Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
File:                     K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json)
Hash identifier:          hGeusy5SpxQgPusTwvrQU6sRmeuL58hgPCmxxKThThk=
Subject key identifier:   54:11:38:F2:D2:88:08:A7:39:B8:F9:E0:FD:51:E9:EB:CD:FC:E4:DF
Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC
Certificate issuer:       /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
Certificate serial:       0199FF22A10082B4411860D1079F55170FDC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
Manifest number:          0EF9
Signing time:             Mon 20 Oct 2025 01:01:23 +0000
Manifest this update:     Mon 20 Oct 2025 01:01:23 +0000
Manifest next update:     Tue 21 Oct 2025 01:01:23 +0000
Files and hashes:         1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: R19wJkV8bzBs/IXtv1Eu0dr3dq73BXaQiJJMtX+PQmU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:22:a1:00:82:b4:41:18:60:d1:07:9f:55:17:0f:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc
        Validity
            Not Before: Oct 20 01:01:23 2025 GMT
            Not After : Oct 21 01:01:23 2025 GMT
        Subject: CN=541138f2d28808a739b8f9e0fd51e9ebcdfce4df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:bd:7b:bb:46:ef:92:2a:ca:3a:b8:b3:73:6e:
                    8d:23:33:ca:ed:6b:66:b3:28:d9:e2:71:2f:0d:c1:
                    be:21:76:8b:ff:af:79:64:58:cf:79:11:b6:0b:bd:
                    c7:2c:80:bd:1c:3a:d4:21:13:9c:5d:10:83:86:e5:
                    1a:11:83:44:2a:01:f1:58:ae:eb:da:0f:89:6e:4d:
                    f0:bb:76:2e:44:d4:86:6c:ea:44:8f:9c:8c:08:ea:
                    f1:ea:7d:ab:2a:d2:0e:82:46:c1:74:db:7b:c1:6e:
                    b7:f5:53:70:51:88:cc:b9:79:c3:4d:df:6c:6d:33:
                    37:7c:16:1a:4d:76:a0:f2:23:c5:bc:7f:ae:55:c9:
                    40:41:23:e6:8d:1c:48:1a:61:5e:19:4a:58:dd:7b:
                    75:47:c4:c4:87:2e:5a:11:08:dd:a9:f9:57:fd:14:
                    a9:ba:e2:82:8c:10:ea:3b:cc:4f:90:51:dd:d4:c1:
                    5f:48:9e:ae:d2:3c:dd:57:a0:3e:07:b1:93:5a:d2:
                    3a:68:29:72:4e:8d:cf:fa:78:1a:8a:b9:09:e4:25:
                    de:60:60:49:15:61:7f:bd:f0:a2:d7:53:f8:1c:ba:
                    6e:7b:d9:ae:fd:16:2a:01:ef:94:23:3e:41:12:e7:
                    fb:be:5e:85:1d:6e:ac:c1:78:9d:70:ae:c2:01:58:
                    31:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:11:38:F2:D2:88:08:A7:39:B8:F9:E0:FD:51:E9:EB:CD:FC:E4:DF
            X509v3 Authority Key Identifier:
                keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:c4:f5:4a:c7:cf:9f:e1:72:c4:5c:39:f0:37:41:b6:d4:8b:
         ef:60:b2:4f:e1:a6:4a:30:0b:5c:06:ed:f2:04:e5:de:c5:d6:
         ca:43:85:cc:03:2f:d7:58:b6:6b:c2:a6:d5:e5:f2:49:a5:e4:
         2c:fa:05:83:bb:c0:49:ba:a8:16:62:83:b6:ed:c9:00:59:15:
         26:75:38:fd:ae:75:85:0e:be:12:c7:6d:54:b2:40:11:53:b0:
         7b:c5:fe:c6:74:c1:5f:cd:7a:3a:12:aa:06:fe:24:1b:33:8b:
         3e:df:39:a5:90:10:66:ec:6b:50:ec:74:45:73:87:ae:e6:27:
         87:7d:41:57:6d:2a:c4:46:9b:b3:b8:e0:04:71:51:af:8c:b0:
         92:8c:f6:20:0e:4f:81:6d:04:8d:cd:44:5a:e9:ec:9e:75:57:
         fb:88:f4:e8:7c:ed:0e:f6:63:7d:9e:04:21:1c:89:53:8c:d2:
         90:2b:68:97:b9:6e:90:8f:bf:9d:5f:65:f5:c7:60:ef:70:03:
         2a:49:e9:e7:cd:25:17:86:bb:0b:b2:9b:41:75:e3:1a:e2:cd:
         77:57:df:a0:ac:d6:cd:55:f7:3e:21:62:7d:b9:4f:cc:f6:39:
         a0:6c:88:86:34:5c:92:16:fc:3b:97:90:10:39:62:8d:de:70:
         2f:14:58:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IqEAgrRBGGDRB59VFw/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4
NzYxZGMwHhcNMjUxMDIwMDEwMTIzWhcNMjUxMDIxMDEwMTIzWjAzMTEwLwYDVQQD
Eyg1NDExMzhmMmQyODgwOGE3MzliOGY5ZTBmZDUxZTllYmNkZmNlNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL17u0bvkirKOrizc26NIzPK7Wtm
syjZ4nEvDcG+IXaL/695ZFjPeRG2C73HLIC9HDrUIROcXRCDhuUaEYNEKgHxWK7r
2g+Jbk3wu3YuRNSGbOpEj5yMCOrx6n2rKtIOgkbBdNt7wW639VNwUYjMuXnDTd9s
bTM3fBYaTXag8iPFvH+uVclAQSPmjRxIGmFeGUpY3Xt1R8TEhy5aEQjdqflX/RSp
uuKCjBDqO8xPkFHd1MFfSJ6u0jzdV6A+B7GTWtI6aClyTo3P+ngairkJ5CXeYGBJ
FWF/vfCi11P4HLpue9mu/RYqAe+UIz5BEuf7vl6FHW6swXidcK7CAVgxAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQROPLSiAinObj54P1R6evN/OTfMB8GA1UdIwQY
MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt
MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw
LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg8T1SsfP
n+FyxFw58DdBttSL72CyT+GmSjALXAbt8gTl3sXWykOFzAMv11i2a8Km1eXySaXk
LPoFg7vASbqoFmKDtu3JAFkVJnU4/a51hQ6+EsdtVLJAEVOwe8X+xnTBX816OhKq
Bv4kGzOLPt85pZAQZuxrUOx0RXOHruYnh31BV20qxEabs7jgBHFRr4ywkoz2IA5P
gW0Ejc1EWunsnnVX+4j06HztDvZjfZ4EIRyJU4zSkCtol7lukI+/nV9l9cdg73AD
Kknp580lF4a7C7KbQXXjGuLNd1ffoKzWzVX3PiFifblPzPY5oGyIhjRckhb8O5eQ
EDlijd5wLxRY5g==
-----END CERTIFICATE-----