Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
File:                     KMWxDr1MOSkgFDB-h_prHJtCFn0.mft (raw, json)
Hash identifier:          6LXypi1AH+ep3YtiatiD7OhNC4BTKm0Rt4JIDJC2XGc=
Subject key identifier:   5A:A5:5E:46:5D:90:2E:2F:6D:F6:CB:63:8B:93:0E:D2:72:8F:52:42
Authority key identifier: 28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D
Certificate issuer:       /CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
Certificate serial:       0199FBEBB0692922F63AF36948E2C7152542
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
Manifest number:          0781
Signing time:             Sun 19 Oct 2025 10:02:31 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:31 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:31 +0000
Files and hashes:         1: KMWxDr1MOSkgFDB-h_prHJtCFn0.crl (hash: YtCnEZkn1hxP+Im9fDP/w+GkiTx1QzORc7O18NdszTg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:b0:69:29:22:f6:3a:f3:69:48:e2:c7:15:25:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d
        Validity
            Not Before: Oct 19 10:02:31 2025 GMT
            Not After : Oct 20 10:02:31 2025 GMT
        Subject: CN=5aa55e465d902e2f6df6cb638b930ed2728f5242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:03:16:94:fb:a9:ab:34:9d:07:f1:80:fe:59:
                    49:f5:11:4a:52:7c:93:0d:ab:e4:cd:ba:e9:e7:20:
                    76:95:49:a1:d5:3a:d9:4d:5d:d7:64:2a:48:a1:4d:
                    a7:3d:91:8c:0f:48:6c:b6:ef:1a:bb:ac:d5:50:1b:
                    6b:ea:dc:5a:25:bf:f5:ac:5f:8a:00:ce:3a:86:c6:
                    1c:e3:dc:72:b8:55:d6:04:a5:9d:f3:b0:6c:20:ad:
                    1e:01:7e:1b:82:d8:35:33:51:02:bc:8f:1d:bb:92:
                    59:1e:54:a4:0e:99:84:a8:b0:06:d7:16:4e:da:36:
                    62:5f:3f:f4:db:97:d6:87:b6:d9:96:93:80:a1:2d:
                    72:8d:f7:94:88:2e:00:cc:92:08:c4:47:1f:76:8a:
                    59:d9:85:d2:25:3c:9a:8c:9d:fb:88:a9:d1:04:1c:
                    2a:fd:da:1a:a0:9a:cb:f5:b2:04:46:a2:d4:27:fa:
                    95:59:66:8d:8f:5d:cc:83:a8:b1:81:3a:f9:18:f2:
                    dd:e5:2c:02:48:cc:ad:e6:a9:07:c7:29:24:7b:ff:
                    74:ac:6c:54:f7:8d:c4:4d:0e:91:2c:99:5a:64:29:
                    53:f8:25:21:0a:e7:05:19:42:ba:44:bd:b8:27:20:
                    9e:0c:a9:a3:48:f5:d2:2b:45:f6:45:d6:42:af:89:
                    d3:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:A5:5E:46:5D:90:2E:2F:6D:F6:CB:63:8B:93:0E:D2:72:8F:52:42
            X509v3 Authority Key Identifier:
                keyid:28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:c9:f1:d7:09:06:dc:ce:bc:27:56:61:47:d0:83:6c:66:09:
         fe:39:cb:02:7e:a8:8b:df:81:4d:4b:cf:5d:3d:46:72:32:a4:
         6e:b8:3f:3b:9c:fc:04:ae:39:1b:5a:ab:b4:71:e3:7f:0a:f9:
         ce:30:bd:8d:e0:af:52:bc:34:bc:4a:5a:c4:df:b5:2e:05:19:
         e5:3e:d6:e2:7c:e8:f0:02:c4:51:22:40:b1:2f:5b:85:1c:ee:
         3f:e4:f8:38:85:be:80:5b:d9:29:55:32:24:10:34:f0:7b:40:
         c5:94:99:95:aa:50:21:d8:f0:d4:a5:26:e9:be:5c:2f:c4:d9:
         0b:89:7a:fb:88:cd:fa:b0:af:c8:b3:aa:db:3c:13:5d:99:75:
         d5:53:b7:3b:84:91:f8:53:dc:8e:e3:00:79:8c:5c:f3:5e:cd:
         5c:58:3c:0f:21:13:30:fc:f6:ae:9b:67:cc:42:f4:e4:b4:3a:
         86:7a:43:36:58:5d:50:4f:dc:4b:8c:1c:b8:9e:45:98:07:ae:
         cd:11:03:a0:69:6d:9e:5b:32:da:46:3b:73:3e:f8:8e:a7:14:
         b9:aa:b8:05:dd:df:08:81:96:e7:4b:68:68:69:81:ba:26:05:
         1f:b0:74:fc:cd:f3:0d:e3:6c:85:c8:69:c1:68:67:c4:4c:a1:
         39:45:4c:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn767BpKSL2OvNpSOLHFSVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzViMTBlYmQ0YzM5MjkyMDE0MzA3ZTg3ZmE2YjFjOWI0
MjE2N2QwHhcNMjUxMDE5MTAwMjMxWhcNMjUxMDIwMTAwMjMxWjAzMTEwLwYDVQQD
Eyg1YWE1NWU0NjVkOTAyZTJmNmRmNmNiNjM4YjkzMGVkMjcyOGY1MjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gMWlPupqzSdB/GA/llJ9RFKUnyT
Davkzbrp5yB2lUmh1TrZTV3XZCpIoU2nPZGMD0hstu8au6zVUBtr6txaJb/1rF+K
AM46hsYc49xyuFXWBKWd87BsIK0eAX4bgtg1M1ECvI8du5JZHlSkDpmEqLAG1xZO
2jZiXz/025fWh7bZlpOAoS1yjfeUiC4AzJIIxEcfdopZ2YXSJTyajJ37iKnRBBwq
/doaoJrL9bIERqLUJ/qVWWaNj13Mg6ixgTr5GPLd5SwCSMyt5qkHxykke/90rGxU
943ETQ6RLJlaZClT+CUhCucFGUK6RL24JyCeDKmjSPXSK0X2RdZCr4nTfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFqlXkZdkC4vbfbLY4uTDtJyj1JCMB8GA1UdIwQY
MBaAFCjFsQ69TDkpIBQwfof6axybQhZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2Mt
YTYyOWQxOTc2ZWEzLzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2MtYTYyOWQxOTc2ZWEz
LzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeMnx1wkG
3M68J1ZhR9CDbGYJ/jnLAn6oi9+BTUvPXT1GcjKkbrg/O5z8BK45G1qrtHHjfwr5
zjC9jeCvUrw0vEpaxN+1LgUZ5T7W4nzo8ALEUSJAsS9bhRzuP+T4OIW+gFvZKVUy
JBA08HtAxZSZlapQIdjw1KUm6b5cL8TZC4l6+4jN+rCvyLOq2zwTXZl11VO3O4SR
+FPcjuMAeYxc817NXFg8DyETMPz2rptnzEL05LQ6hnpDNlhdUE/cS4wcuJ5FmAeu
zREDoGltnlsy2kY7cz74jqcUuaq4Bd3fCIGW50toaGmBuiYFH7B0/M3zDeNshchp
wWhnxEyhOUVMPQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:23:07 2025 by rpki-client