Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
File:                     kpZChU_lYFL93BRr9y57xpSFC2M.mft (raw, json)
Hash identifier:          KRTakipuDxgiKxY3RUN0UWpm/nW0lg9opK0iynsk/EE=
Subject key identifier:   F2:24:2A:B5:FD:97:7E:48:F3:3E:3D:34:57:82:F0:1C:B9:38:9B:F7
Authority key identifier: 92:96:42:85:4F:E5:60:52:FD:DC:14:6B:F7:2E:7B:C6:94:85:0B:63
Certificate issuer:       /CN=929642854fe56052fddc146bf72e7bc694850b63
Certificate serial:       019875D216EBE2CD06727FC84F1A44C85B22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
Manifest number:          0701
Signing time:             Mon 04 Aug 2025 16:02:39 +0000
Manifest this update:     Mon 04 Aug 2025 16:02:39 +0000
Manifest next update:     Tue 05 Aug 2025 16:02:39 +0000
Files and hashes:         1: kpZChU_lYFL93BRr9y57xpSFC2M.crl (hash: mnYSR6bQIunSQDvOdWYejTgMM+BXkbe21Ct38u0Xbd4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 12:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:75:d2:16:eb:e2:cd:06:72:7f:c8:4f:1a:44:c8:5b:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=929642854fe56052fddc146bf72e7bc694850b63
        Validity
            Not Before: Aug  4 16:02:39 2025 GMT
            Not After : Aug  5 16:02:39 2025 GMT
        Subject: CN=f2242ab5fd977e48f33e3d345782f01cb9389bf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:fa:77:95:c9:aa:08:db:61:90:bd:9e:07:0c:
                    46:9c:9b:82:9b:93:06:b4:0a:ff:9b:e6:7c:58:01:
                    1b:eb:10:ea:5e:74:8c:09:2d:10:bd:b8:3a:b1:9d:
                    21:6e:52:d2:bb:97:05:6e:82:de:29:7a:6d:c0:62:
                    16:76:fc:7d:28:d5:c0:24:91:c1:8f:5d:a0:93:96:
                    31:31:2f:39:aa:1c:cc:09:3b:2d:9a:3f:35:70:34:
                    e9:17:a8:e8:19:89:de:fb:b1:98:e9:be:0d:b3:af:
                    71:68:0e:06:85:e0:46:a1:e5:43:2b:73:88:ed:fe:
                    de:02:3b:3c:23:08:91:b2:49:80:f4:67:81:30:82:
                    a6:75:4d:28:11:8c:c9:95:3b:44:10:49:9a:15:a1:
                    b9:94:d3:1c:bd:86:46:82:2d:b1:38:81:28:d7:fe:
                    b8:55:49:cb:0a:a2:62:6e:e8:91:4d:f9:d2:f5:d3:
                    d9:90:33:1b:04:bf:51:10:ad:ff:bf:72:de:27:77:
                    fa:ef:0f:86:bd:11:94:45:44:e5:d0:f0:7b:de:f7:
                    5b:43:02:1f:21:20:30:f9:da:ad:49:9f:29:91:d8:
                    2b:ba:54:78:c6:e1:10:f4:89:d4:a0:d8:dd:30:24:
                    79:7b:04:46:87:60:cd:d3:ac:9a:b9:40:29:6e:fe:
                    32:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:24:2A:B5:FD:97:7E:48:F3:3E:3D:34:57:82:F0:1C:B9:38:9B:F7
