Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
File:                     KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft (raw, json)
Hash identifier:          1udJKG4DCUTDehixazCew1MA4zzTMNfHCNoI4mN5wSY=
Subject key identifier:   5A:61:14:6E:A8:69:2D:E2:74:DB:DF:AC:0E:E5:80:37:42:0B:49:FC
Authority key identifier: 29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9
Certificate issuer:       /CN=29f4340df71760574808300cb14fc1760faeccf9
Certificate serial:       0199FDD9226017A0BBECD89FEC6F10F7194E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
Manifest number:          0197
Signing time:             Sun 19 Oct 2025 19:01:29 +0000
Manifest this update:     Sun 19 Oct 2025 19:01:29 +0000
Manifest next update:     Mon 20 Oct 2025 19:01:29 +0000
Files and hashes:         1: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl (hash: XLK7RvTCxdoQkLyJY1oDp3yHM3l5v818nOGZrOoN+EM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:22:60:17:a0:bb:ec:d8:9f:ec:6f:10:f7:19:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29f4340df71760574808300cb14fc1760faeccf9
        Validity
            Not Before: Oct 19 19:01:29 2025 GMT
            Not After : Oct 20 19:01:29 2025 GMT
        Subject: CN=5a61146ea8692de274dbdfac0ee58037420b49fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:10:54:16:f8:42:cf:82:7b:94:20:b1:58:26:
                    b7:64:b3:35:ba:b0:ad:68:81:07:68:31:1c:cb:c3:
                    76:4d:af:74:07:56:89:dd:02:bb:ad:54:6a:de:4b:
                    b0:3f:4d:e8:56:23:48:46:3c:25:01:71:c7:3b:c8:
                    6b:bd:5b:48:cb:1d:6b:4e:42:36:c0:e3:7b:70:f8:
                    f8:c4:b8:8a:66:99:ce:a2:ff:2e:07:90:fb:8a:3b:
                    54:ec:d1:17:8c:33:c6:fc:64:bf:bd:42:11:57:30:
                    e4:a6:7f:b5:ba:56:0b:62:37:b0:f2:26:34:51:2f:
                    45:1f:e7:a7:c9:9d:59:ba:2f:3a:29:f4:24:9b:68:
                    c9:0d:fd:09:64:28:8b:1e:8f:4b:44:d6:a4:86:48:
                    f5:dc:a2:f0:d3:2b:1f:c0:fc:b4:9d:d7:1e:4f:b0:
                    3b:02:a2:01:60:b1:ed:4d:8d:a5:4f:5e:4c:46:09:
                    50:cb:5d:d0:d8:83:51:12:6f:99:26:d9:33:2a:43:
                    f4:5d:bc:f6:05:d4:70:4d:d9:df:d5:d1:89:65:50:
                    4e:d7:c6:47:80:5f:d9:4f:76:39:f8:68:9d:a9:1e:
                    b6:0f:ae:04:a9:f7:2b:26:26:20:1d:17:c1:87:2a:
                    3a:32:07:0b:6c:05:fc:7f:6e:b6:dc:e5:c2:45:bd:
                    df:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:61:14:6E:A8:69:2D:E2:74:DB:DF:AC:0E:E5:80:37:42:0B:49:FC
            X509v3 Authority Key Identifier:
                keyid:29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:0c:1a:99:4d:2a:b9:37:7e:71:0b:c8:77:b9:31:98:8f:4d:
         28:7e:3a:67:1f:7e:8a:05:57:dc:d9:34:d6:65:15:19:69:bb:
         20:9d:e4:5f:fb:47:7b:db:8f:a4:8f:83:f8:c0:4b:5e:f4:b8:
         56:34:91:18:90:4d:a7:3f:a1:21:cf:4a:65:f4:62:93:28:69:
         b1:a5:28:47:51:86:89:cb:32:68:8e:a7:11:c2:ea:09:82:34:
         db:d5:b6:75:d4:e7:3b:43:98:71:37:f6:92:96:b9:74:ea:07:
         4d:49:32:68:e2:15:8e:72:a8:52:88:49:d5:7b:c4:34:4c:fb:
         98:d7:21:87:a8:2a:92:a7:4d:dc:59:05:25:48:50:e0:fe:d2:
         8f:75:7b:b6:d4:7a:99:f2:29:af:64:f4:85:7c:88:78:4b:51:
         f4:4c:8a:31:42:69:7f:db:fe:dc:01:20:d2:ca:67:ee:17:93:
         2f:73:05:cc:a2:d7:d8:d4:a6:ed:b8:8e:44:36:85:18:3a:a7:
         b5:7b:2e:0e:8d:97:f2:01:7c:63:f2:1a:64:bb:fb:30:e1:e7:
         1d:06:3d:be:ea:89:83:0a:b5:54:91:31:08:89:db:61:0b:89:
         67:13:d7:e2:3f:42:a3:f0:51:3f:24:db:76:a3:6b:1d:79:2b:
         1b:b5:7b:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92SJgF6C77Nif7G8Q9xlOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjQzNDBkZjcxNzYwNTc0ODA4MzAwY2IxNGZjMTc2MGZh
ZWNjZjkwHhcNMjUxMDE5MTkwMTI5WhcNMjUxMDIwMTkwMTI5WjAzMTEwLwYDVQQD
Eyg1YTYxMTQ2ZWE4NjkyZGUyNzRkYmRmYWMwZWU1ODAzNzQyMGI0OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxBUFvhCz4J7lCCxWCa3ZLM1urCt
aIEHaDEcy8N2Ta90B1aJ3QK7rVRq3kuwP03oViNIRjwlAXHHO8hrvVtIyx1rTkI2
wON7cPj4xLiKZpnOov8uB5D7ijtU7NEXjDPG/GS/vUIRVzDkpn+1ulYLYjew8iY0
US9FH+enyZ1Zui86KfQkm2jJDf0JZCiLHo9LRNakhkj13KLw0ysfwPy0ndceT7A7
AqIBYLHtTY2lT15MRglQy13Q2INREm+ZJtkzKkP0Xbz2BdRwTdnf1dGJZVBO18ZH
gF/ZT3Y5+GidqR62D64EqfcrJiYgHRfBhyo6MgcLbAX8f2623OXCRb3fHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFphFG6oaS3idNvfrA7lgDdCC0n8MB8GA1UdIwQY
MBaAFCn0NA33F2BXSAgwDLFPwXYPrsz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEt
Nzk1YzNhNjEyZThiLzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEtNzk1YzNhNjEyZThi
LzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMAwamU0q
uTd+cQvId7kxmI9NKH46Zx9+igVX3Nk01mUVGWm7IJ3kX/tHe9uPpI+D+MBLXvS4
VjSRGJBNpz+hIc9KZfRikyhpsaUoR1GGicsyaI6nEcLqCYI029W2ddTnO0OYcTf2
kpa5dOoHTUkyaOIVjnKoUohJ1XvENEz7mNchh6gqkqdN3FkFJUhQ4P7Sj3V7ttR6
mfIpr2T0hXyIeEtR9EyKMUJpf9v+3AEg0spn7heTL3MFzKLX2NSm7biORDaFGDqn
tXsuDo2X8gF8Y/IaZLv7MOHnHQY9vuqJgwq1VJExCInbYQuJZxPX4j9Co/BRPyTb
dqNrHXkrG7V7Ew==
-----END CERTIFICATE-----