Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
File:                     kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json)
Hash identifier:          WnZv6QSU+vlev0Od8B1xtVLfdx/qF8C1TkGCFNnM/U8=
Subject key identifier:   53:DE:54:C9:7B:A8:0E:A2:E7:B6:B9:BA:30:82:58:36:15:FE:37:BC
Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD
Certificate issuer:       /CN=917830d941ee090a8e32348f97b8308fd1ce09fd
Certificate serial:       019A02228BD0CE3D66344EA74C444D6B9FD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
Manifest number:          0D61
Signing time:             Mon 20 Oct 2025 15:00:09 +0000
Manifest this update:     Mon 20 Oct 2025 15:00:09 +0000
Manifest next update:     Tue 21 Oct 2025 15:00:09 +0000
Files and hashes:         1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: bv1LQGF+jQLk++KIqOtbH2U/XREtaBZ1AqEAvw7bX70=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:02:22:8b:d0:ce:3d:66:34:4e:a7:4c:44:4d:6b:9f:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd
        Validity
            Not Before: Oct 20 15:00:09 2025 GMT
            Not After : Oct 21 15:00:09 2025 GMT
        Subject: CN=53de54c97ba80ea2e7b6b9ba3082583615fe37bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:8d:08:42:f2:0d:39:ff:ed:97:08:5e:f9:96:
                    6a:4c:96:6d:58:7f:92:bf:e3:06:67:87:86:12:8b:
                    04:18:47:48:2f:3e:b2:cf:82:2b:0b:db:da:f9:f7:
                    19:f2:dc:f0:00:d9:d2:0f:f5:19:66:5d:73:f0:51:
                    12:1a:eb:4b:b7:41:d0:44:73:70:a7:4e:d8:53:2a:
                    6b:e2:fd:40:e2:c2:67:7d:cf:72:ad:9e:f7:37:4d:
                    01:74:81:47:57:e0:a2:ed:49:d6:86:bd:46:b6:e5:
                    e1:4f:2e:86:42:ac:d1:22:e9:92:a5:e4:17:b0:09:
                    fb:68:a0:8f:af:4b:c4:30:af:cc:03:cd:85:09:1e:
                    e9:a8:ab:f2:5b:ad:b8:c3:13:41:11:03:e2:fd:ed:
                    86:2f:05:55:a8:c1:4e:0b:09:30:27:07:3d:ef:3a:
                    93:a1:21:02:82:09:27:48:61:c7:de:73:a0:df:03:
                    ee:42:00:ce:f7:b2:af:6e:9c:8e:28:59:51:7d:b7:
                    37:04:22:e4:a7:06:dc:a9:00:9d:c1:1a:04:5b:e5:
                    ba:84:e0:c6:a4:a1:91:46:27:87:d6:73:ae:42:ed:
                    cd:a9:bb:4c:09:59:40:31:6b:50:ca:18:c5:af:76:
                    53:04:80:10:91:31:38:29:77:df:4d:5f:5d:a4:3d:
                    7c:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:DE:54:C9:7B:A8:0E:A2:E7:B6:B9:BA:30:82:58:36:15:FE:37:BC
            X509v3 Authority Key Identifier:
                keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:1a:8d:e2:26:23:be:30:18:90:5d:e4:5a:48:ba:2d:24:16:
         b5:bf:be:a8:71:ee:cc:45:2f:22:ac:60:cd:b9:5d:28:75:2d:
         e5:69:f2:1d:e3:b6:63:c8:75:4f:c5:9f:82:25:47:b1:e1:93:
         a6:4a:0a:19:cc:79:5f:1d:5d:db:f6:79:0c:7a:22:bc:43:30:
         47:93:07:dc:b6:b6:1d:62:94:4e:77:aa:55:a1:73:86:84:4b:
         6e:75:36:31:d6:3e:da:ae:af:6d:81:c9:ed:02:37:87:99:0a:
         51:b3:08:ce:47:3f:ca:e5:73:1b:4e:c5:8e:9a:fb:82:50:90:
         f1:3c:8c:cc:bb:7c:3e:9d:3e:f0:9f:c7:36:dd:b0:f2:1b:3e:
         b0:ed:88:91:5a:23:18:f8:0b:75:b4:24:67:fb:fb:1c:b7:96:
         45:61:2f:8a:67:04:c4:16:4d:8a:55:26:98:6c:5e:bb:5e:b5:
         a4:c3:50:51:95:d1:4d:61:a9:3a:6c:e4:e0:d3:01:37:fe:80:
         62:d1:4f:eb:e7:2e:bc:fe:2e:86:07:0a:d2:96:0b:90:6a:62:
         41:5a:ec:d3:27:4e:d0:16:a1:9b:7e:4a:c6:0b:57:45:76:c0:
         6e:3a:16:eb:85:8a:a7:e4:e1:5a:a3:da:a6:4a:98:be:37:bf:
         b3:e0:a2:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCIovQzj1mNE6nTERNa5/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj
ZTA5ZmQwHhcNMjUxMDIwMTUwMDA5WhcNMjUxMDIxMTUwMDA5WjAzMTEwLwYDVQQD
Eyg1M2RlNTRjOTdiYTgwZWEyZTdiNmI5YmEzMDgyNTgzNjE1ZmUzN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnI0IQvINOf/tlwhe+ZZqTJZtWH+S
v+MGZ4eGEosEGEdILz6yz4IrC9va+fcZ8tzwANnSD/UZZl1z8FESGutLt0HQRHNw
p07YUypr4v1A4sJnfc9yrZ73N00BdIFHV+Ci7UnWhr1GtuXhTy6GQqzRIumSpeQX
sAn7aKCPr0vEMK/MA82FCR7pqKvyW624wxNBEQPi/e2GLwVVqMFOCwkwJwc97zqT
oSECggknSGHH3nOg3wPuQgDO97KvbpyOKFlRfbc3BCLkpwbcqQCdwRoEW+W6hODG
pKGRRieH1nOuQu3NqbtMCVlAMWtQyhjFr3ZTBIAQkTE4KXffTV9dpD18VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPeVMl7qA6i57a5ujCCWDYV/je8MB8GA1UdIwQY
MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt
ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy
LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvBqN4iYj
vjAYkF3kWki6LSQWtb++qHHuzEUvIqxgzbldKHUt5WnyHeO2Y8h1T8WfgiVHseGT
pkoKGcx5Xx1d2/Z5DHoivEMwR5MH3La2HWKUTneqVaFzhoRLbnU2MdY+2q6vbYHJ
7QI3h5kKUbMIzkc/yuVzG07Fjpr7glCQ8TyMzLt8Pp0+8J/HNt2w8hs+sO2IkVoj
GPgLdbQkZ/v7HLeWRWEvimcExBZNilUmmGxeu161pMNQUZXRTWGpOmzk4NMBN/6A
YtFP6+cuvP4uhgcK0pYLkGpiQVrs0ydO0Bahm35KxgtXRXbAbjoW64WKp+ThWqPa
pkqYvje/s+CibA==
-----END CERTIFICATE-----