Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
File:                     KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft (raw, json)
Hash identifier:          glENi5FcEK7NIjhzbO/z/s8/SBF9PknLmG6+kYc49ys=
Subject key identifier:   4D:6D:01:0A:82:A9:A3:5B:7A:C6:DA:41:4C:EC:C2:FB:03:A4:17:C9
Authority key identifier: 29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9
Certificate issuer:       /CN=29f4340df71760574808300cb14fc1760faeccf9
Certificate serial:       0198D473554A528E1F8DA43095E42BE01FA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
Manifest number:          FD
Signing time:             Sat 23 Aug 2025 01:03:04 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:04 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:04 +0000
Files and hashes:         1: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl (hash: da6ktZ4wJJAwJCzIBphCvgnTId5kQJSu4pPhXhMV9ws=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:03:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:55:4a:52:8e:1f:8d:a4:30:95:e4:2b:e0:1f:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f4340df71760574808300cb14fc1760faeccf9
        Validity
            Not Before: Aug 23 01:03:04 2025 GMT
            Not After : Aug 24 01:03:04 2025 GMT
        Subject: CN=4d6d010a82a9a35b7ac6da414cecc2fb03a417c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:64:84:92:c9:19:bc:e1:4b:46:0e:75:f3:9b:
                    00:b0:97:2e:61:6c:df:65:46:2b:7f:ef:ec:df:f3:
                    0d:46:30:fe:e2:7c:98:de:51:bd:65:1b:88:9f:0b:
                    aa:de:6e:34:dd:a8:0c:4c:a7:47:d9:bf:fc:2d:87:
                    d1:1b:a5:83:25:77:b2:75:01:0f:05:ea:8c:7d:a3:
                    cb:c0:07:55:80:15:af:23:7a:28:8d:ec:45:96:9f:
                    81:26:ed:f2:15:62:15:6a:ac:1c:18:66:07:ab:b6:
                    8f:44:7c:39:39:f6:82:15:82:df:d7:1b:b0:27:14:
                    16:f1:8a:87:e8:61:e0:07:8d:f6:67:cb:fc:b3:03:
                    1d:c5:28:6e:9c:b6:80:38:25:08:94:4a:07:f7:03:
                    f8:2c:5f:0c:c8:fb:a0:69:68:36:b6:eb:98:05:0b:
                    5f:69:fe:83:3a:3d:9a:7d:aa:07:7b:43:c1:2f:bb:
                    45:0b:9b:e5:9f:e0:27:cf:1b:6c:b2:03:f4:1e:9b:
                    76:28:72:9f:74:d6:1f:3f:8c:4c:fe:1a:47:2d:74:
                    15:27:fc:28:2f:e4:8a:7f:1b:f5:73:31:d0:84:9b:
                    95:3b:94:30:a9:ef:3a:f1:13:4b:1b:ff:ef:4e:19:
                    ae:97:a1:53:5e:a1:fa:1a:89:55:e0:0b:55:1d:46:
                    23:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:6D:01:0A:82:A9:A3:5B:7A:C6:DA:41:4C:EC:C2:FB:03:A4:17:C9
            X509v3 Authority Key Identifier:
                keyid:29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:d5:23:8d:59:ac:14:ca:e8:a0:1d:0f:a1:dd:68:55:5b:13:
         1f:29:71:97:b1:a5:82:b2:dd:2d:1b:75:25:47:cf:a8:81:0f:
         cd:b1:9b:85:cf:8f:f9:63:5c:73:64:ca:d6:c7:5e:2f:36:f0:
         d0:30:96:8e:7b:98:a6:f0:34:db:10:ab:cf:11:37:03:03:aa:
         69:29:6d:ac:23:f1:e1:43:45:46:ee:8e:4b:81:78:b3:92:88:
         e6:5e:a2:7f:d0:9a:d3:6b:22:a2:9f:8c:38:7b:1d:19:fb:f9:
         2e:f9:ee:67:ff:38:81:ac:a0:02:8a:0c:04:da:94:19:31:d5:
         a7:55:e7:e4:04:b6:25:2f:5a:77:73:e9:fd:6e:7e:d8:a0:c6:
         f3:f5:08:d1:0f:16:30:0a:fa:25:45:f1:35:10:75:8d:b8:4a:
         2c:50:79:65:95:e8:20:19:d6:e0:38:28:70:63:53:ac:1e:ee:
         1f:8a:fd:60:80:a3:52:27:92:a0:dd:10:b3:17:90:f8:16:1e:
         aa:82:4a:84:71:b3:c5:7f:51:71:85:4d:a3:e3:c8:c6:71:e6:
         6f:67:df:85:c5:fa:db:29:54:bd:d1:9f:73:ba:81:91:4b:cc:
         9e:f8:2a:75:78:ae:7e:ef:25:1d:73:4c:67:bd:23:ed:94:8d:
         77:49:65:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc1VKUo4fjaQwleQr4B+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjQzNDBkZjcxNzYwNTc0ODA4MzAwY2IxNGZjMTc2MGZh
ZWNjZjkwHhcNMjUwODIzMDEwMzA0WhcNMjUwODI0MDEwMzA0WjAzMTEwLwYDVQQD
Eyg0ZDZkMDEwYTgyYTlhMzViN2FjNmRhNDE0Y2VjYzJmYjAzYTQxN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2SEkskZvOFLRg5185sAsJcuYWzf
ZUYrf+/s3/MNRjD+4nyY3lG9ZRuInwuq3m403agMTKdH2b/8LYfRG6WDJXeydQEP
BeqMfaPLwAdVgBWvI3oojexFlp+BJu3yFWIVaqwcGGYHq7aPRHw5OfaCFYLf1xuw
JxQW8YqH6GHgB432Z8v8swMdxShunLaAOCUIlEoH9wP4LF8MyPugaWg2tuuYBQtf
af6DOj2afaoHe0PBL7tFC5vln+AnzxtssgP0Hpt2KHKfdNYfP4xM/hpHLXQVJ/wo
L+SKfxv1czHQhJuVO5Qwqe868RNLG//vThmul6FTXqH6GolV4AtVHUYj9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE1tAQqCqaNbesbaQUzswvsDpBfJMB8GA1UdIwQY
MBaAFCn0NA33F2BXSAgwDLFPwXYPrsz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEt
Nzk1YzNhNjEyZThiLzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEtNzk1YzNhNjEyZThi
LzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAntUjjVms
FMrooB0Pod1oVVsTHylxl7GlgrLdLRt1JUfPqIEPzbGbhc+P+WNcc2TK1sdeLzbw
0DCWjnuYpvA02xCrzxE3AwOqaSltrCPx4UNFRu6OS4F4s5KI5l6if9Ca02siop+M
OHsdGfv5LvnuZ/84gaygAooMBNqUGTHVp1Xn5AS2JS9ad3Pp/W5+2KDG8/UI0Q8W
MAr6JUXxNRB1jbhKLFB5ZZXoIBnW4DgocGNTrB7uH4r9YICjUieSoN0QsxeQ+BYe
qoJKhHGzxX9RcYVNo+PIxnHmb2ffhcX62ylUvdGfc7qBkUvMnvgqdXiufu8lHXNM
Z70j7ZSNd0lltA==
-----END CERTIFICATE-----