Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/068231-7cfc-4068-86b5-9ab4ad8b4ff4/1/Kbh1W8U-8XdGvSlu8oupAM2Y--A.mft
File:                     Kbh1W8U-8XdGvSlu8oupAM2Y--A.mft (raw, json)
Hash identifier:          VkwGBS3FNBee38AuhHqS5Q+IqhHXKpdNjntsZi0Muxc=
Subject key identifier:   85:A0:A2:0A:63:98:34:8D:D7:02:7A:59:C1:10:9A:2D:1F:F4:C2:14
Authority key identifier: 29:B8:75:5B:C5:3E:F1:77:46:BD:29:6E:F2:8B:A9:00:CD:98:FB:E0
Certificate issuer:       /CN=29b8755bc53ef17746bd296ef28ba900cd98fbe0
Certificate serial:       0199FA69EEF3383517DB3120420E225B2CD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kbh1W8U-8XdGvSlu8oupAM2Y--A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/068231-7cfc-4068-86b5-9ab4ad8b4ff4/1/Kbh1W8U-8XdGvSlu8oupAM2Y--A.mft
Manifest number:          32
Signing time:             Sun 19 Oct 2025 03:01:10 +0000
Manifest this update:     Sun 19 Oct 2025 03:01:10 +0000
Manifest next update:     Mon 20 Oct 2025 03:01:10 +0000
Files and hashes:         1: Kbh1W8U-8XdGvSlu8oupAM2Y--A.crl (hash: il7ijG2VcTKE4QcwJHNgYDuYCf05YgU0qnSM7XLOovI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/068231-7cfc-4068-86b5-9ab4ad8b4ff4/1/Kbh1W8U-8XdGvSlu8oupAM2Y--A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/068231-7cfc-4068-86b5-9ab4ad8b4ff4/1/Kbh1W8U-8XdGvSlu8oupAM2Y--A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kbh1W8U-8XdGvSlu8oupAM2Y--A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 03:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:69:ee:f3:38:35:17:db:31:20:42:0e:22:5b:2c:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29b8755bc53ef17746bd296ef28ba900cd98fbe0
        Validity
            Not Before: Oct 19 03:01:10 2025 GMT
            Not After : Oct 20 03:01:10 2025 GMT
        Subject: CN=85a0a20a6398348dd7027a59c1109a2d1ff4c214
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:57:0c:8f:b2:12:63:64:73:fe:ca:99:eb:51:
                    60:de:a5:62:f1:ff:27:d9:95:cb:61:d1:84:55:6c:
                    12:92:fd:0d:44:c0:e9:e0:64:5c:c0:a8:5d:6c:32:
                    7e:27:ae:bd:6c:38:86:b8:96:97:01:7d:eb:a4:93:
                    e2:32:7c:1b:c2:d1:52:fd:62:95:8d:9b:39:06:29:
                    c4:f0:53:38:58:37:37:84:09:1f:b0:25:45:b1:ef:
                    06:0e:c9:86:32:6d:a9:aa:2e:c2:23:71:a6:ca:c2:
                    41:ef:c6:39:dc:03:23:17:ba:ee:cb:68:90:d6:38:
                    5f:39:3c:b8:8e:e9:77:04:8a:d6:4d:8c:12:3c:cc:
                    3e:7a:24:10:fc:36:4c:52:61:3c:88:e4:cd:d0:c4:
                    0d:f4:83:85:f4:f8:68:72:ae:05:56:34:4f:b5:e9:
                    56:00:bb:dc:8c:c7:18:7a:56:d1:d2:bf:eb:8d:ca:
                    35:f3:97:ac:e1:6b:b9:a2:e5:61:44:e1:65:12:23:
                    4f:85:9e:5e:42:43:cb:35:db:db:f0:bf:85:c4:4e:
                    27:9e:13:e0:50:a0:4c:f0:fb:19:09:09:38:ee:37:
                    4e:62:13:e4:2a:47:5f:51:33:69:60:1f:fb:11:ba:
                    99:f5:a1:aa:c3:48:72:be:4d:91:2c:5e:50:ee:d1:
                    25:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:A0:A2:0A:63:98:34:8D:D7:02:7A:59:C1:10:9A:2D:1F:F4:C2:14
