Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
File:                     KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json)
Hash identifier:          LvzcESb//c+n/KbpmZGsBMdl3W4lHQXX+gx4dw3b69w=
Subject key identifier:   1F:85:0E:83:67:A5:D7:7C:9F:43:E7:E9:9B:EA:1A:39:2D:98:DF:67
Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1
Certificate issuer:       /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
Certificate serial:       0197B5FC6C3EB6177DD5206EB7CF6D698A39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
Manifest number:          108A
Signing time:             Sat 28 Jun 2025 10:01:48 +0000
Manifest this update:     Sat 28 Jun 2025 10:01:48 +0000
Manifest next update:     Sun 29 Jun 2025 10:01:48 +0000
Files and hashes:         1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: ZP2tljEQAv54vRR8e2Th+rirjKM9jPbCl8jQgrvugp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:fc:6c:3e:b6:17:7d:d5:20:6e:b7:cf:6d:69:8a:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
        Validity
            Not Before: Jun 28 10:01:48 2025 GMT
            Not After : Jun 29 10:01:48 2025 GMT
        Subject: CN=1f850e8367a5d77c9f43e7e99bea1a392d98df67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:2a:f9:16:02:e6:de:69:a8:1d:2b:79:42:0e:
                    a0:32:a0:9e:1e:68:22:a8:a9:ed:05:0f:b2:67:e1:
                    b4:24:ad:bf:f1:97:15:e3:a9:ae:e5:7e:46:fa:aa:
                    d9:28:b6:39:40:57:2f:2e:8c:f6:9f:8e:60:01:68:
                    7f:39:8f:1b:38:a2:fe:30:5e:5c:88:0d:fe:dc:eb:
                    dd:be:2c:6f:e2:9c:d9:f9:07:91:bc:4f:3a:f3:0c:
                    e7:0d:73:d3:7c:0b:9f:92:09:32:e6:4e:7a:13:1c:
                    96:19:3c:1c:58:3e:79:e8:5d:2d:9c:3b:b5:20:46:
                    31:c8:fe:de:90:8e:7d:7d:ab:ad:00:65:e8:a7:b6:
                    ea:1a:06:93:93:8a:4e:27:d8:7f:3f:8f:77:46:e7:
                    be:b6:21:1e:08:c1:3f:f6:55:43:bb:79:34:b5:94:
                    ef:ed:8e:f0:b8:ac:4a:a7:6e:e1:2f:ce:ba:35:45:
                    18:1e:dd:1d:9d:d2:12:88:4f:bb:fc:a0:76:14:66:
                    78:34:a6:89:81:28:65:7e:33:95:d1:9d:9f:d4:2c:
                    c6:72:1a:20:fb:ad:c1:0c:e4:9f:08:11:69:b7:a4:
                    4a:43:76:1e:07:fd:75:c7:eb:f6:ef:fa:5e:8a:3e:
                    a5:29:a7:71:b4:b7:08:9a:46:52:02:74:ba:81:c7:
                    2e:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:85:0E:83:67:A5:D7:7C:9F:43:E7:E9:9B:EA:1A:39:2D:98:DF:67
            X509v3 Authority Key Identifier:
                keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:82:da:0c:12:74:29:b5:56:fe:8c:e5:a3:36:7c:b2:c8:dd:
         39:d0:d5:ab:d8:ee:8f:98:b3:42:11:40:e3:e9:b7:42:48:03:
         13:c2:7e:43:ef:04:91:c4:a1:34:bd:0b:ea:92:eb:96:49:30:
         87:4f:d5:50:3f:c9:45:cc:33:73:e6:ef:8d:34:ac:6a:98:36:
         d6:80:75:87:a5:9f:61:8d:dc:26:31:73:5f:56:6a:9b:18:2e:
         ce:74:76:71:38:16:5f:38:9f:2f:c8:29:0b:37:7b:0f:e5:1c:
         b6:5d:b7:ac:c5:08:39:da:a4:7e:f3:33:6e:57:b0:2a:1d:c2:
         57:e4:c0:10:fe:2e:4d:c2:67:1d:b5:80:11:51:9d:20:94:a3:
         ca:6a:65:0d:a7:4b:8a:11:09:91:b0:c8:c4:92:15:94:90:df:
         d8:3f:ba:69:c5:41:2b:f9:1e:af:17:0e:1c:c9:11:64:00:39:
         83:43:34:83:c2:83:32:d3:e4:56:70:b2:6b:04:a8:36:f5:53:
         0c:70:24:07:4b:30:63:f8:d9:7d:9f:04:f7:9b:35:44:37:eb:
         a8:45:ec:79:a7:51:f1:74:6b:c0:41:0d:d0:e9:3b:9f:65:8a:
         5d:d6:a4:e4:28:fd:ce:a7:70:d9:2f:eb:e8:75:1b:14:d0:9c:
         73:62:87:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1/Gw+thd91SBut89taYo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx
OGM4YjEwHhcNMjUwNjI4MTAwMTQ4WhcNMjUwNjI5MTAwMTQ4WjAzMTEwLwYDVQQD
EygxZjg1MGU4MzY3YTVkNzdjOWY0M2U3ZTk5YmVhMWEzOTJkOThkZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyr5FgLm3mmoHSt5Qg6gMqCeHmgi
qKntBQ+yZ+G0JK2/8ZcV46mu5X5G+qrZKLY5QFcvLoz2n45gAWh/OY8bOKL+MF5c
iA3+3Ovdvixv4pzZ+QeRvE868wznDXPTfAufkgky5k56ExyWGTwcWD556F0tnDu1
IEYxyP7ekI59fautAGXop7bqGgaTk4pOJ9h/P493Rue+tiEeCME/9lVDu3k0tZTv
7Y7wuKxKp27hL866NUUYHt0dndISiE+7/KB2FGZ4NKaJgShlfjOV0Z2f1CzGchog
+63BDOSfCBFpt6RKQ3YeB/11x+v27/peij6lKadxtLcImkZSAnS6gccuhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+FDoNnpdd8n0Pn6ZvqGjktmN9nMB8GA1UdIwQY
MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt
N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk
LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABYLaDBJ0
KbVW/ozlozZ8ssjdOdDVq9juj5izQhFA4+m3QkgDE8J+Q+8EkcShNL0L6pLrlkkw
h0/VUD/JRcwzc+bvjTSsapg21oB1h6WfYY3cJjFzX1ZqmxguznR2cTgWXzifL8gp
Czd7D+Uctl23rMUIOdqkfvMzblewKh3CV+TAEP4uTcJnHbWAEVGdIJSjymplDadL
ihEJkbDIxJIVlJDf2D+6acVBK/kerxcOHMkRZAA5g0M0g8KDMtPkVnCyawSoNvVT
DHAkB0swY/jZfZ8E95s1RDfrqEXseadR8XRrwEEN0Ok7n2WKXdak5Cj9zqdw2S/r
6HUbFNCcc2KHWQ==
-----END CERTIFICATE-----