            X509v3 Authority Key Identifier:
                keyid:92:96:42:85:4F:E5:60:52:FD:DC:14:6B:F7:2E:7B:C6:94:85:0B:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:3f:97:e4:12:6e:c4:7a:b7:07:6f:44:b2:35:2e:01:bf:b4:
         ca:2d:d0:4b:b0:d9:08:49:66:30:43:df:e7:d7:d8:cf:db:c3:
         c1:46:70:34:52:b5:e0:07:66:fb:b0:7c:7a:ee:05:d1:65:55:
         66:05:2f:57:2a:6f:77:bf:ed:18:9d:e4:fc:40:04:cb:c3:3b:
         64:68:8b:48:7e:7a:98:fd:b9:5a:81:15:96:68:c3:31:cf:9e:
         8f:ee:68:81:fd:c4:b3:d3:d7:b0:b6:5a:0c:7d:eb:65:1e:79:
         af:82:f7:07:f5:80:09:60:88:a1:bb:95:e5:52:c6:5b:a6:c7:
         63:3a:14:5e:83:b6:48:c7:a6:c3:5b:e9:db:48:a2:97:a9:cf:
         26:07:ce:d2:35:91:1b:49:8f:87:22:fd:fa:30:03:63:f0:4d:
         2c:0c:bf:b5:c4:a9:e3:59:45:18:90:1d:23:40:f2:a1:8b:32:
         5e:de:d1:93:d3:ee:35:e5:c0:0c:14:23:79:34:a2:1c:1e:dd:
         c2:20:a9:1b:57:8f:a0:b5:61:62:b0:f4:ec:e9:61:fb:cc:d1:
         af:64:ed:04:cd:f4:aa:b5:12:22:49:28:cd:47:bf:1f:d4:82:
         b5:a2:69:aa:4d:26:c3:f2:38:a3:c6:98:0d:9d:d9:e4:9d:01:
         01:c7:b5:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh10hbr4s0Gcn/ITxpEyFsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTY0Mjg1NGZlNTYwNTJmZGRjMTQ2YmY3MmU3YmM2OTQ4
NTBiNjMwHhcNMjUwODA0MTYwMjM5WhcNMjUwODA1MTYwMjM5WjAzMTEwLwYDVQQD
EyhmMjI0MmFiNWZkOTc3ZTQ4ZjMzZTNkMzQ1NzgyZjAxY2I5Mzg5YmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/p3lcmqCNthkL2eBwxGnJuCm5MG
tAr/m+Z8WAEb6xDqXnSMCS0Qvbg6sZ0hblLSu5cFboLeKXptwGIWdvx9KNXAJJHB
j12gk5YxMS85qhzMCTstmj81cDTpF6joGYne+7GY6b4Ns69xaA4GheBGoeVDK3OI
7f7eAjs8IwiRskmA9GeBMIKmdU0oEYzJlTtEEEmaFaG5lNMcvYZGgi2xOIEo1/64
VUnLCqJibuiRTfnS9dPZkDMbBL9REK3/v3LeJ3f67w+GvRGURUTl0PB73vdbQwIf
ISAw+dqtSZ8pkdgrulR4xuEQ9InUoNjdMCR5ewRGh2DN06yauUApbv4yUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIkKrX9l35I8z49NFeC8By5OJv3MB8GA1UdIwQY
MBaAFJKWQoVP5WBS/dwUa/cue8aUhQtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xYjAxZDgtOWIzMS00ZjA4LWExYzUt
ZTkxNjQ4ZWM3ZGU1LzEva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xYjAxZDgtOWIzMS00ZjA4LWExYzUtZTkxNjQ4ZWM3ZGU1
LzEva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWj+X5BJu
xHq3B29EsjUuAb+0yi3QS7DZCElmMEPf59fYz9vDwUZwNFK14Adm+7B8eu4F0WVV
ZgUvVypvd7/tGJ3k/EAEy8M7ZGiLSH56mP25WoEVlmjDMc+ej+5ogf3Es9PXsLZa
DH3rZR55r4L3B/WACWCIobuV5VLGW6bHYzoUXoO2SMemw1vp20iil6nPJgfO0jWR
G0mPhyL9+jADY/BNLAy/tcSp41lFGJAdI0DyoYsyXt7Rk9PuNeXADBQjeTSiHB7d
wiCpG1ePoLVhYrD07Olh+8zRr2TtBM30qrUSIkkozUe/H9SCtaJpqk0mw/I4o8aY
DZ3Z5J0BAce17Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:18:41 2025 by rpki-client