLGpXoyEZ8uxLP8d6V+XV/e0DKgYwzEDtMTdqA7yZXiZhEeFKBDIL8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmhPDbg8EZxcBRaxBxk8zxvSyuFMB8GA1UdIwQY
MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct
ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh
LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALSVEGiMV
oH0YagDOMdnsAWsAZtUsz09EAJ/gSTZLhdHQyELOBqItZlIgCyJe8Mb9rVFpo0Fj
z5nutWyNSrUFLN0DQ/1SjeUfOKrtiv9nsMLsTdjqQO+oi8jSyuEppK2m0DEZOaBL
zU85cLtot2/h1nJymTbOnfj0Kui4LRkJEEuCU/UWmpflwtYtzYxccmjh8NVrdfKk
lR+8+o/uNOhVaHNB+dKHQttFDwt/+iSh0AQqodCjhq6xT59Wt8vupbR6BgA48fEn
dbSU0Ywlg+9sbpR47kRVOJXOdhKzBlXBcQgkTqx93qSIDtI2Wbz39yu/OhIXqW+v
SDZpQVFbf7vGFg==
-----END CERTIFICATE-----