Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
File:                     KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json)
Hash identifier:          vABWTL80VSQtbStBfKiMiWPMEFkGEKX+I/fJlnu0KEg=
Subject key identifier:   6C:8A:75:C4:E0:13:5B:58:3C:B4:61:68:81:51:05:78:81:3B:E8:5B
Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39
Certificate issuer:       /CN=29b1210ec9105c717d098f9f0d00d9dea2322539
Certificate serial:       0198D4E00727795E4B6D2173F36079599ECA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
Manifest number:          131B
Signing time:             Sat 23 Aug 2025 03:01:47 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:47 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:47 +0000
Files and hashes:         1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: bnbGF2Ah4MbSWqJIVlUGZ1e0TwD3ecU+spqm4uJ9mQ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:07:27:79:5e:4b:6d:21:73:f3:60:79:59:9e:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539
        Validity
            Not Before: Aug 23 03:01:47 2025 GMT
            Not After : Aug 24 03:01:47 2025 GMT
        Subject: CN=6c8a75c4e0135b583cb4616881510578813be85b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:c2:ac:d1:02:01:d8:49:7a:b0:76:c2:54:59:
                    ec:47:1a:57:2d:68:c9:84:05:ea:a6:1a:a3:08:35:
                    ed:7d:6d:86:ef:57:29:c5:2c:0c:23:62:79:dd:d8:
                    03:a2:71:78:33:a3:35:8d:5e:82:7d:a1:21:41:dd:
                    cc:09:ca:1c:ae:ef:50:f0:ff:a3:63:7a:20:12:31:
                    29:b2:1f:78:df:99:4b:98:73:57:5b:4c:79:82:0b:
                    5a:9a:a0:a4:cb:5f:aa:ec:23:ab:01:ef:07:f5:57:
                    1e:70:4a:39:a6:49:66:05:73:fc:7d:37:9a:03:4c:
                    2c:91:3d:a4:1a:63:81:f3:35:f4:21:5d:44:4e:ae:
                    af:88:c2:3d:24:85:22:1a:5c:b5:e7:bd:92:c5:ff:
                    9a:79:37:15:0a:45:01:a5:0d:7e:3b:be:01:b2:d3:
                    9b:19:b9:3c:32:c6:0c:38:16:6a:ea:02:b9:f1:8b:
                    34:2c:11:26:1a:82:c3:b0:1e:f0:81:1f:c9:46:56:
                    f0:cb:48:62:31:d7:ab:17:1e:ee:35:16:b8:a1:9f:
                    44:d3:c6:02:44:1c:72:dc:96:34:73:9f:3c:36:5d:
                    80:83:95:d6:59:bb:17:56:33:91:bc:49:35:0b:b3:
                    2b:fe:79:9f:54:6d:21:75:e8:ec:15:e7:d1:71:27:
                    ea:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:8A:75:C4:E0:13:5B:58:3C:B4:61:68:81:51:05:78:81:3B:E8:5B
            X509v3 Authority Key Identifier:
                keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:5a:14:d0:39:60:98:8f:e5:af:c3:4c:f2:5e:df:eb:c4:4d:
         e2:c3:cf:ec:bd:dd:90:38:2d:51:b5:2b:aa:33:ae:78:4b:ec:
         61:7e:01:3a:eb:57:87:53:e6:a0:2c:74:3e:bc:08:9f:c6:3a:
         c4:b0:25:4d:2f:5e:3e:52:d4:5a:a4:36:c7:4e:03:21:a2:af:
         15:89:f1:e4:71:17:34:80:6c:b7:01:6f:58:34:18:fe:bb:64:
         e6:70:c4:d0:94:50:96:a2:c1:25:e2:68:70:29:d0:75:d5:e7:
         c2:d8:f4:6e:1f:58:b3:34:c1:ee:fa:7d:67:2d:a1:08:e7:ff:
         e7:6f:7e:72:17:53:3f:2b:bc:8d:1b:34:8d:38:f1:c4:a5:d1:
         fa:62:50:63:e3:b4:1b:ee:6b:44:e5:a1:0d:00:1a:e7:ca:a7:
         dc:f5:1a:1b:32:63:5e:6d:c4:31:24:8b:23:fa:ae:6e:27:55:
         f6:16:bf:51:af:2f:eb:86:06:26:e5:50:d5:2c:fa:65:86:2f:
         d1:26:3a:68:2b:6d:47:9e:a5:6d:dc:57:b0:3f:05:66:93:17:
         dd:9f:8c:1e:0f:ab:43:79:97:3a:d5:fb:c8:4e:b9:73:d1:f0:
         db:6d:e7:a5:ec:94:6a:2d:9e:d3:0e:b1:16:09:1c:e5:a3:f6:
         2e:be:24:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4AcneV5LbSFz82B5WZ7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz
MjI1MzkwHhcNMjUwODIzMDMwMTQ3WhcNMjUwODI0MDMwMTQ3WjAzMTEwLwYDVQQD
Eyg2YzhhNzVjNGUwMTM1YjU4M2NiNDYxNjg4MTUxMDU3ODgxM2JlODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcKs0QIB2El6sHbCVFnsRxpXLWjJ
hAXqphqjCDXtfW2G71cpxSwMI2J53dgDonF4M6M1jV6CfaEhQd3MCcocru9Q8P+j
Y3ogEjEpsh9435lLmHNXW0x5ggtamqCky1+q7COrAe8H9VcecEo5pklmBXP8fTea
A0wskT2kGmOB8zX0IV1ETq6viMI9JIUiGly1572Sxf+aeTcVCkUBpQ1+O74BstOb
Gbk8MsYMOBZq6gK58Ys0LBEmGoLDsB7wgR/JRlbwy0hiMderFx7uNRa4oZ9E08YC
RBxy3JY0c588Nl2Ag5XWWbsXVjORvEk1C7Mr/nmfVG0hdejsFefRcSfqTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyKdcTgE1tYPLRhaIFRBXiBO+hbMB8GA1UdIwQY
MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt
MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1
LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcloU0Dlg
mI/lr8NM8l7f68RN4sPP7L3dkDgtUbUrqjOueEvsYX4BOutXh1PmoCx0PrwIn8Y6
xLAlTS9ePlLUWqQ2x04DIaKvFYnx5HEXNIBstwFvWDQY/rtk5nDE0JRQlqLBJeJo
cCnQddXnwtj0bh9YszTB7vp9Zy2hCOf/529+chdTPyu8jRs0jTjxxKXR+mJQY+O0
G+5rROWhDQAa58qn3PUaGzJjXm3EMSSLI/qubidV9ha/Ua8v64YGJuVQ1Sz6ZYYv
0SY6aCttR56lbdxXsD8FZpMX3Z+MHg+rQ3mXOtX7yE65c9Hw223npeyUai2e0w6x
Fgkc5aP2Lr4kYg==
-----END CERTIFICATE-----