Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
File:                     kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json)
Hash identifier:          3Pwaw46zKV+KPZ3ML66hIpURc9XV9lrrcMW3RYUI/bY=
Subject key identifier:   8D:53:2F:CC:1C:30:D4:3A:52:DC:DB:EE:A3:0B:E7:9F:BF:FC:9C:3F
Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81
Certificate issuer:       /CN=91d338370e10627a4cd631e3fde186e194898c81
Certificate serial:       0199FBEC1F60B29D569D17D4D234A82228F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
Manifest number:          0CCD
Signing time:             Sun 19 Oct 2025 10:02:59 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:59 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:59 +0000
Files and hashes:         1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: kmyD15PJ8gQKyI0jooKNaHh/F51wbCPYzDoOUfb1qHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ec:1f:60:b2:9d:56:9d:17:d4:d2:34:a8:22:28:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81
        Validity
            Not Before: Oct 19 10:02:59 2025 GMT
            Not After : Oct 20 10:02:59 2025 GMT
        Subject: CN=8d532fcc1c30d43a52dcdbeea30be79fbffc9c3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:45:8a:b8:b5:84:ba:22:1f:9a:95:78:8e:0b:
                    d0:01:1d:e4:53:f4:e9:b5:4d:50:1f:ce:47:e6:64:
                    0e:87:d1:6a:61:8a:9a:cb:c9:65:a0:94:02:ab:50:
                    fa:6c:ab:fa:74:79:cb:f6:b7:5b:c3:87:7a:bc:d9:
                    cf:7c:fd:38:ed:3f:d1:c2:13:49:7b:e3:d1:f6:21:
                    e9:b8:1d:63:43:14:45:52:30:ee:82:fb:ad:fa:a7:
                    b2:87:3e:e8:71:cc:1a:02:eb:ef:76:be:d0:c6:e0:
                    48:76:ce:ae:f9:c1:69:5c:c1:53:60:64:f1:8f:b4:
                    23:51:3f:99:59:df:43:39:aa:93:3a:55:0c:f2:ed:
                    1a:71:79:c8:23:c6:ea:7b:bb:b8:c4:0a:e3:35:26:
                    8b:b9:ce:60:2f:87:71:3b:84:9c:46:f7:e2:be:3c:
                    73:49:b3:a4:df:25:04:c9:5f:45:d6:4c:a6:8e:01:
                    6b:44:c4:3b:43:2c:69:37:7f:a6:d1:5a:a5:f1:31:
                    20:59:99:17:7e:49:1a:6a:04:74:da:c6:d4:bf:9b:
                    9d:c2:06:38:09:26:18:10:f9:03:cf:52:af:05:a9:
                    1d:47:fd:e3:bc:32:70:03:84:f8:fa:4c:75:2e:71:
                    a1:cf:1d:64:f3:ab:d3:a4:d2:88:80:0d:46:14:86:
                    09:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:53:2F:CC:1C:30:D4:3A:52:DC:DB:EE:A3:0B:E7:9F:BF:FC:9C:3F
            X509v3 Authority Key Identifier:
                keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:d2:5b:db:84:58:3d:69:34:25:cf:bf:2c:e7:91:69:cc:b2:
         50:91:ec:52:26:0d:ec:15:f5:da:31:1f:2d:6e:2c:a4:57:72:
         0d:94:52:8c:88:a1:d6:f1:88:d7:3b:89:4b:1b:14:14:f0:20:
         91:0b:20:45:65:79:f8:42:7f:49:5e:0f:db:b3:7a:ec:fd:f5:
         51:9a:c6:9a:ce:6a:4b:fb:da:0e:0e:42:dd:7b:19:b0:e1:24:
         06:c7:55:9a:93:47:c3:23:97:ef:2c:c2:99:1c:8c:59:a1:b2:
         ed:52:e9:e6:b6:60:6a:68:11:89:5f:72:aa:24:f9:49:30:a1:
         f1:3e:d5:3b:de:22:7c:59:d1:fa:38:f6:00:fa:ad:d1:3b:2f:
         4a:cc:1f:d4:15:32:55:f0:fc:9b:3c:3b:ca:c7:61:8e:6a:3d:
         11:09:cc:15:51:99:32:8a:a0:29:a0:44:5c:1b:1c:b7:c0:37:
         1f:b9:fd:75:9a:2e:7d:5c:dc:9e:47:12:0a:91:cd:07:fd:92:
         fc:e2:4d:42:89:dc:c7:3d:af:ba:3e:d1:d9:46:c6:92:32:a1:
         db:6d:aa:14:b0:13:af:cd:2a:ff:14:5e:5c:56:23:2f:36:72:
         cc:c4:aa:70:f3:62:90:41:1e:ac:2a:42:fd:d0:00:87:13:dc:
         3b:39:68:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn77B9gsp1WnRfU0jSoIij0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4
OThjODEwHhcNMjUxMDE5MTAwMjU5WhcNMjUxMDIwMTAwMjU5WjAzMTEwLwYDVQQD
Eyg4ZDUzMmZjYzFjMzBkNDNhNTJkY2RiZWVhMzBiZTc5ZmJmZmM5YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0WKuLWEuiIfmpV4jgvQAR3kU/Tp
tU1QH85H5mQOh9FqYYqay8lloJQCq1D6bKv6dHnL9rdbw4d6vNnPfP047T/RwhNJ
e+PR9iHpuB1jQxRFUjDugvut+qeyhz7occwaAuvvdr7QxuBIds6u+cFpXMFTYGTx
j7QjUT+ZWd9DOaqTOlUM8u0acXnII8bqe7u4xArjNSaLuc5gL4dxO4ScRvfivjxz
SbOk3yUEyV9F1kymjgFrRMQ7QyxpN3+m0Vql8TEgWZkXfkkaagR02sbUv5udwgY4
CSYYEPkDz1KvBakdR/3jvDJwA4T4+kx1LnGhzx1k86vTpNKIgA1GFIYJRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1TL8wcMNQ6Utzb7qML55+//Jw/MB8GA1UdIwQY
MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt
MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0
LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS9Jb24RY
PWk0Jc+/LOeRacyyUJHsUiYN7BX12jEfLW4spFdyDZRSjIih1vGI1zuJSxsUFPAg
kQsgRWV5+EJ/SV4P27N67P31UZrGms5qS/vaDg5C3XsZsOEkBsdVmpNHwyOX7yzC
mRyMWaGy7VLp5rZgamgRiV9yqiT5STCh8T7VO94ifFnR+jj2APqt0TsvSswf1BUy
VfD8mzw7ysdhjmo9EQnMFVGZMoqgKaBEXBsct8A3H7n9dZoufVzcnkcSCpHNB/2S
/OJNQoncxz2vuj7R2UbGkjKh222qFLATr80q/xReXFYjLzZyzMSqcPNikEEerCpC
/dAAhxPcOzlofA==
-----END CERTIFICATE-----