Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
File:                     KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft (raw, json)
Hash identifier:          K97LOryr6uiW3Ij18p0GbEL6uMxE2SdDYhWF4nVB+5c=
Subject key identifier:   A7:F4:AE:D0:67:84:5E:97:9D:0F:F1:CA:3E:38:F4:74:61:8D:48:6C
Authority key identifier: 28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6
Certificate issuer:       /CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
Certificate serial:       0199FB7CF6A4A6B233FC9D76C23F540BDCC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
Manifest number:          0A74
Signing time:             Sun 19 Oct 2025 08:01:34 +0000
Manifest this update:     Sun 19 Oct 2025 08:01:34 +0000
Manifest next update:     Mon 20 Oct 2025 08:01:34 +0000
Files and hashes:         1: KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl (hash: zu43jCxGFQ1DFgtmmObA9fmfnWKw3oTrGiMLRR3wZB4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:7c:f6:a4:a6:b2:33:fc:9d:76:c2:3f:54:0b:dc:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6
        Validity
            Not Before: Oct 19 08:01:34 2025 GMT
            Not After : Oct 20 08:01:34 2025 GMT
        Subject: CN=a7f4aed067845e979d0ff1ca3e38f474618d486c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:29:0a:6e:9b:c5:02:7b:62:23:8b:bb:25:36:
                    eb:3c:5b:40:c0:1c:1a:b8:8d:29:ae:b9:8d:2d:45:
                    f0:be:75:78:7a:e0:7b:de:33:ad:d3:be:25:be:4d:
                    93:8f:e0:62:e3:74:ba:0e:62:5c:99:b3:fb:36:46:
                    2d:75:05:0c:80:3d:fa:fc:28:c8:60:55:6e:a3:04:
                    14:74:3a:4f:b7:b1:5b:28:9c:85:36:cd:a3:2f:c6:
                    33:82:3d:08:0b:d1:9e:b6:32:f5:15:2c:11:9c:ab:
                    5c:69:62:8e:bc:8f:24:08:f7:d8:9c:ca:d3:17:c7:
                    bf:96:54:12:6e:26:93:83:fc:04:ee:7e:a1:eb:ab:
                    bb:c6:89:04:e9:2d:32:60:f2:9a:eb:38:11:92:31:
                    a2:64:33:ec:ff:ac:ac:99:bd:2d:4f:d3:32:80:4a:
                    21:0e:b5:fb:6d:36:c8:e7:e5:11:5f:45:a1:63:e3:
                    c6:ec:06:93:ef:75:54:29:41:b6:d5:28:3a:76:7a:
                    ee:85:f4:4e:63:92:3a:de:ef:bb:d1:2e:ee:2c:a5:
                    16:22:da:3f:32:53:85:78:c1:3c:80:fc:3d:12:e3:
                    91:b7:ca:e9:2b:00:a1:c5:47:53:bd:dd:91:5d:f6:
                    3c:16:b3:d3:82:70:1f:87:d9:1b:c8:c6:ca:b4:bf:
                    eb:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:F4:AE:D0:67:84:5E:97:9D:0F:F1:CA:3E:38:F4:74:61:8D:48:6C
            X509v3 Authority Key Identifier:
                keyid:28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:e4:5f:b0:0e:16:c7:33:06:69:95:1f:b7:fe:38:b6:ce:a0:
         74:bf:6d:23:3e:3a:0a:d3:bf:f8:b4:4a:19:d8:b6:4c:15:f5:
         60:03:63:e7:28:fd:87:92:b1:84:fb:9c:e8:62:83:3f:84:53:
         32:b1:97:ad:c9:25:1d:53:ac:81:a4:07:8c:3c:47:26:46:0b:
         40:6d:ce:40:db:d0:da:91:af:61:3a:e9:98:da:e8:84:a8:03:
         b8:ae:c4:52:08:87:05:2f:b0:9b:5f:f5:b3:f7:90:6f:81:a0:
         fe:53:9b:d9:5a:e8:83:ed:77:be:05:5d:c4:2d:02:79:65:07:
         74:cc:16:1a:e0:9e:51:ec:82:d4:d2:b4:bb:14:ac:66:40:4f:
         98:96:55:4e:97:49:4c:4c:1f:bc:9d:32:94:b2:7f:0d:cc:fd:
         57:00:37:d9:2e:6f:e1:1e:67:04:44:27:71:f4:59:00:af:a6:
         ca:ea:d7:0f:c4:24:06:d9:69:9f:96:39:dd:30:42:23:77:4f:
         f4:d7:a6:df:d6:e9:96:04:db:ca:9e:43:71:7f:52:a0:4d:9c:
         ef:96:b0:f4:3f:08:78:5a:72:96:be:11:f6:4c:0e:b8:02:93:
         e9:22:2e:62:bf:8a:4c:e5:48:83:24:43:04:6d:d0:ae:d3:b0:
         a2:f1:22:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fPakprIz/J12wj9UC9zAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MWE3ZjA3YmU1YzMxMzhjYjQzYzJjMThiMjlhYTU0Njg1
NDRiYTYwHhcNMjUxMDE5MDgwMTM0WhcNMjUxMDIwMDgwMTM0WjAzMTEwLwYDVQQD
EyhhN2Y0YWVkMDY3ODQ1ZTk3OWQwZmYxY2EzZTM4ZjQ3NDYxOGQ0ODZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwikKbpvFAntiI4u7JTbrPFtAwBwa
uI0prrmNLUXwvnV4euB73jOt074lvk2Tj+Bi43S6DmJcmbP7NkYtdQUMgD36/CjI
YFVuowQUdDpPt7FbKJyFNs2jL8Yzgj0IC9GetjL1FSwRnKtcaWKOvI8kCPfYnMrT
F8e/llQSbiaTg/wE7n6h66u7xokE6S0yYPKa6zgRkjGiZDPs/6ysmb0tT9MygEoh
DrX7bTbI5+URX0WhY+PG7AaT73VUKUG21Sg6dnruhfROY5I63u+70S7uLKUWIto/
MlOFeME8gPw9EuORt8rpKwChxUdTvd2RXfY8FrPTgnAfh9kbyMbKtL/rdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKf0rtBnhF6XnQ/xyj449HRhjUhsMB8GA1UdIwQY
MBaAFCgafwe+XDE4y0PCwYspqlRoVEumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQt
NTJjY2Y2NWJkNjdiLzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQtNTJjY2Y2NWJkNjdi
LzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZORfsA4W
xzMGaZUft/44ts6gdL9tIz46CtO/+LRKGdi2TBX1YANj5yj9h5KxhPuc6GKDP4RT
MrGXrcklHVOsgaQHjDxHJkYLQG3OQNvQ2pGvYTrpmNrohKgDuK7EUgiHBS+wm1/1
s/eQb4Gg/lOb2Vrog+13vgVdxC0CeWUHdMwWGuCeUeyC1NK0uxSsZkBPmJZVTpdJ
TEwfvJ0ylLJ/Dcz9VwA32S5v4R5nBEQncfRZAK+myurXD8QkBtlpn5Y53TBCI3dP
9Nem39bplgTbyp5DcX9SoE2c75aw9D8IeFpylr4R9kwOuAKT6SIuYr+KTOVIgyRD
BG3QrtOwovEiFg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:12:53 2025 by rpki-client