Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
File:                     KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json)
Hash identifier:          txi1HIMjA/vqwzGR8L5UkFR+F/3Mj8z/cH4RRF8hKx4=
Subject key identifier:   4D:78:D7:25:81:5A:B0:4F:65:BB:87:FE:30:7F:7E:CF:91:99:FB:D4
Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61
Certificate issuer:       /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
Certificate serial:       0199FCC6D99A8A6EF606556EB587389D2E52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
Manifest number:          01B7
Signing time:             Sun 19 Oct 2025 14:01:54 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:54 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:54 +0000
Files and hashes:         1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: q9QR8c7HqErwVe4tt9d3LK7kGy91a/bfp2S3wzMmbGc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:d9:9a:8a:6e:f6:06:55:6e:b5:87:38:9d:2e:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061
        Validity
            Not Before: Oct 19 14:01:54 2025 GMT
            Not After : Oct 20 14:01:54 2025 GMT
        Subject: CN=4d78d725815ab04f65bb87fe307f7ecf9199fbd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f6:65:34:34:92:52:f4:df:26:1b:20:a8:a2:
                    c6:57:d9:17:6c:1a:5d:33:18:af:82:84:e2:f9:ab:
                    52:42:54:9e:40:98:ca:2e:d4:14:e2:9f:a7:7d:17:
                    66:3f:7d:d1:e2:13:14:86:e8:de:3d:b7:db:57:97:
                    18:86:5e:26:27:0d:28:39:3c:d8:36:e0:b1:24:b7:
                    9a:bd:76:1d:41:3f:25:e5:67:61:5e:2a:89:b5:7c:
                    f7:60:97:91:2a:08:7d:31:85:b9:e7:2a:f6:d3:32:
                    70:ea:c0:cd:b9:c9:ea:c8:3b:00:40:be:63:ef:34:
                    5d:0f:8d:34:29:80:42:f3:1b:bf:20:8b:66:8e:3d:
                    24:8b:c6:79:8b:16:05:71:83:65:29:f8:f8:af:99:
                    57:b9:be:eb:b3:4e:b7:63:6e:55:7f:b7:cf:68:5b:
                    b9:d6:10:12:a6:3e:f7:34:34:7c:0f:97:12:74:3f:
                    e0:ab:2e:10:c1:a0:09:a7:97:af:1f:79:5a:d5:ee:
                    2a:73:71:33:dc:a1:75:b7:20:c0:94:37:8e:08:5c:
                    46:2f:7c:96:58:57:e1:24:b9:10:1c:60:2f:30:5a:
                    51:a5:00:65:66:03:2c:53:bc:b3:07:b8:ad:82:60:
                    70:ac:d0:53:bb:d0:59:9e:98:ee:6e:a1:0c:d0:5c:
                    5c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:78:D7:25:81:5A:B0:4F:65:BB:87:FE:30:7F:7E:CF:91:99:FB:D4
            X509v3 Authority Key Identifier:
                keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:b9:41:74:5a:60:df:d4:89:64:31:e9:f8:7f:35:fe:ff:3a:
         1a:06:f8:21:c7:55:4a:f1:d4:34:35:2b:1c:d2:86:54:11:cf:
         34:2d:a2:78:26:e4:5a:d8:94:99:48:3d:b1:18:df:7d:cf:c4:
         42:30:a0:45:bf:99:c2:ad:4e:cb:15:19:9b:b3:89:09:a0:d2:
         48:c1:7a:41:42:55:6a:a3:49:98:e9:42:5f:e1:b0:60:c8:4b:
         96:ee:0a:a9:40:66:a5:f7:f1:6c:56:91:d3:8c:32:8c:79:67:
         f0:39:c8:c6:75:87:14:12:9c:ff:d9:01:f0:cc:90:63:86:92:
         c1:8d:f3:43:8c:5a:d8:80:27:89:07:f2:e8:96:93:3f:d3:8f:
         05:55:c5:42:d1:db:12:5c:1b:80:8d:21:bd:19:af:11:34:94:
         c0:d8:c6:3d:99:f1:cc:c3:34:4a:e4:19:7f:d9:e1:c8:63:ed:
         d8:ea:de:87:53:ad:92:75:89:48:95:8f:eb:3f:8a:39:0e:9b:
         53:51:8f:a2:f7:95:25:6a:da:09:08:e0:59:13:42:24:c8:1c:
         b9:fb:b8:6b:29:1e:d1:d6:76:b8:d2:fe:bd:75:b1:16:a7:71:
         41:3f:f2:4e:12:c0:2b:61:f0:1f:ed:bb:29:39:42:6e:7a:2c:
         b3:dc:25:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xtmaim72BlVutYc4nS5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl
NGMwNjEwHhcNMjUxMDE5MTQwMTU0WhcNMjUxMDIwMTQwMTU0WjAzMTEwLwYDVQQD
Eyg0ZDc4ZDcyNTgxNWFiMDRmNjViYjg3ZmUzMDdmN2VjZjkxOTlmYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfZlNDSSUvTfJhsgqKLGV9kXbBpd
MxivgoTi+atSQlSeQJjKLtQU4p+nfRdmP33R4hMUhujePbfbV5cYhl4mJw0oOTzY
NuCxJLeavXYdQT8l5WdhXiqJtXz3YJeRKgh9MYW55yr20zJw6sDNucnqyDsAQL5j
7zRdD400KYBC8xu/IItmjj0ki8Z5ixYFcYNlKfj4r5lXub7rs063Y25Vf7fPaFu5
1hASpj73NDR8D5cSdD/gqy4QwaAJp5evH3la1e4qc3Ez3KF1tyDAlDeOCFxGL3yW
WFfhJLkQHGAvMFpRpQBlZgMsU7yzB7itgmBwrNBTu9BZnpjubqEM0FxcbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE141yWBWrBPZbuH/jB/fs+RmfvUMB8GA1UdIwQY
MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt
NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2
LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJrlBdFpg
39SJZDHp+H81/v86Ggb4IcdVSvHUNDUrHNKGVBHPNC2ieCbkWtiUmUg9sRjffc/E
QjCgRb+Zwq1OyxUZm7OJCaDSSMF6QUJVaqNJmOlCX+GwYMhLlu4KqUBmpffxbFaR
04wyjHln8DnIxnWHFBKc/9kB8MyQY4aSwY3zQ4xa2IAniQfy6JaTP9OPBVXFQtHb
ElwbgI0hvRmvETSUwNjGPZnxzMM0SuQZf9nhyGPt2Oreh1OtknWJSJWP6z+KOQ6b
U1GPoveVJWraCQjgWRNCJMgcufu4ayke0dZ2uNL+vXWxFqdxQT/yThLAK2HwH+27
KTlCbnoss9wllg==
-----END CERTIFICATE-----