Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
File:                     KhQFaUht0XjbWDoKHklt8iMYXTU.mft (raw, json)
Hash identifier:          6efAYag7yJt4VElAoCDUE6NivWwTCZMZUQOHA+vwLho=
Subject key identifier:   5D:45:DA:A5:35:84:AE:33:81:7E:EE:CB:68:49:32:4D:52:BC:2E:42
Authority key identifier: 2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35
Certificate issuer:       /CN=2a140569486dd178db583a0a1e496df223185d35
Certificate serial:       0198D4DFE9888EF14C86933750CF636F34CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
Manifest number:          088F
Signing time:             Sat 23 Aug 2025 03:01:40 +0000
Manifest this update:     Sat 23 Aug 2025 03:01:40 +0000
Manifest next update:     Sun 24 Aug 2025 03:01:40 +0000
Files and hashes:         1: KhQFaUht0XjbWDoKHklt8iMYXTU.crl (hash: K6uplIGfMh9TY77RXm5ZUC8eOIHNx8N0hGdG6jwe2Hs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:df:e9:88:8e:f1:4c:86:93:37:50:cf:63:6f:34:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a140569486dd178db583a0a1e496df223185d35
        Validity
            Not Before: Aug 23 03:01:40 2025 GMT
            Not After : Aug 24 03:01:40 2025 GMT
        Subject: CN=5d45daa53584ae33817eeecb6849324d52bc2e42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:32:44:0e:88:6f:97:36:57:f1:32:d5:fb:35:
                    1d:0e:77:22:fd:a5:cb:bd:b3:d2:86:ab:e6:7a:35:
                    c3:96:94:40:5e:e7:00:ee:a5:a0:16:c6:16:a1:67:
                    4d:02:de:3a:24:74:fb:39:93:b0:4f:a2:9a:ea:24:
                    2f:9d:a6:55:89:8a:90:7f:98:12:d8:6f:24:14:59:
                    df:ef:a1:a7:74:76:07:65:56:9f:cd:50:d6:d1:de:
                    3e:37:90:3b:35:1b:9b:f8:bd:3f:13:e0:e7:9b:76:
                    22:f1:8d:08:4b:49:93:0e:81:e1:28:83:a2:16:ba:
                    41:8e:da:ae:3c:5a:21:1b:ae:2c:f4:12:77:a7:f3:
                    b6:32:b0:98:9f:f1:b0:15:7f:8d:1e:2b:ad:f2:34:
                    66:13:6f:1b:aa:18:09:9c:87:69:dd:d4:63:5b:bd:
                    e3:d2:c1:29:07:04:39:46:a2:5c:2d:44:b4:61:06:
                    da:5d:b4:8b:06:a7:91:83:ca:ec:79:4f:98:80:25:
                    c5:8a:84:b2:96:af:be:72:e9:eb:fb:51:c6:f3:8c:
                    c2:21:6d:fc:e1:02:87:5c:79:12:23:28:0b:76:ae:
                    54:f4:ec:88:ad:99:98:21:3d:f6:c0:4e:f1:c7:32:
                    5f:7d:18:df:85:8d:4b:3c:09:dd:89:63:8e:83:e1:
                    1c:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:45:DA:A5:35:84:AE:33:81:7E:EE:CB:68:49:32:4D:52:BC:2E:42
            X509v3 Authority Key Identifier:
                keyid:2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:8c:ad:5e:09:1d:64:d6:b6:6e:48:04:5d:2c:00:ee:76:ea:
         bf:ee:12:09:de:e4:fe:0a:9d:ae:39:c9:b4:15:9b:f9:7d:54:
         9c:91:50:3d:58:c3:c0:dd:48:02:2e:6a:da:6c:b6:15:a9:1e:
         6a:e3:55:54:6b:e9:15:99:f0:39:3f:d2:2e:76:3d:78:53:b0:
         b4:6c:40:b1:cf:f4:8c:43:85:dc:4c:e3:01:61:52:e1:2f:2c:
         c3:78:6f:f4:f3:57:91:e4:6b:b8:e6:37:e4:b7:7d:ae:d0:e6:
         d6:24:d6:78:f0:9c:4c:6e:67:0e:f9:2d:7d:90:e0:db:bb:5e:
         6f:9b:7a:c3:b6:02:62:67:99:af:b7:6a:c9:0e:a7:53:a3:7f:
         3f:e9:11:9b:62:b9:7b:c4:c9:db:53:d1:bf:86:36:fc:96:d0:
         58:83:b1:4c:30:a8:bd:74:85:ef:3a:21:ed:36:ea:6d:94:6d:
         a1:6f:7c:9e:a1:4c:39:17:4e:18:08:2b:4a:98:4a:8c:db:4d:
         55:38:d9:d6:0b:75:a6:e6:0f:ea:d9:79:4e:ec:29:34:fa:63:
         cd:d8:1a:df:09:51:b7:7d:76:bb:3f:a9:8c:38:77:b6:c0:c7:
         db:9e:a8:72:df:d7:34:77:58:66:cb:a1:8f:8b:d7:39:04:e1:
         ba:42:a1:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU3+mIjvFMhpM3UM9jbzTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTQwNTY5NDg2ZGQxNzhkYjU4M2EwYTFlNDk2ZGYyMjMx
ODVkMzUwHhcNMjUwODIzMDMwMTQwWhcNMjUwODI0MDMwMTQwWjAzMTEwLwYDVQQD
Eyg1ZDQ1ZGFhNTM1ODRhZTMzODE3ZWVlY2I2ODQ5MzI0ZDUyYmMyZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTJEDohvlzZX8TLV+zUdDnci/aXL
vbPShqvmejXDlpRAXucA7qWgFsYWoWdNAt46JHT7OZOwT6Ka6iQvnaZViYqQf5gS
2G8kFFnf76GndHYHZVafzVDW0d4+N5A7NRub+L0/E+Dnm3Yi8Y0IS0mTDoHhKIOi
FrpBjtquPFohG64s9BJ3p/O2MrCYn/GwFX+NHiut8jRmE28bqhgJnIdp3dRjW73j
0sEpBwQ5RqJcLUS0YQbaXbSLBqeRg8rseU+YgCXFioSylq++cunr+1HG84zCIW38
4QKHXHkSIygLdq5U9OyIrZmYIT32wE7xxzJffRjfhY1LPAndiWOOg+EcFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1F2qU1hK4zgX7uy2hJMk1SvC5CMB8GA1UdIwQY
MBaAFCoUBWlIbdF421g6Ch5JbfIjGF01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2Yt
NTRiZDY0OWI0ODUyLzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2YtNTRiZDY0OWI0ODUy
LzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ4ytXgkd
ZNa2bkgEXSwA7nbqv+4SCd7k/gqdrjnJtBWb+X1UnJFQPVjDwN1IAi5q2my2Fake
auNVVGvpFZnwOT/SLnY9eFOwtGxAsc/0jEOF3EzjAWFS4S8sw3hv9PNXkeRruOY3
5Ld9rtDm1iTWePCcTG5nDvktfZDg27teb5t6w7YCYmeZr7dqyQ6nU6N/P+kRm2K5
e8TJ21PRv4Y2/JbQWIOxTDCovXSF7zoh7TbqbZRtoW98nqFMORdOGAgrSphKjNtN
VTjZ1gt1puYP6tl5TuwpNPpjzdga3wlRt312uz+pjDh3tsDH256oct/XNHdYZsuh
j4vXOQThukKheA==
-----END CERTIFICATE-----