Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
File:                     KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json)
Hash identifier:          i6R4TJj2ngxQd1vdXy749G9V8P1cjQYXhDded6Oqatc=
Subject key identifier:   31:B4:91:10:C1:E5:4C:8F:3D:70:8B:57:5D:E2:47:79:D2:E7:64:CC
Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C
Certificate issuer:       /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
Certificate serial:       019A006C33C119973F1C953828337DB591A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
Manifest number:          0290
Signing time:             Mon 20 Oct 2025 07:01:22 +0000
Manifest this update:     Mon 20 Oct 2025 07:01:22 +0000
Manifest next update:     Tue 21 Oct 2025 07:01:22 +0000
Files and hashes:         1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: FczCetY4LOLiCgU2iHOl5NpVxilCBG56TSVkLIE8GjY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 07:01:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:6c:33:c1:19:97:3f:1c:95:38:28:33:7d:b5:91:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c
        Validity
            Not Before: Oct 20 07:01:22 2025 GMT
            Not After : Oct 21 07:01:22 2025 GMT
        Subject: CN=31b49110c1e54c8f3d708b575de24779d2e764cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:75:86:ee:be:83:99:ee:85:42:d3:a2:b6:b5:
                    a1:a3:a2:13:6c:13:ed:a7:75:b1:1d:88:c1:7d:52:
                    61:e3:0e:c7:7f:d4:3a:15:ea:f2:42:00:7f:db:a3:
                    bc:de:4e:83:cb:b8:e9:c6:23:5d:36:26:56:ac:8a:
                    9c:1c:0a:49:fd:c0:6f:f0:68:c4:87:bd:b6:0b:d8:
                    3a:3e:60:b9:54:a3:72:8e:e9:56:28:ad:09:ee:90:
                    c1:f4:43:64:b6:69:59:ef:3c:f3:0c:46:31:84:ae:
                    2f:0d:06:58:8d:3a:50:da:d6:b0:d1:4e:26:59:f8:
                    71:9a:68:08:6a:9f:dd:f1:d0:6f:f1:d8:96:a4:72:
                    b7:75:97:d2:e1:e6:4e:3d:63:25:ce:e2:b9:20:40:
                    38:30:f7:b9:a4:77:89:96:b4:0b:f6:46:c9:1e:75:
                    00:f6:b1:94:90:e9:de:62:3a:98:28:af:b8:31:95:
                    b6:74:0d:31:80:11:e7:0e:da:d2:23:f4:d7:cb:ff:
                    f7:8d:f8:86:fd:fb:d6:f5:15:7d:6f:cc:17:41:4d:
                    03:2f:84:fb:3c:d4:a1:1b:6e:ce:b5:03:64:6f:bf:
                    17:4a:74:81:06:c4:ae:9f:10:b3:c1:2a:51:51:2d:
                    ce:0d:b0:d0:e5:4b:11:a7:9f:6e:0e:fa:b4:20:79:
                    13:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:B4:91:10:C1:E5:4C:8F:3D:70:8B:57:5D:E2:47:79:D2:E7:64:CC
            X509v3 Authority Key Identifier:
                keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:4c:dc:ec:47:6b:70:7f:fe:b7:42:7f:05:8d:fb:5c:df:43:
         1d:7b:d0:00:6c:89:2e:a1:49:1b:65:06:3d:a1:b1:e0:dc:9a:
         f2:e1:18:79:22:ea:5d:4e:d0:fe:be:c1:18:70:75:1a:c5:c7:
         27:47:89:ab:70:21:de:68:c6:db:63:6f:be:53:79:68:f3:6f:
         22:2a:1b:6b:17:9d:11:ab:cf:40:06:c3:b0:b0:fd:ca:a9:5f:
         f1:cc:9e:37:39:47:db:3b:a0:db:dd:27:1c:0a:9f:bf:74:89:
         d9:02:2b:3c:db:dd:c0:a3:9a:13:99:2f:e7:63:1f:6d:ce:be:
         81:63:b3:3d:4c:c3:77:f1:bb:76:e9:da:27:78:e1:99:6d:1b:
         bf:36:4c:68:54:10:28:2d:33:1b:a0:44:a2:85:bb:82:7e:2a:
         d0:d1:b3:8e:4e:25:1b:98:ca:6e:3c:73:cf:c4:34:fb:af:4a:
         69:41:cf:b8:98:8c:2f:d4:a9:96:78:a9:6c:9d:ed:35:af:07:
         5b:0b:36:0f:9c:56:57:f4:41:16:37:7f:63:0d:1d:45:e5:36:
         e5:bb:a9:0d:6b:d8:cf:d2:1e:40:66:91:13:3b:8e:6b:0d:ca:
         c9:55:b5:ad:ac:54:39:9a:5a:49:3c:05:bc:eb:7b:10:6d:08:
         19:30:26:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAbDPBGZc/HJU4KDN9tZGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2
YjBjNGMwHhcNMjUxMDIwMDcwMTIyWhcNMjUxMDIxMDcwMTIyWjAzMTEwLwYDVQQD
EygzMWI0OTExMGMxZTU0YzhmM2Q3MDhiNTc1ZGUyNDc3OWQyZTc2NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nWG7r6Dme6FQtOitrWho6ITbBPt
p3WxHYjBfVJh4w7Hf9Q6FeryQgB/26O83k6Dy7jpxiNdNiZWrIqcHApJ/cBv8GjE
h722C9g6PmC5VKNyjulWKK0J7pDB9ENktmlZ7zzzDEYxhK4vDQZYjTpQ2taw0U4m
WfhxmmgIap/d8dBv8diWpHK3dZfS4eZOPWMlzuK5IEA4MPe5pHeJlrQL9kbJHnUA
9rGUkOneYjqYKK+4MZW2dA0xgBHnDtrSI/TXy//3jfiG/fvW9RV9b8wXQU0DL4T7
PNShG27OtQNkb78XSnSBBsSunxCzwSpRUS3ODbDQ5UsRp59uDvq0IHkTIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDG0kRDB5UyPPXCLV13iR3nS52TMMB8GA1UdIwQY
MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt
ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4
LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdEzc7Edr
cH/+t0J/BY37XN9DHXvQAGyJLqFJG2UGPaGx4Nya8uEYeSLqXU7Q/r7BGHB1GsXH
J0eJq3Ah3mjG22NvvlN5aPNvIiobaxedEavPQAbDsLD9yqlf8cyeNzlH2zug290n
HAqfv3SJ2QIrPNvdwKOaE5kv52Mfbc6+gWOzPUzDd/G7dunaJ3jhmW0bvzZMaFQQ
KC0zG6BEooW7gn4q0NGzjk4lG5jKbjxzz8Q0+69KaUHPuJiML9SplnipbJ3tNa8H
Wws2D5xWV/RBFjd/Yw0dReU25bupDWvYz9IeQGaREzuOaw3KyVW1raxUOZpaSTwF
vOt7EG0IGTAmTg==
-----END CERTIFICATE-----