Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
File:                     KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json)
Hash identifier:          OYWo4dgCnWlIJ5fBxvxxqwtzqNEF46NiEyjrc+EBz8Q=
Subject key identifier:   0F:CE:BB:62:A7:95:3D:F0:9F:87:58:3D:9B:AA:01:A5:D1:AB:1F:B4
Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5
Certificate issuer:       /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
Certificate serial:       0199FA6A5D81D0538F541AFF1292DF28347E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
Manifest number:          02F0
Signing time:             Sun 19 Oct 2025 03:01:38 +0000
Manifest this update:     Sun 19 Oct 2025 03:01:38 +0000
Manifest next update:     Mon 20 Oct 2025 03:01:38 +0000
Files and hashes:         1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: Rt/HDTGLLR+qBp3VhEZLSiAA+/qde8k/PIkxw6H2EHM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 03:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:6a:5d:81:d0:53:8f:54:1a:ff:12:92:df:28:34:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5
        Validity
            Not Before: Oct 19 03:01:38 2025 GMT
            Not After : Oct 20 03:01:38 2025 GMT
        Subject: CN=0fcebb62a7953df09f87583d9baa01a5d1ab1fb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:e4:17:b9:08:d3:a1:6c:39:d6:45:13:c2:96:
                    2e:9c:4b:e7:00:24:bf:e8:d2:57:66:44:aa:5e:87:
                    70:88:4f:19:ab:78:95:07:ec:ae:d7:09:d1:e2:48:
                    6d:28:b2:88:35:6a:9b:60:35:6c:57:c3:6f:14:1e:
                    1a:28:25:a7:30:c6:fc:72:5c:ef:59:69:10:2f:0a:
                    6b:0a:b4:83:1c:55:1c:1a:f7:43:c6:08:97:7c:27:
                    3e:3d:c1:e7:1c:de:8b:1e:9f:1f:32:be:83:79:73:
                    13:13:b5:84:e4:70:9c:f3:4b:b8:91:a1:61:bb:a4:
                    af:a8:c6:b6:da:25:6d:00:23:b6:75:f1:cd:52:ef:
                    c0:22:da:e9:e0:77:34:3b:15:bc:09:d8:26:c1:79:
                    cd:77:2a:63:a0:ab:a9:ba:e2:87:c7:e1:17:42:64:
                    2c:a9:42:93:ce:13:76:d7:fb:b3:cd:07:0a:3d:13:
                    15:46:6a:8a:9a:ee:c2:86:35:52:fe:e7:bb:28:65:
                    15:c6:6a:97:36:97:62:03:08:9b:da:6d:30:95:d9:
                    57:fc:cf:c8:04:a3:23:d7:0a:4a:7c:f9:11:5f:e6:
                    3d:3f:09:91:73:73:9d:d1:7c:b2:f3:72:76:13:4c:
                    1a:45:06:66:6f:64:e9:f9:d4:2c:08:38:5f:13:4a:
                    13:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:CE:BB:62:A7:95:3D:F0:9F:87:58:3D:9B:AA:01:A5:D1:AB:1F:B4
            X509v3 Authority Key Identifier:
                keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:9e:80:73:40:6c:55:ce:66:8d:a9:f4:8b:89:d8:7a:d7:91:
         79:4e:0e:31:3a:e7:79:e4:29:3d:0e:dd:8f:1d:e1:90:b2:6b:
         bd:fd:76:d5:c4:43:db:1f:45:b0:29:c1:7d:0b:99:c6:35:99:
         5d:06:5e:3e:64:a8:3b:cd:33:8d:4b:ed:d8:e5:4f:59:a6:70:
         a7:5e:21:00:fa:14:ed:f0:15:68:c6:ba:29:37:16:47:b3:5f:
         93:1c:3b:e2:21:d5:3a:fc:7d:ef:bc:17:6b:6d:9d:bf:4d:55:
         db:fa:76:f3:df:20:b0:80:e0:3f:71:1b:cd:cc:57:a7:21:c1:
         ad:77:72:4b:d8:d7:6a:84:02:7f:f9:d1:35:39:56:ab:ab:eb:
         ce:f9:a9:28:9d:6a:a3:58:39:7b:c1:63:dc:af:44:1b:8a:1c:
         4f:bd:ad:b7:1f:32:f7:33:63:1d:82:4e:76:2c:b2:02:81:36:
         ee:76:97:74:4c:dd:7b:7a:c0:d6:73:f2:46:d5:92:98:0b:7f:
         72:9c:2b:8e:8c:40:f3:8f:5d:a1:8e:70:9e:76:4c:f0:65:ae:
         ab:d3:81:36:59:98:40:0d:bd:e1:9e:5f:d4:0c:50:1e:45:cc:
         3f:2a:1d:e1:f2:93:47:43:66:90:3f:ea:2e:7f:44:8d:7d:7e:
         c2:22:b9:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6al2B0FOPVBr/EpLfKDR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1
MDU4YTUwHhcNMjUxMDE5MDMwMTM4WhcNMjUxMDIwMDMwMTM4WjAzMTEwLwYDVQQD
EygwZmNlYmI2MmE3OTUzZGYwOWY4NzU4M2Q5YmFhMDFhNWQxYWIxZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOQXuQjToWw51kUTwpYunEvnACS/
6NJXZkSqXodwiE8Zq3iVB+yu1wnR4khtKLKINWqbYDVsV8NvFB4aKCWnMMb8clzv
WWkQLwprCrSDHFUcGvdDxgiXfCc+PcHnHN6LHp8fMr6DeXMTE7WE5HCc80u4kaFh
u6SvqMa22iVtACO2dfHNUu/AItrp4Hc0OxW8CdgmwXnNdypjoKupuuKHx+EXQmQs
qUKTzhN21/uzzQcKPRMVRmqKmu7ChjVS/ue7KGUVxmqXNpdiAwib2m0wldlX/M/I
BKMj1wpKfPkRX+Y9PwmRc3Od0Xyy83J2E0waRQZmb2Tp+dQsCDhfE0oTbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/Ou2KnlT3wn4dYPZuqAaXRqx+0MB8GA1UdIwQY
MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt
MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh
LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD56Ac0Bs
Vc5mjan0i4nYeteReU4OMTrneeQpPQ7djx3hkLJrvf121cRD2x9FsCnBfQuZxjWZ
XQZePmSoO80zjUvt2OVPWaZwp14hAPoU7fAVaMa6KTcWR7Nfkxw74iHVOvx977wX
a22dv01V2/p2898gsIDgP3EbzcxXpyHBrXdyS9jXaoQCf/nRNTlWq6vrzvmpKJ1q
o1g5e8Fj3K9EG4ocT72ttx8y9zNjHYJOdiyyAoE27naXdEzde3rA1nPyRtWSmAt/
cpwrjoxA849doY5wnnZM8GWuq9OBNlmYQA294Z5f1AxQHkXMPyod4fKTR0NmkD/q
Ln9EjX1+wiK5rg==
-----END CERTIFICATE-----