Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
File:                     KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json)
Hash identifier:          X6aaJxsvkkigFdFX3vgZY2S3uKD4SZtDkFdSRy0aUgg=
Subject key identifier:   FA:F5:93:E1:66:E4:C5:2D:DB:7D:58:A3:19:2A:E3:38:7B:FD:F9:13
Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D
Certificate issuer:       /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
Certificate serial:       019A4EF41193F1E7A7B76C3AB55098484A7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
Manifest number:          1035
Signing time:             Tue 04 Nov 2025 13:00:09 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:09 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:09 +0000
Files and hashes:         1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: njJ0gu4Wiw+eeXjDq4LFEwor3jkYEWJqYRL3DnV8jCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:11:93:f1:e7:a7:b7:6c:3a:b5:50:98:48:4a:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d
        Validity
            Not Before: Nov  4 13:00:09 2025 GMT
            Not After : Nov  5 13:00:09 2025 GMT
        Subject: CN=faf593e166e4c52ddb7d58a3192ae3387bfdf913
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:2c:50:21:e9:43:91:ff:c6:b6:3b:05:da:cb:
                    21:3f:e8:b9:61:89:55:b1:a3:cc:97:e6:74:fd:8f:
                    e5:62:64:ea:01:fd:ce:85:e4:cc:b9:3a:8a:22:76:
                    58:12:7e:d3:6d:e6:f6:75:39:8a:cb:8d:9f:75:6a:
                    d5:f8:1d:02:c8:7b:1b:16:0b:5c:f3:5c:33:d3:9f:
                    1d:99:da:14:e5:c4:7b:cc:2d:fa:ae:6a:f7:fd:44:
                    9a:c2:e8:62:36:ab:74:e8:5e:c4:9c:31:91:49:e5:
                    6f:bf:db:6f:b8:68:95:08:47:f8:93:5a:5b:6d:ce:
                    a5:4d:1d:a2:e2:d4:de:70:54:17:3e:2e:48:72:20:
                    a4:62:75:77:9e:f6:ab:1d:ab:73:35:39:df:25:4a:
                    af:5c:01:1b:ce:10:23:15:17:9a:d9:85:04:4a:7b:
                    b5:0b:40:f2:06:7e:19:ea:28:7e:d3:9a:7c:e0:cd:
                    e0:49:ec:80:53:75:45:0e:38:77:aa:14:61:01:4e:
                    3f:51:4f:88:70:c1:5e:fd:96:40:8d:35:cc:63:42:
                    85:d8:f3:1d:27:b8:03:3c:9f:76:72:94:40:e7:29:
                    14:97:53:5a:8f:5d:41:e2:a3:c4:ba:bb:6f:df:c3:
                    c8:f1:17:44:42:f2:90:5d:ff:67:e4:ff:b8:8c:37:
                    a2:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:F5:93:E1:66:E4:C5:2D:DB:7D:58:A3:19:2A:E3:38:7B:FD:F9:13
            X509v3 Authority Key Identifier:
                keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:35:c3:1b:78:01:3e:7e:2d:62:a8:b3:58:0e:48:37:b7:45:
         eb:f9:d5:ff:1d:2e:c6:b3:35:97:ec:42:15:a1:12:63:64:d9:
         12:c9:5a:14:d5:63:18:02:be:76:32:d7:13:de:bc:b3:f9:39:
         f6:43:0e:6f:f8:c5:7a:48:c3:7b:be:d2:0c:cb:1d:7a:a4:ba:
         09:00:02:6f:1c:ce:26:46:1a:46:07:f8:15:8c:ac:70:1e:02:
         93:89:62:db:3b:4e:42:49:d2:16:a3:0a:c4:42:fa:86:dc:26:
         a6:00:3f:81:19:78:e1:44:8c:70:43:54:0a:e2:80:49:7f:1e:
         9a:a4:31:dc:16:ef:21:d2:f5:59:da:1c:53:be:ab:0d:d1:23:
         fa:1e:39:e9:eb:df:e9:2f:a2:ad:fe:69:6c:9c:d6:97:20:59:
         d3:77:9c:6b:e7:26:a8:f0:70:21:30:36:af:97:4d:74:a8:83:
         f0:68:3a:5f:0c:a8:e3:a6:81:9e:60:99:61:93:1b:7a:e5:dc:
         7d:38:3e:36:80:80:e4:e3:19:61:c6:83:20:2e:fd:fd:c2:6a:
         3f:da:20:2d:3a:63:dd:a7:bd:06:27:20:8a:fe:34:41:ae:48:
         af:87:38:51:23:cf:1d:67:28:14:5f:7b:21:bb:90:69:22:fb:
         4f:ff:39:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9BGT8eent2w6tVCYSEp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz
YWYyM2QwHhcNMjUxMTA0MTMwMDA5WhcNMjUxMTA1MTMwMDA5WjAzMTEwLwYDVQQD
EyhmYWY1OTNlMTY2ZTRjNTJkZGI3ZDU4YTMxOTJhZTMzODdiZmRmOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSxQIelDkf/GtjsF2sshP+i5YYlV
saPMl+Z0/Y/lYmTqAf3OheTMuTqKInZYEn7Tbeb2dTmKy42fdWrV+B0CyHsbFgtc
81wz058dmdoU5cR7zC36rmr3/USawuhiNqt06F7EnDGRSeVvv9tvuGiVCEf4k1pb
bc6lTR2i4tTecFQXPi5IciCkYnV3nvarHatzNTnfJUqvXAEbzhAjFRea2YUESnu1
C0DyBn4Z6ih+05p84M3gSeyAU3VFDjh3qhRhAU4/UU+IcMFe/ZZAjTXMY0KF2PMd
J7gDPJ92cpRA5ykUl1Naj11B4qPEurtv38PI8RdEQvKQXf9n5P+4jDeiaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPr1k+Fm5MUt231Yoxkq4zh7/fkTMB8GA1UdIwQY
MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct
ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh
LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACTXDG3gB
Pn4tYqizWA5IN7dF6/nV/x0uxrM1l+xCFaESY2TZEslaFNVjGAK+djLXE968s/k5
9kMOb/jFekjDe77SDMsdeqS6CQACbxzOJkYaRgf4FYyscB4Ck4li2ztOQknSFqMK
xEL6htwmpgA/gRl44USMcENUCuKASX8emqQx3BbvIdL1WdocU76rDdEj+h456evf
6S+irf5pbJzWlyBZ03eca+cmqPBwITA2r5dNdKiD8Gg6Xwyo46aBnmCZYZMbeuXc
fTg+NoCA5OMZYcaDIC79/cJqP9ogLTpj3ae9Bicgiv40Qa5Ir4c4USPPHWcoFF97
IbuQaSL7T/85sw==
-----END CERTIFICATE-----