Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
File:                     KhQFaUht0XjbWDoKHklt8iMYXTU.mft (raw, json)
Hash identifier:          vCDOXH6mn4XdR25KMLr2NVBDN7Hpqfh5obAcru9vsvA=
Subject key identifier:   5E:AC:CE:45:CC:94:05:00:99:C3:02:4C:08:01:A3:FF:C8:2B:E3:72
Authority key identifier: 2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35
Certificate issuer:       /CN=2a140569486dd178db583a0a1e496df223185d35
Certificate serial:       0199FC58822FBF57442BCA6DAE828C01B9E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
Manifest number:          0928
Signing time:             Sun 19 Oct 2025 12:01:22 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:22 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:22 +0000
Files and hashes:         1: KhQFaUht0XjbWDoKHklt8iMYXTU.crl (hash: kGo8XOWg6L5iqDJpOtNr0AL1ZLVVJ395njvMWzWkcQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:82:2f:bf:57:44:2b:ca:6d:ae:82:8c:01:b9:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a140569486dd178db583a0a1e496df223185d35
        Validity
            Not Before: Oct 19 12:01:22 2025 GMT
            Not After : Oct 20 12:01:22 2025 GMT
        Subject: CN=5eacce45cc94050099c3024c0801a3ffc82be372
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:bd:f3:8b:a6:39:66:69:18:8d:e7:9b:c7:7e:
                    f9:8b:2e:9e:50:df:5e:ea:01:de:97:94:95:b0:4c:
                    0b:ca:8b:73:72:c1:77:2a:fb:a1:bb:53:73:18:e4:
                    b6:e6:31:18:cd:a9:f4:64:03:f0:3d:53:6d:f9:79:
                    4a:bb:18:2f:3c:e5:72:bd:51:4c:04:2d:0a:2c:e2:
                    c1:48:32:2f:2a:94:8c:86:e2:67:20:4e:f7:22:56:
                    60:af:ef:fd:14:55:c8:66:a3:51:7e:cc:44:09:b9:
                    96:2d:c4:c9:1b:78:09:e7:40:9f:7b:47:00:4d:5b:
                    e4:57:71:3d:6d:3d:e1:1c:7c:da:55:ba:7a:15:99:
                    c1:bf:af:97:bf:17:30:0e:a2:50:5c:14:ec:da:92:
                    f5:67:f2:59:5e:d5:79:1b:e3:ef:fc:8e:9e:66:9a:
                    00:f3:50:55:4e:f4:68:38:f2:8a:1a:57:fe:e1:14:
                    ec:eb:0c:09:ab:88:4b:81:23:88:84:99:dc:68:9a:
                    45:b2:d2:91:1e:00:0f:8d:3c:47:d4:df:11:24:7f:
                    1e:d1:b7:78:a7:4c:b1:81:ce:f4:2b:58:4e:24:de:
                    64:97:ed:ad:24:26:ee:c1:62:60:99:a2:7c:ab:c0:
                    b3:2e:53:a9:a6:e1:12:65:5b:b7:52:8b:17:0d:1a:
                    db:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:AC:CE:45:CC:94:05:00:99:C3:02:4C:08:01:A3:FF:C8:2B:E3:72
            X509v3 Authority Key Identifier:
                keyid:2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:33:10:88:c5:82:9b:0f:8d:22:55:c9:5a:94:54:25:ba:53:
         9b:08:8c:16:10:f1:80:0c:b5:26:ca:de:96:c8:86:b6:1a:f9:
         7f:24:61:43:85:78:b0:c3:9d:e4:1e:01:f5:71:7f:77:05:df:
         01:1d:87:60:0a:27:d3:b6:6c:74:e2:62:38:98:49:a4:7a:32:
         f7:06:ee:1c:34:54:93:48:88:44:21:d0:e2:03:62:12:16:41:
         57:8c:84:37:ea:fc:66:02:04:9b:db:d4:9c:cc:3b:fc:4c:15:
         2a:81:3c:74:71:0e:2e:72:0a:cb:fd:cd:23:5b:5a:13:9b:31:
         44:45:a2:26:da:26:d1:2f:29:93:f1:0d:4f:fb:cd:6b:e2:d1:
         4b:85:22:f4:53:e9:a8:fb:e3:9e:8b:7a:df:73:d6:9d:7f:20:
         da:a0:b9:fd:e3:ce:44:12:ab:7c:e4:24:b7:93:ad:9d:26:a7:
         f6:b3:06:e2:5e:7f:00:1e:e5:4f:30:e3:93:78:23:a2:5d:de:
         db:88:d9:b7:eb:58:0f:cc:bd:01:89:3d:3d:d1:59:b3:d8:e6:
         70:c8:fb:0e:1f:82:18:ea:15:fb:50:74:bc:f5:4e:4e:ec:d0:
         61:28:30:69:32:c5:54:d1:31:80:ba:19:5f:ec:08:f9:ed:80:
         80:dd:60:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WIIvv1dEK8ptroKMAbnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTQwNTY5NDg2ZGQxNzhkYjU4M2EwYTFlNDk2ZGYyMjMx
ODVkMzUwHhcNMjUxMDE5MTIwMTIyWhcNMjUxMDIwMTIwMTIyWjAzMTEwLwYDVQQD
Eyg1ZWFjY2U0NWNjOTQwNTAwOTljMzAyNGMwODAxYTNmZmM4MmJlMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5b3zi6Y5ZmkYjeebx375iy6eUN9e
6gHel5SVsEwLyotzcsF3Kvuhu1NzGOS25jEYzan0ZAPwPVNt+XlKuxgvPOVyvVFM
BC0KLOLBSDIvKpSMhuJnIE73IlZgr+/9FFXIZqNRfsxECbmWLcTJG3gJ50Cfe0cA
TVvkV3E9bT3hHHzaVbp6FZnBv6+XvxcwDqJQXBTs2pL1Z/JZXtV5G+Pv/I6eZpoA
81BVTvRoOPKKGlf+4RTs6wwJq4hLgSOIhJncaJpFstKRHgAPjTxH1N8RJH8e0bd4
p0yxgc70K1hOJN5kl+2tJCbuwWJgmaJ8q8CzLlOppuESZVu3UosXDRrbKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF6szkXMlAUAmcMCTAgBo//IK+NyMB8GA1UdIwQY
MBaAFCoUBWlIbdF421g6Ch5JbfIjGF01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2Yt
NTRiZDY0OWI0ODUyLzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2YtNTRiZDY0OWI0ODUy
LzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABTMQiMWC
mw+NIlXJWpRUJbpTmwiMFhDxgAy1JsrelsiGthr5fyRhQ4V4sMOd5B4B9XF/dwXf
AR2HYAon07ZsdOJiOJhJpHoy9wbuHDRUk0iIRCHQ4gNiEhZBV4yEN+r8ZgIEm9vU
nMw7/EwVKoE8dHEOLnIKy/3NI1taE5sxREWiJtom0S8pk/ENT/vNa+LRS4Ui9FPp
qPvjnot633PWnX8g2qC5/ePORBKrfOQkt5OtnSan9rMG4l5/AB7lTzDjk3gjol3e
24jZt+tYD8y9AYk9PdFZs9jmcMj7Dh+CGOoV+1B0vPVOTuzQYSgwaTLFVNExgLoZ
X+wI+e2AgN1gwA==
-----END CERTIFICATE-----