Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
File:                     KGURKILY5sctAiwsPaF7UsKtsHs.mft (raw, json)
Hash identifier:          03MxUccVKo0n1D95RzjxcwaVb21atdQnebV9twy1FB4=
Subject key identifier:   FB:3E:46:79:DD:CE:81:C3:2B:49:C0:93:45:D9:14:D7:2A:3D:96:E0
Authority key identifier: 28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B
Certificate issuer:       /CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
Certificate serial:       019896A6EE766CC234FFC49F53537EDE4F25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
Manifest number:          08F6
Signing time:             Mon 11 Aug 2025 01:02:59 +0000
Manifest this update:     Mon 11 Aug 2025 01:02:59 +0000
Manifest next update:     Tue 12 Aug 2025 01:02:59 +0000
Files and hashes:         1: KGURKILY5sctAiwsPaF7UsKtsHs.crl (hash: e5pjXgYUg3lJofRj1wvf6CugrRr1Yl+Kxl9QB9ktfF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:02:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a6:ee:76:6c:c2:34:ff:c4:9f:53:53:7e:de:4f:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2865112882d8e6c72d022c2c3da17b52c2adb07b
        Validity
            Not Before: Aug 11 01:02:59 2025 GMT
            Not After : Aug 12 01:02:59 2025 GMT
        Subject: CN=fb3e4679ddce81c32b49c09345d914d72a3d96e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:86:af:4c:5e:b0:55:34:1c:e1:f0:78:49:90:
                    e2:8a:45:69:3e:b9:64:17:9e:5d:a8:1b:48:8a:27:
                    3b:e8:9b:5e:82:18:cc:f6:29:8d:0b:ab:42:66:2a:
                    1a:cc:75:cb:94:ae:85:b4:6f:13:64:c3:ef:6d:85:
                    87:bc:ea:78:1c:fe:bc:0f:8d:28:06:18:56:85:c5:
                    e4:2a:ca:ce:91:88:f9:55:3b:44:1a:c8:f8:a1:5d:
                    dc:ca:54:ce:a6:cb:42:63:5a:26:5d:41:2f:a0:76:
                    90:a7:ce:89:cb:c0:ce:2b:4f:47:f8:57:f2:9c:f1:
                    be:c2:36:07:16:93:47:48:06:c4:2a:54:4d:ae:8e:
                    88:09:b6:e2:04:4f:fe:1d:a1:55:d0:e7:6e:14:c9:
                    42:b5:0c:6d:77:ef:d6:19:aa:85:3f:fc:32:ad:09:
                    a2:32:7f:ab:49:07:88:5e:f6:2b:43:63:54:fa:6e:
                    2c:1c:78:a6:96:8e:23:cd:df:22:87:8e:88:4a:29:
                    1a:fa:16:0a:c1:09:a0:c7:8f:8d:6a:17:02:b4:0f:
                    c0:ae:34:78:f6:2e:6c:a6:ff:6a:73:cf:d9:f6:1e:
                    6a:22:c9:92:8a:82:53:c7:40:97:d3:9c:3f:46:01:
                    e7:9c:8c:87:23:6c:c1:5a:44:04:d8:59:14:7c:19:
                    6b:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:3E:46:79:DD:CE:81:C3:2B:49:C0:93:45:D9:14:D7:2A:3D:96:E0
            X509v3 Authority Key Identifier:
                keyid:28:65:11:28:82:D8:E6:C7:2D:02:2C:2C:3D:A1:7B:52:C2:AD:B0:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGURKILY5sctAiwsPaF7UsKtsHs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ad8d09-39e9-408f-a370-9bb3f57c0ef0/1/KGURKILY5sctAiwsPaF7UsKtsHs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:72:50:85:ab:00:b2:0f:12:37:38:1f:ac:e6:ab:36:cd:19:
         63:29:eb:22:bd:e7:bc:b6:96:3a:1f:b3:77:06:e7:f1:ed:d8:
         16:c5:af:ed:66:89:77:e6:04:05:b8:6c:a2:be:8f:af:1c:e6:
         fc:24:78:19:ca:ae:a2:eb:51:2d:32:5c:bc:53:0c:e9:ff:31:
         c2:6f:02:87:3c:f7:2f:b8:d0:34:05:5e:a0:34:4b:dc:35:bb:
         d8:26:65:ac:98:31:ee:46:b2:12:d3:2c:ba:53:cc:ac:c1:f1:
         f8:6d:71:1b:c5:bd:33:ae:ec:9d:40:3e:32:d2:14:4e:d4:ae:
         e0:e8:64:af:92:ce:f8:28:4c:08:ba:c9:6d:2f:98:49:58:d4:
         56:56:0d:19:59:fd:99:f1:ef:d2:c4:57:05:db:cb:96:ee:4f:
         c0:d2:30:e6:5e:c2:70:48:c8:56:cb:89:41:76:d2:e5:1e:dc:
         3b:98:f8:db:ce:c3:5d:87:1b:42:76:ef:be:6c:4f:2f:bf:8f:
         42:da:37:09:a0:2f:5d:1e:8f:65:88:18:35:a5:2a:1f:e2:1d:
         0b:7d:ad:fe:c5:b2:e2:93:ab:62:c4:ae:81:ce:c0:57:b2:0e:
         ab:33:e1:77:57:68:82:8d:da:a0:cc:bf:b1:75:2d:f4:6c:7d:
         7c:e4:4e:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpu52bMI0/8SfU1N+3k8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjUxMTI4ODJkOGU2YzcyZDAyMmMyYzNkYTE3YjUyYzJh
ZGIwN2IwHhcNMjUwODExMDEwMjU5WhcNMjUwODEyMDEwMjU5WjAzMTEwLwYDVQQD
EyhmYjNlNDY3OWRkY2U4MWMzMmI0OWMwOTM0NWQ5MTRkNzJhM2Q5NmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oavTF6wVTQc4fB4SZDiikVpPrlk
F55dqBtIiic76JteghjM9imNC6tCZioazHXLlK6FtG8TZMPvbYWHvOp4HP68D40o
BhhWhcXkKsrOkYj5VTtEGsj4oV3cylTOpstCY1omXUEvoHaQp86Jy8DOK09H+Ffy
nPG+wjYHFpNHSAbEKlRNro6ICbbiBE/+HaFV0OduFMlCtQxtd+/WGaqFP/wyrQmi
Mn+rSQeIXvYrQ2NU+m4sHHimlo4jzd8ih46ISika+hYKwQmgx4+NahcCtA/ArjR4
9i5spv9qc8/Z9h5qIsmSioJTx0CX05w/RgHnnIyHI2zBWkQE2FkUfBlrSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPs+RnndzoHDK0nAk0XZFNcqPZbgMB8GA1UdIwQY
MBaAFChlESiC2ObHLQIsLD2he1LCrbB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAt
OWJiM2Y1N2MwZWYwLzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hZDhkMDktMzllOS00MDhmLWEzNzAtOWJiM2Y1N2MwZWYw
LzEvS0dVUktJTFk1c2N0QWl3c1BhRjdVc0t0c0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArHJQhasA
sg8SNzgfrOarNs0ZYynrIr3nvLaWOh+zdwbn8e3YFsWv7WaJd+YEBbhsor6Prxzm
/CR4GcquoutRLTJcvFMM6f8xwm8Chzz3L7jQNAVeoDRL3DW72CZlrJgx7kayEtMs
ulPMrMHx+G1xG8W9M67snUA+MtIUTtSu4Ohkr5LO+ChMCLrJbS+YSVjUVlYNGVn9
mfHv0sRXBdvLlu5PwNIw5l7CcEjIVsuJQXbS5R7cO5j4287DXYcbQnbvvmxPL7+P
Qto3CaAvXR6PZYgYNaUqH+IdC32t/sWy4pOrYsSugc7AV7IOqzPhd1dogo3aoMy/
sXUt9Gx9fOROvQ==
-----END CERTIFICATE-----