Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
File:                     KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json)
Hash identifier:          ZMk3ApZ6ah+WFeNR9ESurPbRCPYRyG5okJkE9gq2WV4=
Subject key identifier:   16:BE:6A:61:19:01:DD:C1:0B:2F:3E:DE:E0:D7:E9:89:AA:9B:62:47
Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1
Certificate issuer:       /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
Certificate serial:       0198D5BC3C267C9B01BB3E75B6AA4E554BBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
Manifest number:          111F
Signing time:             Sat 23 Aug 2025 07:02:19 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:19 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:19 +0000
Files and hashes:         1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: 20Qvt6DFC4qvMVtR3CLQxGD07Pn6TG0+M4dEnggtDOA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:3c:26:7c:9b:01:bb:3e:75:b6:aa:4e:55:4b:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1
        Validity
            Not Before: Aug 23 07:02:19 2025 GMT
            Not After : Aug 24 07:02:19 2025 GMT
        Subject: CN=16be6a611901ddc10b2f3edee0d7e989aa9b6247
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:e7:6b:7f:9a:a5:ef:5f:ee:33:5e:94:c4:f5:
                    06:64:be:2d:79:8f:e2:0b:df:56:b1:d9:21:45:b4:
                    6d:25:b8:13:28:cd:79:9e:dd:b7:44:53:71:47:75:
                    55:c1:5d:06:c9:80:a1:35:0b:1e:ab:0e:30:18:1e:
                    e4:a8:be:ed:0f:bf:59:17:14:6c:bb:f8:c2:e1:4a:
                    12:e1:1f:30:fb:ca:e9:f9:fc:3b:80:8a:18:ab:99:
                    59:e9:2e:bd:d6:26:9e:1a:89:b2:b3:f4:4b:01:d9:
                    3e:41:ba:a5:d8:af:42:b8:25:74:35:fe:a6:bf:b8:
                    e6:5b:43:0a:c9:14:ad:ff:e1:0e:d4:5f:f1:66:28:
                    7e:f3:76:19:1f:48:a4:c8:20:3f:75:2e:d6:ca:9b:
                    ad:de:3e:e2:99:26:f1:26:9f:df:6c:35:39:6e:f0:
                    a9:47:e0:0a:c0:c1:c5:7b:a8:73:43:be:0c:25:d3:
                    1e:40:83:b4:f7:13:c2:78:6a:c4:8a:ed:6e:ac:30:
                    ed:e3:1f:2e:a4:d8:c5:92:51:6d:73:c1:50:88:03:
                    d7:6c:9e:23:e4:75:fc:ae:e0:86:60:91:8e:89:db:
                    f9:fa:be:40:98:a8:f9:83:4a:e7:92:f5:73:2c:4a:
                    19:8c:38:c0:3a:a4:df:1b:c8:27:00:a1:09:81:cc:
                    3f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:BE:6A:61:19:01:DD:C1:0B:2F:3E:DE:E0:D7:E9:89:AA:9B:62:47
            X509v3 Authority Key Identifier:
                keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:6a:4c:8b:06:d2:be:29:50:ad:76:8b:1e:42:32:63:be:5d:
         fc:e2:15:2e:ee:e0:ea:d4:ab:05:7a:09:89:c9:bd:9f:c5:97:
         6c:d7:a5:71:97:bf:ee:04:2b:22:3f:c1:e9:e2:55:58:ae:78:
         ca:c5:cf:33:d2:be:72:ea:1d:c4:83:42:cf:ba:24:da:7f:c1:
         24:d0:cd:83:34:3a:a6:03:42:ef:22:c7:56:71:4a:e7:19:1f:
         e9:72:d2:f0:39:08:db:46:7c:30:c4:27:d1:e6:de:2f:04:bc:
         e0:2b:f8:0e:33:00:e9:80:16:25:b7:fd:16:73:10:6b:d7:b7:
         7a:04:d0:5b:08:19:eb:01:3d:ee:1c:a2:ab:b0:84:73:d5:41:
         a1:30:13:13:5c:79:a5:bd:59:41:cf:d4:c3:35:b0:4c:36:c0:
         bf:54:99:31:f0:4f:f3:df:c6:78:f1:00:a1:da:98:dc:61:ea:
         37:00:04:85:2a:ab:78:aa:1a:86:00:68:f3:9d:92:2f:51:9b:
         5f:aa:e1:c0:55:31:3c:4f:e9:e9:e2:4b:76:2b:e3:1e:c7:1d:
         fc:19:72:e3:9e:e4:0d:af:1d:e2:45:d5:9e:8f:c0:95:b8:a1:
         66:ce:4a:68:c1:e3:ba:9a:3a:9a:fb:f5:a2:0f:13:83:6e:3e:
         31:ce:67:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvDwmfJsBuz51tqpOVUu9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx
OGM4YjEwHhcNMjUwODIzMDcwMjE5WhcNMjUwODI0MDcwMjE5WjAzMTEwLwYDVQQD
EygxNmJlNmE2MTE5MDFkZGMxMGIyZjNlZGVlMGQ3ZTk4OWFhOWI2MjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0edrf5ql71/uM16UxPUGZL4teY/i
C99WsdkhRbRtJbgTKM15nt23RFNxR3VVwV0GyYChNQseqw4wGB7kqL7tD79ZFxRs
u/jC4UoS4R8w+8rp+fw7gIoYq5lZ6S691iaeGomys/RLAdk+Qbql2K9CuCV0Nf6m
v7jmW0MKyRSt/+EO1F/xZih+83YZH0ikyCA/dS7Wyput3j7imSbxJp/fbDU5bvCp
R+AKwMHFe6hzQ74MJdMeQIO09xPCeGrEiu1urDDt4x8upNjFklFtc8FQiAPXbJ4j
5HX8ruCGYJGOidv5+r5AmKj5g0rnkvVzLEoZjDjAOqTfG8gnAKEJgcw/QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBa+amEZAd3BCy8+3uDX6Ymqm2JHMB8GA1UdIwQY
MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt
N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk
LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA2pMiwbS
vilQrXaLHkIyY75d/OIVLu7g6tSrBXoJicm9n8WXbNelcZe/7gQrIj/B6eJVWK54
ysXPM9K+cuodxINCz7ok2n/BJNDNgzQ6pgNC7yLHVnFK5xkf6XLS8DkI20Z8MMQn
0ebeLwS84Cv4DjMA6YAWJbf9FnMQa9e3egTQWwgZ6wE97hyiq7CEc9VBoTATE1x5
pb1ZQc/UwzWwTDbAv1SZMfBP89/GePEAodqY3GHqNwAEhSqreKoahgBo852SL1Gb
X6rhwFUxPE/p6eJLdivjHscd/Bly457kDa8d4kXVno/AlbihZs5KaMHjupo6mvv1
og8Tg24+Mc5nWw==
-----END CERTIFICATE-----