Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
File:                     KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json)
Hash identifier:          Sj8esJghfF3NO5QfXGZsZzUuhyJRmyn4lQeTa76Bb90=
Subject key identifier:   45:B9:86:2E:AA:7A:0B:2E:94:89:80:7B:D5:BF:48:A1:54:EF:03:2B
Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41
Certificate issuer:       /CN=287f7b268f36d9315895d3b208377310719a9d41
Certificate serial:       0199FCC60C6B198C61B09C73A59C8965FB47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
Manifest number:          0E3B
Signing time:             Sun 19 Oct 2025 14:01:01 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:01 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:01 +0000
Files and hashes:         1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: E7KKX55G8UKPpg/r2REI6g+74lhIhSAeTX3nN2VmJBM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:0c:6b:19:8c:61:b0:9c:73:a5:9c:89:65:fb:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41
        Validity
            Not Before: Oct 19 14:01:01 2025 GMT
            Not After : Oct 20 14:01:01 2025 GMT
        Subject: CN=45b9862eaa7a0b2e9489807bd5bf48a154ef032b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:49:ea:9c:b4:cf:9a:6f:fe:9b:79:48:a9:4c:
                    9f:d3:d5:b9:46:25:50:20:ab:18:eb:f0:9f:19:95:
                    57:11:a5:42:cf:6e:4e:73:b2:b0:f5:0c:b0:a6:5f:
                    b4:0d:a8:3f:e9:7b:c4:e2:c1:fd:6a:e8:e0:73:75:
                    21:da:4d:3a:0a:af:f9:ba:87:ff:0e:5e:71:d1:1d:
                    fe:cf:68:cd:ea:52:7c:6a:2a:16:52:35:0f:9b:c0:
                    51:86:e1:80:de:00:a3:b2:4f:0a:48:b4:82:df:6e:
                    e0:ae:c9:a5:82:f1:9e:76:6f:b1:de:87:a5:47:39:
                    96:4b:0d:f5:59:aa:3f:f6:43:40:ff:e7:9e:9f:b1:
                    22:22:eb:43:4c:83:b4:61:37:93:2b:c9:f3:5f:17:
                    37:19:93:43:b3:cd:ae:0f:a7:36:55:5b:b4:fb:54:
                    b0:d2:ae:60:f7:ac:2f:33:f4:38:72:43:c1:62:64:
                    13:de:ae:27:58:0e:ea:4a:b0:e7:95:97:a1:f0:1f:
                    a7:47:b8:ba:4c:9a:f6:6a:89:45:03:96:87:3b:23:
                    03:cb:06:19:62:01:09:a0:2c:4b:a6:09:5d:fa:5d:
                    6c:fe:47:94:7e:8b:ed:b3:cd:81:74:12:14:df:63:
                    02:ec:40:41:92:d2:0e:9f:ef:9f:b0:77:4f:22:1f:
                    18:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:B9:86:2E:AA:7A:0B:2E:94:89:80:7B:D5:BF:48:A1:54:EF:03:2B
            X509v3 Authority Key Identifier:
                keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:57:e7:f2:db:ca:99:e2:4c:c1:e9:4a:ce:d6:f3:71:32:eb:
         75:5f:01:b7:0d:c8:a1:bb:3d:a0:9d:85:2a:18:1a:2d:94:cb:
         40:d0:53:5a:ee:90:c4:1f:ae:0c:c5:0c:75:7e:48:0a:54:1f:
         74:25:41:6a:1c:21:3e:81:3a:63:05:3d:9b:47:1d:40:46:6b:
         bf:49:ad:1b:57:72:88:90:c7:69:c9:61:be:db:17:9e:98:90:
         9a:96:16:1b:5c:1a:86:b4:60:d1:77:24:03:7d:46:aa:28:78:
         6e:63:bb:5a:5f:e1:f2:7e:d0:51:5c:eb:38:66:9e:12:10:02:
         0f:2f:57:34:d8:08:d4:99:bb:6b:87:f5:45:7b:71:b5:0a:e7:
         7e:ed:92:8d:af:61:3c:9a:61:30:cc:d6:9c:e3:d6:ec:92:c7:
         0c:65:78:60:8e:9b:62:33:be:40:32:db:43:47:00:08:88:83:
         84:d4:cb:f7:d5:e9:0d:de:00:d5:ba:e1:86:f3:60:db:22:c2:
         a7:a8:d5:52:85:80:d8:0c:fb:88:95:00:55:95:4d:ac:96:87:
         7f:11:34:ba:2d:8a:e7:29:da:8f:5e:51:b6:5b:97:03:df:da:
         01:4c:d5:59:7f:7e:40:d5:4e:12:95:7c:61:e4:ec:b7:20:8a:
         ba:11:ab:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xgxrGYxhsJxzpZyJZftHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5
YTlkNDEwHhcNMjUxMDE5MTQwMTAxWhcNMjUxMDIwMTQwMTAxWjAzMTEwLwYDVQQD
Eyg0NWI5ODYyZWFhN2EwYjJlOTQ4OTgwN2JkNWJmNDhhMTU0ZWYwMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEnqnLTPmm/+m3lIqUyf09W5RiVQ
IKsY6/CfGZVXEaVCz25Oc7Kw9Qywpl+0Dag/6XvE4sH9aujgc3Uh2k06Cq/5uof/
Dl5x0R3+z2jN6lJ8aioWUjUPm8BRhuGA3gCjsk8KSLSC327grsmlgvGedm+x3oel
RzmWSw31Wao/9kNA/+een7EiIutDTIO0YTeTK8nzXxc3GZNDs82uD6c2VVu0+1Sw
0q5g96wvM/Q4ckPBYmQT3q4nWA7qSrDnlZeh8B+nR7i6TJr2aolFA5aHOyMDywYZ
YgEJoCxLpgld+l1s/keUfovts82BdBIU32MC7EBBktIOn++fsHdPIh8YIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEW5hi6qegsulImAe9W/SKFU7wMrMB8GA1UdIwQY
MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt
Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1
LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFVfn8tvK
meJMwelKztbzcTLrdV8Btw3Iobs9oJ2FKhgaLZTLQNBTWu6QxB+uDMUMdX5IClQf
dCVBahwhPoE6YwU9m0cdQEZrv0mtG1dyiJDHaclhvtsXnpiQmpYWG1wahrRg0Xck
A31Gqih4bmO7Wl/h8n7QUVzrOGaeEhACDy9XNNgI1Jm7a4f1RXtxtQrnfu2Sja9h
PJphMMzWnOPW7JLHDGV4YI6bYjO+QDLbQ0cACIiDhNTL99XpDd4A1brhhvNg2yLC
p6jVUoWA2Az7iJUAVZVNrJaHfxE0ui2K5ynaj15RtluXA9/aAUzVWX9+QNVOEpV8
YeTstyCKuhGrWg==
-----END CERTIFICATE-----