Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
File:                     kbDB4HajRpZoEluN05XzBN-i55Q.mft (raw, json)
Hash identifier:          yIaWkZuw4FO+vQUw2hLthWdN2pJw9huytS9VleSRWhc=
Subject key identifier:   8F:59:E9:CA:55:F4:50:2D:81:2B:BF:53:87:2A:77:EE:70:C0:62:89
Authority key identifier: 91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94
Certificate issuer:       /CN=91b0c1e076a3469668125b8dd395f304dfa2e794
Certificate serial:       0199FFC803D505909240F51AF43A2F670651
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
Manifest number:          E0
Signing time:             Mon 20 Oct 2025 04:02:02 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:02 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:02 +0000
Files and hashes:         1: kbDB4HajRpZoEluN05XzBN-i55Q.crl (hash: prcQQOsW4ee16WRNNKw0PB3qmA4tUzp6JJITHIVF66k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:03:d5:05:90:92:40:f5:1a:f4:3a:2f:67:06:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91b0c1e076a3469668125b8dd395f304dfa2e794
        Validity
            Not Before: Oct 20 04:02:02 2025 GMT
            Not After : Oct 21 04:02:02 2025 GMT
        Subject: CN=8f59e9ca55f4502d812bbf53872a77ee70c06289
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:cf:e2:9f:bd:78:d1:e7:6b:76:9e:96:fe:8e:
                    11:e8:d7:74:b5:5a:a0:bc:e6:22:7a:54:0e:22:6d:
                    5c:2d:74:6d:c7:83:88:0f:71:21:6d:70:5f:01:90:
                    ae:b5:8d:3a:f9:a5:9a:86:93:39:7b:de:4d:73:57:
                    65:13:dc:d6:1e:7f:7c:49:ea:7d:27:f2:b4:45:f8:
                    e1:61:18:d1:83:1e:26:5b:8e:76:88:db:2d:54:8f:
                    dd:4c:1d:2a:35:73:16:76:ca:26:9d:b5:ca:ca:56:
                    33:b2:87:0a:c5:ba:24:d9:16:57:ed:7c:f2:cb:24:
                    6b:8e:41:6e:93:e3:5c:73:1f:14:ad:c6:66:bc:bd:
                    a8:0b:0e:3c:7e:69:46:b6:ce:0d:25:c7:ac:e6:13:
                    f2:52:84:db:d0:b5:a4:1c:49:12:42:c5:ae:82:ad:
                    22:73:37:90:01:24:0f:23:0d:d7:27:81:fb:fc:cb:
                    30:4d:8e:c6:14:d5:fd:fb:25:55:78:e7:c3:13:7e:
                    55:d2:4d:dc:36:ac:1a:3e:26:03:32:60:ab:51:0e:
                    f9:cc:a7:27:dd:c3:0b:b4:03:ea:67:6d:ef:15:15:
                    f6:f5:65:a5:a2:a8:2c:6b:f7:88:37:9c:90:a2:78:
                    d5:10:f4:67:1d:02:47:ff:26:79:eb:f5:f4:55:47:
                    5d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:59:E9:CA:55:F4:50:2D:81:2B:BF:53:87:2A:77:EE:70:C0:62:89
            X509v3 Authority Key Identifier:
                keyid:91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:af:7a:1a:df:b1:a1:22:1a:25:0b:16:9b:94:d9:01:26:f4:
         92:c9:6c:16:c9:6e:21:3d:df:74:ad:b1:f6:80:9c:55:5b:d5:
         1f:09:b1:5b:c4:24:a0:7e:57:f0:46:b1:58:48:21:24:33:2a:
         36:4a:6f:5f:63:77:94:ed:4a:d2:be:34:bc:d8:6e:97:72:b8:
         54:4a:b3:e7:15:5d:18:bf:da:c8:29:4d:59:9a:9d:90:29:9c:
         7b:a4:9a:98:80:08:dc:29:7f:cc:e6:53:2e:7e:ce:09:36:d0:
         19:84:d7:f7:67:71:26:62:b9:6c:b6:82:02:64:ed:f6:b3:34:
         92:58:74:bf:11:92:59:01:85:6b:fa:72:a4:b2:25:3b:73:90:
         20:0f:ff:ad:5c:e4:66:ac:89:f2:29:a0:ee:78:14:fc:dc:97:
         82:3f:bb:b4:08:6c:85:f2:d4:e2:a5:6a:13:76:49:b1:8d:1f:
         45:ef:58:09:31:a4:b6:07:a4:e4:8d:4f:32:fe:4b:9d:d2:17:
         9c:ae:00:5a:50:d4:db:8a:b2:4d:55:de:84:60:6b:c2:fc:5c:
         d5:10:8f:ac:6b:99:4c:f7:9e:e4:1b:e9:ca:f2:86:0f:67:73:
         1d:4f:0d:ef:d1:69:7c:03:57:b0:73:0a:72:6f:62:39:72:1c:
         50:b8:17:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yAPVBZCSQPUa9DovZwZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYjBjMWUwNzZhMzQ2OTY2ODEyNWI4ZGQzOTVmMzA0ZGZh
MmU3OTQwHhcNMjUxMDIwMDQwMjAyWhcNMjUxMDIxMDQwMjAyWjAzMTEwLwYDVQQD
Eyg4ZjU5ZTljYTU1ZjQ1MDJkODEyYmJmNTM4NzJhNzdlZTcwYzA2Mjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc/in7140edrdp6W/o4R6Nd0tVqg
vOYielQOIm1cLXRtx4OID3EhbXBfAZCutY06+aWahpM5e95Nc1dlE9zWHn98Sep9
J/K0RfjhYRjRgx4mW452iNstVI/dTB0qNXMWdsomnbXKylYzsocKxbok2RZX7Xzy
yyRrjkFuk+Nccx8UrcZmvL2oCw48fmlGts4NJces5hPyUoTb0LWkHEkSQsWugq0i
czeQASQPIw3XJ4H7/MswTY7GFNX9+yVVeOfDE35V0k3cNqwaPiYDMmCrUQ75zKcn
3cMLtAPqZ23vFRX29WWloqgsa/eIN5yQonjVEPRnHQJH/yZ56/X0VUddNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9Z6cpV9FAtgSu/U4cqd+5wwGKJMB8GA1UdIwQY
MBaAFJGwweB2o0aWaBJbjdOV8wTfoueUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUt
ZWQ4MjM3OWNmYTMyLzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUtZWQ4MjM3OWNmYTMy
LzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiq96Gt+x
oSIaJQsWm5TZASb0kslsFsluIT3fdK2x9oCcVVvVHwmxW8QkoH5X8EaxWEghJDMq
NkpvX2N3lO1K0r40vNhul3K4VEqz5xVdGL/ayClNWZqdkCmce6SamIAI3Cl/zOZT
Ln7OCTbQGYTX92dxJmK5bLaCAmTt9rM0klh0vxGSWQGFa/pypLIlO3OQIA//rVzk
ZqyJ8img7ngU/NyXgj+7tAhshfLU4qVqE3ZJsY0fRe9YCTGktgek5I1PMv5LndIX
nK4AWlDU24qyTVXehGBrwvxc1RCPrGuZTPee5BvpyvKGD2dzHU8N79FpfANXsHMK
cm9iOXIcULgXFg==
-----END CERTIFICATE-----