Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
File:                     KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json)
Hash identifier:          DGEXTg3wsCLQEdyw2ZSo5kixFVmuQlgA1r6lP7qsFOU=
Subject key identifier:   EA:ED:58:EB:FE:AD:25:F9:90:FE:FF:F4:90:06:FA:76:0B:0B:F2:AC
Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1
Certificate issuer:       /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
Certificate serial:       0199FD341D60C2DA6C9CC9B5C87F26BAF723
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
Manifest number:          11B8
Signing time:             Sun 19 Oct 2025 16:01:14 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:14 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:14 +0000
Files and hashes:         1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: cPSF7u39tQ3gvwA4mTezzh3xK1O8rvIoQK4fGHJR0Xg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:1d:60:c2:da:6c:9c:c9:b5:c8:7f:26:ba:f7:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
        Validity
            Not Before: Oct 19 16:01:14 2025 GMT
            Not After : Oct 20 16:01:14 2025 GMT
        Subject: CN=eaed58ebfead25f990fefff49006fa760b0bf2ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:50:ab:c2:b2:e7:bb:36:3c:de:a6:8b:3d:78:
                    e4:04:2b:95:cf:8f:7f:c9:f1:fb:df:97:73:a6:06:
                    bb:54:53:8b:57:67:d3:8c:9d:f8:8d:ae:c3:77:6d:
                    2f:30:45:1b:8b:47:f1:6a:56:a1:03:2b:6d:56:6b:
                    4b:a6:b7:79:39:d4:b2:2d:35:cd:5c:07:d1:97:00:
                    bb:6b:64:60:36:9c:23:68:7f:6f:8c:70:d4:81:81:
                    9c:54:50:58:dc:70:ab:a7:a8:76:93:8e:6c:77:0f:
                    2e:2a:9a:89:42:6e:7d:44:0a:c5:c1:dd:46:26:74:
                    b6:bb:65:d1:98:f9:e5:d9:5f:5b:f6:00:d2:f1:c4:
                    08:24:e7:f2:ed:f7:ca:52:cc:55:72:15:19:7e:56:
                    15:dd:1f:75:e5:38:84:4b:73:a6:de:40:fe:23:2d:
                    23:5c:52:94:04:bf:e7:f6:88:ba:bf:c2:2e:8e:15:
                    e0:82:66:36:b4:0f:17:80:7a:ad:af:ee:d5:66:01:
                    18:b5:4b:b3:3e:ff:46:66:30:b5:7a:9c:2a:6d:00:
                    06:04:53:5a:d5:d7:49:6f:22:93:ba:b4:2b:47:75:
                    5f:58:73:4d:1e:7b:3a:72:1e:52:5a:6e:28:46:4a:
                    39:f1:a8:57:2a:17:bb:7d:8e:30:26:5a:f7:2f:80:
                    e8:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:ED:58:EB:FE:AD:25:F9:90:FE:FF:F4:90:06:FA:76:0B:0B:F2:AC
            X509v3 Authority Key Identifier:
                keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:cf:4e:1c:e2:14:4c:b9:a7:d1:97:dd:90:3a:4f:b6:fd:55:
         bb:29:b8:a9:45:d9:a5:2d:ca:b8:43:04:39:15:3f:3c:04:fa:
         f8:2a:22:23:cb:2d:f0:bb:3f:1a:06:fe:d5:3d:ea:2d:74:13:
         44:ce:b0:e9:40:dd:7c:01:22:ad:19:5a:f6:23:65:e2:f3:c8:
         fc:00:80:32:4c:f0:54:2f:4e:a8:7b:b4:af:f7:ac:fb:21:29:
         d0:22:aa:de:b4:1f:b8:6b:ac:8a:a5:97:82:b7:95:83:20:cb:
         86:3f:6a:b9:a3:ef:b0:22:fa:7f:05:87:70:b0:1a:4e:bc:c4:
         42:51:29:18:5e:99:e7:43:b9:5b:fa:c7:47:b4:92:4e:57:63:
         9a:28:08:77:5a:ff:97:8c:d8:00:56:74:7b:41:54:94:6e:d1:
         9f:21:82:29:b9:c5:c1:a3:29:2b:26:63:01:f1:3e:1d:eb:1c:
         71:a2:ce:09:35:7c:d3:55:30:33:91:76:ce:73:52:93:dc:d0:
         18:27:1f:89:b7:27:61:e2:7d:af:18:f4:18:1e:c9:9b:6e:10:
         f8:73:f4:f2:5b:3c:45:29:41:41:6d:e5:2d:b1:05:59:6c:6a:
         ea:5f:e1:e6:f2:aa:73:0c:3f:32:94:36:13:83:15:44:f0:56:
         73:d8:33:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NB1gwtpsnMm1yH8muvcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx
OGM4YjEwHhcNMjUxMDE5MTYwMTE0WhcNMjUxMDIwMTYwMTE0WjAzMTEwLwYDVQQD
EyhlYWVkNThlYmZlYWQyNWY5OTBmZWZmZjQ5MDA2ZmE3NjBiMGJmMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVCrwrLnuzY83qaLPXjkBCuVz49/
yfH735dzpga7VFOLV2fTjJ34ja7Dd20vMEUbi0fxalahAyttVmtLprd5OdSyLTXN
XAfRlwC7a2RgNpwjaH9vjHDUgYGcVFBY3HCrp6h2k45sdw8uKpqJQm59RArFwd1G
JnS2u2XRmPnl2V9b9gDS8cQIJOfy7ffKUsxVchUZflYV3R915TiES3Om3kD+Iy0j
XFKUBL/n9oi6v8IujhXggmY2tA8XgHqtr+7VZgEYtUuzPv9GZjC1epwqbQAGBFNa
1ddJbyKTurQrR3VfWHNNHns6ch5SWm4oRko58ahXKhe7fY4wJlr3L4DohQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrtWOv+rSX5kP7/9JAG+nYLC/KsMB8GA1UdIwQY
MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt
N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk
LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAic9OHOIU
TLmn0ZfdkDpPtv1Vuym4qUXZpS3KuEMEORU/PAT6+CoiI8st8Ls/Ggb+1T3qLXQT
RM6w6UDdfAEirRla9iNl4vPI/ACAMkzwVC9OqHu0r/es+yEp0CKq3rQfuGusiqWX
greVgyDLhj9quaPvsCL6fwWHcLAaTrzEQlEpGF6Z50O5W/rHR7SSTldjmigId1r/
l4zYAFZ0e0FUlG7RnyGCKbnFwaMpKyZjAfE+HesccaLOCTV801UwM5F2znNSk9zQ
GCcfibcnYeJ9rxj0GB7Jm24Q+HP08ls8RSlBQW3lLbEFWWxq6l/h5vKqcww/MpQ2
E4MVRPBWc9gzXg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:57:35 2025 by rpki-client