            X509v3 Authority Key Identifier:
                keyid:29:B8:75:5B:C5:3E:F1:77:46:BD:29:6E:F2:8B:A9:00:CD:98:FB:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kbh1W8U-8XdGvSlu8oupAM2Y--A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/068231-7cfc-4068-86b5-9ab4ad8b4ff4/1/Kbh1W8U-8XdGvSlu8oupAM2Y--A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/068231-7cfc-4068-86b5-9ab4ad8b4ff4/1/Kbh1W8U-8XdGvSlu8oupAM2Y--A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:0b:2e:66:66:a0:13:d1:aa:fb:ff:d4:05:6f:25:db:00:77:
         ee:d4:9a:09:7c:e2:a2:5c:d3:e4:fe:22:ce:dc:0a:a1:48:7d:
         4c:76:cb:2a:bb:07:f6:54:b0:f6:b2:35:b3:17:5b:99:6a:87:
         d7:b3:99:bf:dd:4e:67:13:6c:6c:d3:16:4e:2f:2d:b7:b6:ec:
         7e:3f:d6:da:8e:ef:11:bf:6f:e0:3a:0c:f8:8c:84:72:82:ad:
         ad:bf:63:e7:b6:8b:c8:8f:6f:71:3d:c8:7f:40:05:7e:30:84:
         57:a7:82:77:d1:8e:27:b3:39:68:25:88:93:01:80:e5:a0:c7:
         d1:45:b5:67:26:c2:02:92:ee:58:cd:31:4e:d8:42:88:ff:ed:
         b9:15:ea:55:28:21:4b:8f:ea:e9:14:3b:d1:57:e0:bd:61:ef:
         96:b8:4e:d8:51:a5:d2:07:5b:2f:54:38:b1:6c:2b:b2:6c:f5:
         7a:5e:71:ab:84:e4:c2:ed:07:b9:8a:66:a2:05:c4:6b:7c:3b:
         15:5c:79:62:e1:b5:1f:af:3f:5b:34:5c:84:e0:47:d6:bc:f1:
         13:48:ba:05:ef:6d:b1:e7:47:07:f6:24:6c:c9:6b:3f:5f:ac:
         e3:f2:ac:76:41:68:c8:79:98:8a:99:a5:e6:8b:b6:c4:af:9b:
         2d:f8:d8:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6ae7zODUX2zEgQg4iWyzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Yjg3NTViYzUzZWYxNzc0NmJkMjk2ZWYyOGJhOTAwY2Q5
OGZiZTAwHhcNMjUxMDE5MDMwMTEwWhcNMjUxMDIwMDMwMTEwWjAzMTEwLwYDVQQD
Eyg4NWEwYTIwYTYzOTgzNDhkZDcwMjdhNTljMTEwOWEyZDFmZjRjMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71cMj7ISY2Rz/sqZ61Fg3qVi8f8n
2ZXLYdGEVWwSkv0NRMDp4GRcwKhdbDJ+J669bDiGuJaXAX3rpJPiMnwbwtFS/WKV
jZs5BinE8FM4WDc3hAkfsCVFse8GDsmGMm2pqi7CI3GmysJB78Y53AMjF7ruy2iQ
1jhfOTy4jul3BIrWTYwSPMw+eiQQ/DZMUmE8iOTN0MQN9IOF9Phocq4FVjRPtelW
ALvcjMcYelbR0r/rjco185es4Wu5ouVhROFlEiNPhZ5eQkPLNdvb8L+FxE4nnhPg
UKBM8PsZCQk47jdOYhPkKkdfUTNpYB/7EbqZ9aGqw0hyvk2RLF5Q7tEl5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWgogpjmDSN1wJ6WcEQmi0f9MIUMB8GA1UdIwQY
MBaAFCm4dVvFPvF3Rr0pbvKLqQDNmPvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2JoMVc4VS04WGRHdlNsdThvdXBBTTJZLS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wNjgyMzEtN2NmYy00MDY4LTg2YjUt
OWFiNGFkOGI0ZmY0LzEvS2JoMVc4VS04WGRHdlNsdThvdXBBTTJZLS1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wNjgyMzEtN2NmYy00MDY4LTg2YjUtOWFiNGFkOGI0ZmY0
LzEvS2JoMVc4VS04WGRHdlNsdThvdXBBTTJZLS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbAsuZmag
E9Gq+//UBW8l2wB37tSaCXziolzT5P4iztwKoUh9THbLKrsH9lSw9rI1sxdbmWqH
17OZv91OZxNsbNMWTi8tt7bsfj/W2o7vEb9v4DoM+IyEcoKtrb9j57aLyI9vcT3I
f0AFfjCEV6eCd9GOJ7M5aCWIkwGA5aDH0UW1ZybCApLuWM0xTthCiP/tuRXqVSgh
S4/q6RQ70VfgvWHvlrhO2FGl0gdbL1Q4sWwrsmz1el5xq4Tkwu0HuYpmogXEa3w7
FVx5YuG1H68/WzRchOBH1rzxE0i6Be9tsedHB/YkbMlrP1+s4/KsdkFoyHmYipml
5ou2xK+bLfjY/w==
-----END CERTIFICATE-----