Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
File:                     KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json)
Hash identifier:          LoB+dHi/cbGJ8A1L4BlqEEP6REqB3UVLVaXXNbni71M=
Subject key identifier:   17:7A:D7:70:80:16:1E:FA:EE:F5:34:46:93:04:90:03:49:2B:3D:D3
Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC
Certificate issuer:       /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
Certificate serial:       0199FC8F7F65096A353C91C0F1CB87690DBE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
Manifest number:          15F9
Signing time:             Sun 19 Oct 2025 13:01:26 +0000
Manifest this update:     Sun 19 Oct 2025 13:01:26 +0000
Manifest next update:     Mon 20 Oct 2025 13:01:26 +0000
Files and hashes:         1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: 0k6CqIdn4nio/NvzIs1VnjLPedmBwOPyffysdxedyVg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:8f:7f:65:09:6a:35:3c:91:c0:f1:cb:87:69:0d:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc
        Validity
            Not Before: Oct 19 13:01:26 2025 GMT
            Not After : Oct 20 13:01:26 2025 GMT
        Subject: CN=177ad77080161efaeef5344693049003492b3dd3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:92:60:90:2a:ca:ad:f7:ba:4b:5b:8b:42:7d:
                    9a:47:f4:3d:55:7b:94:7a:4c:f7:25:ad:3d:f7:09:
                    59:d8:80:23:d1:d2:6f:e9:de:af:b8:b0:f2:fe:30:
                    80:2e:f3:72:2c:c0:ac:8e:8b:63:01:3c:b2:0c:ba:
                    e5:23:3e:09:51:80:02:9c:e2:bf:88:61:01:c6:2e:
                    6c:c4:68:ea:d4:2c:e9:7f:c5:b2:9f:fa:a5:85:29:
                    2b:cf:83:47:7c:e3:50:26:6e:ba:76:92:64:42:d5:
                    33:73:f3:ac:80:d0:11:dd:41:b1:fe:1a:99:60:55:
                    dd:1d:e3:70:d9:7d:6b:d3:e7:b2:fa:28:18:e5:71:
                    34:c1:2b:78:7c:78:e4:ac:9a:b2:83:b0:d0:ac:30:
                    5f:0e:cc:48:c5:a4:f9:97:32:02:80:06:7b:4a:4f:
                    9e:72:19:72:90:b9:ed:b9:fc:d2:de:5c:d0:42:02:
                    17:cb:c0:ad:38:29:ef:e0:b6:ae:24:de:d0:97:37:
                    4c:66:25:e9:f0:7b:58:72:e5:b3:c0:bf:a7:5d:89:
                    cc:5b:39:0f:e2:ca:da:e1:a8:c9:ab:b9:50:6d:18:
                    cc:1c:2e:69:3c:c9:26:2e:14:cc:37:83:64:51:b1:
                    9f:6b:0a:e9:24:a2:b1:a5:ca:b3:60:4c:b9:a4:9d:
                    ed:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:7A:D7:70:80:16:1E:FA:EE:F5:34:46:93:04:90:03:49:2B:3D:D3
            X509v3 Authority Key Identifier:
                keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:82:45:27:24:0a:82:6b:ab:08:ed:32:e7:39:b1:e4:d3:b1:
         39:6a:20:b0:9c:96:d3:d7:89:21:70:6a:cc:6c:a9:85:40:bf:
         9e:bb:9c:6b:1c:89:c7:53:98:a0:d2:ee:02:77:2d:3d:1b:e5:
         78:f6:af:7d:e8:0e:6f:8e:93:53:bf:0e:66:6b:87:cc:36:8b:
         aa:5f:c6:ba:2f:b3:5a:54:b1:96:18:f1:fe:2d:45:93:ff:7b:
         eb:65:34:4b:f6:1c:f5:77:3c:bc:a3:a6:75:81:1d:3f:1e:4c:
         a5:ac:28:d6:07:65:05:30:ca:98:e5:b9:79:be:c2:0e:38:85:
         c0:cc:2e:e0:9e:ca:e4:da:25:f2:75:b4:dc:97:2b:23:14:d3:
         2f:1f:ca:23:44:ad:67:46:ce:13:90:69:b7:5c:85:ad:93:f6:
         c5:b9:b6:e9:84:08:3e:66:da:78:8b:8c:09:33:ad:6e:dd:c9:
         ba:79:0b:54:33:a1:52:3e:34:07:46:b1:b6:ab:b7:20:b6:f8:
         50:1c:c8:eb:a1:51:1d:f7:48:a1:34:2e:1f:5a:b2:34:0c:b2:
         21:5c:15:69:d2:53:57:6b:bc:a4:95:91:bc:4d:41:99:97:23:
         fb:41:5e:31:c2:8b:e2:32:d3:59:52:39:99:83:d9:de:21:54:
         8f:da:2f:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j39lCWo1PJHA8cuHaQ2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk
ZGJjZGMwHhcNMjUxMDE5MTMwMTI2WhcNMjUxMDIwMTMwMTI2WjAzMTEwLwYDVQQD
EygxNzdhZDc3MDgwMTYxZWZhZWVmNTM0NDY5MzA0OTAwMzQ5MmIzZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJJgkCrKrfe6S1uLQn2aR/Q9VXuU
ekz3Ja099wlZ2IAj0dJv6d6vuLDy/jCALvNyLMCsjotjATyyDLrlIz4JUYACnOK/
iGEBxi5sxGjq1Czpf8Wyn/qlhSkrz4NHfONQJm66dpJkQtUzc/OsgNAR3UGx/hqZ
YFXdHeNw2X1r0+ey+igY5XE0wSt4fHjkrJqyg7DQrDBfDsxIxaT5lzICgAZ7Sk+e
chlykLntufzS3lzQQgIXy8CtOCnv4LauJN7QlzdMZiXp8HtYcuWzwL+nXYnMWzkP
4sra4ajJq7lQbRjMHC5pPMkmLhTMN4NkUbGfawrpJKKxpcqzYEy5pJ3t7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBd613CAFh767vU0RpMEkANJKz3TMB8GA1UdIwQY
MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt
YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz
LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARoJFJyQK
gmurCO0y5zmx5NOxOWogsJyW09eJIXBqzGyphUC/nrucaxyJx1OYoNLuAnctPRvl
ePavfegOb46TU78OZmuHzDaLql/Gui+zWlSxlhjx/i1Fk/9762U0S/Yc9Xc8vKOm
dYEdPx5Mpawo1gdlBTDKmOW5eb7CDjiFwMwu4J7K5Nol8nW03JcrIxTTLx/KI0St
Z0bOE5Bpt1yFrZP2xbm26YQIPmbaeIuMCTOtbt3JunkLVDOhUj40B0axtqu3ILb4
UBzI66FRHfdIoTQuH1qyNAyyIVwVadJTV2u8pJWRvE1BmZcj+0FeMcKL4jLTWVI5
mYPZ3iFUj9ovVA==
-----END CERTIFICATE-----