Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          MNBTTl+gDWd4Kc85MFnelwfbVSjInZsQPeZ2N4qzH9s=
Subject key identifier:   DE:18:5A:9E:D1:8B:6A:EA:BE:40:6C:67:0F:8D:E2:A6:AF:2B:78:F4
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       0198D473AAAD01DB359E1A93651D29214F7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          105E
Signing time:             Sat 23 Aug 2025 01:03:26 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:26 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:26 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: FwRuBDYTKENlYUROTcT9p7G1RoqdOQ6tkhZ6LRZdgqU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:73:aa:ad:01:db:35:9e:1a:93:65:1d:29:21:4f:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Aug 23 01:03:26 2025 GMT
            Not After : Aug 24 01:03:26 2025 GMT
        Subject: CN=de185a9ed18b6aeabe406c670f8de2a6af2b78f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d6:df:3b:1f:13:58:6a:02:27:ca:4c:2e:ff:
                    0a:d6:58:49:2f:d4:7f:0f:10:96:2e:15:d3:d4:10:
                    09:05:71:59:c1:3b:dd:7f:2b:9e:58:ec:b0:a0:cd:
                    5a:19:c2:94:fa:3b:0f:09:6e:55:2b:d4:41:cd:08:
                    9d:10:82:7b:a6:08:df:bb:fe:9a:e6:d1:49:41:69:
                    41:24:bb:62:83:60:c3:74:6e:ee:cc:59:f8:34:aa:
                    39:90:92:a6:f2:2e:82:11:a7:31:83:9e:96:15:97:
                    24:1a:a6:c5:3d:6f:82:c6:d1:b8:7f:5c:8d:6e:41:
                    ab:4f:54:7a:87:f0:ec:c4:62:d6:14:4d:8d:07:c6:
                    fd:0c:d6:d1:bf:8a:15:b4:39:9d:00:97:29:b0:31:
                    3a:e1:5c:73:cc:e4:a6:e4:3a:3c:72:7b:8a:09:86:
                    83:ed:8f:41:5d:9f:59:92:c4:12:d4:5f:1e:0f:55:
                    91:13:96:50:7c:67:39:a3:f5:66:65:88:be:52:94:
                    42:63:57:bf:a4:d9:43:a7:30:31:09:02:c8:82:82:
                    93:e0:21:a4:84:8b:0e:b0:d8:0f:65:cf:bf:f2:b0:
                    07:86:1b:22:83:e8:0d:ac:50:40:ee:13:eb:2c:67:
                    0e:7a:b0:68:17:da:28:99:f6:b3:a3:a4:8f:b9:f7:
                    87:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:18:5A:9E:D1:8B:6A:EA:BE:40:6C:67:0F:8D:E2:A6:AF:2B:78:F4
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:ee:e7:16:86:33:29:61:ef:9f:94:56:03:b6:b4:6a:8e:d6:
         40:dd:67:65:3d:89:49:1e:4c:e9:ca:85:ed:91:e0:f3:47:67:
         e2:5d:a4:e8:ec:8e:c3:ce:2a:d6:f7:20:64:23:4c:a1:73:86:
         d3:6c:ac:e0:b0:dd:42:c8:4a:61:ff:2f:06:bc:32:5a:f1:f0:
         12:ff:64:6d:78:1c:57:1c:b9:f9:1e:67:63:43:ad:ec:d7:a8:
         3a:65:77:81:40:dc:8f:bb:11:57:0d:70:5e:01:3b:e5:a8:f6:
         cf:d5:f7:a9:56:97:cb:51:60:a3:1f:17:1b:56:42:b5:d1:00:
         cb:53:79:11:e2:ce:d8:c6:6b:a6:55:af:f0:60:6f:f9:0c:3e:
         b0:08:70:c0:89:85:18:cd:e2:79:a1:d1:86:4e:6c:eb:7b:15:
         33:3b:ac:b0:57:d7:98:1c:4e:6c:21:d4:44:40:0b:1b:21:42:
         6c:ee:1d:19:6c:7b:c3:ca:04:8c:6e:13:5a:be:03:4c:1a:e7:
         39:15:36:0b:0d:3b:04:1a:4b:aa:ac:5e:e2:86:ff:da:43:24:
         d5:83:b9:da:f3:f7:dd:91:63:83:41:2b:7e:8f:f7:41:4f:db:
         ac:67:9a:9f:7a:99:9b:a0:bd:ec:9c:e2:46:16:7b:12:dd:8a:
         26:10:1b:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUc6qtAds1nhqTZR0pIU97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjUwODIzMDEwMzI2WhcNMjUwODI0MDEwMzI2WjAzMTEwLwYDVQQD
EyhkZTE4NWE5ZWQxOGI2YWVhYmU0MDZjNjcwZjhkZTJhNmFmMmI3OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNbfOx8TWGoCJ8pMLv8K1lhJL9R/
DxCWLhXT1BAJBXFZwTvdfyueWOywoM1aGcKU+jsPCW5VK9RBzQidEIJ7pgjfu/6a
5tFJQWlBJLtig2DDdG7uzFn4NKo5kJKm8i6CEacxg56WFZckGqbFPW+CxtG4f1yN
bkGrT1R6h/DsxGLWFE2NB8b9DNbRv4oVtDmdAJcpsDE64VxzzOSm5Do8cnuKCYaD
7Y9BXZ9ZksQS1F8eD1WRE5ZQfGc5o/VmZYi+UpRCY1e/pNlDpzAxCQLIgoKT4CGk
hIsOsNgPZc+/8rAHhhsig+gNrFBA7hPrLGcOerBoF9oomfazo6SPufeHaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN4YWp7Ri2rqvkBsZw+N4qavK3j0MB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVe7nFoYz
KWHvn5RWA7a0ao7WQN1nZT2JSR5M6cqF7ZHg80dn4l2k6OyOw84q1vcgZCNMoXOG
02ys4LDdQshKYf8vBrwyWvHwEv9kbXgcVxy5+R5nY0Ot7NeoOmV3gUDcj7sRVw1w
XgE75aj2z9X3qVaXy1Fgox8XG1ZCtdEAy1N5EeLO2MZrplWv8GBv+Qw+sAhwwImF
GM3ieaHRhk5s63sVMzussFfXmBxObCHUREALGyFCbO4dGWx7w8oEjG4TWr4DTBrn
ORU2Cw07BBpLqqxe4ob/2kMk1YO52vP33ZFjg0Erfo/3QU/brGean3qZm6C97Jzi
RhZ7Et2KJhAbbg==
-----END CERTIFICATE-----