Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          y+DTYLh1m+TksxSnfBTbrgUXiqV9g4k2NEbpq27BQ8U=
Subject key identifier:   A9:6E:A4:AF:23:D1:16:0A:8C:82:34:CB:AD:6E:9C:9B:88:AB:2B:16
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       0199FAD853C83EBDAFB8AA2E859E375A93A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          0C67
Signing time:             Sun 19 Oct 2025 05:01:45 +0000
Manifest this update:     Sun 19 Oct 2025 05:01:45 +0000
Manifest next update:     Mon 20 Oct 2025 05:01:45 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: K/Ja4YJhED2cjxOUK3bTIJdbUJAnuLrMXORx2Vkh5V0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 05:01:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fa:d8:53:c8:3e:bd:af:b8:aa:2e:85:9e:37:5a:93:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Oct 19 05:01:45 2025 GMT
            Not After : Oct 20 05:01:45 2025 GMT
        Subject: CN=a96ea4af23d1160a8c8234cbad6e9c9b88ab2b16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:ce:3b:97:cc:51:ac:7a:a9:87:2e:48:ec:26:
                    8b:11:d2:c6:3c:bc:8f:46:ed:c6:1c:64:a8:72:be:
                    e4:93:6c:ea:16:5d:07:37:e1:f8:c4:c0:05:69:45:
                    ec:91:9c:d7:10:79:b8:11:fb:24:a0:c0:54:6a:85:
                    39:4e:de:34:c4:3b:0b:96:ea:80:f2:9d:82:f7:18:
                    eb:2c:8d:91:a3:d7:01:91:1e:b5:43:30:97:7b:fd:
                    2c:85:ad:85:35:bb:83:57:b1:0e:ad:42:29:0a:a4:
                    cd:90:4b:fb:8d:3d:7d:1c:70:75:68:8e:8e:e5:74:
                    35:f3:6f:7c:e1:13:41:65:7d:c0:bb:e1:f5:1a:6f:
                    24:9c:d6:61:95:9d:4f:76:53:11:fe:32:8f:22:2e:
                    79:b7:7f:6e:85:eb:d0:30:32:43:0b:34:66:68:05:
                    91:9f:b4:0b:48:2e:67:e8:ac:27:79:02:5d:6a:38:
                    34:fa:fe:f9:ab:39:cd:97:75:06:ac:02:3a:0b:9f:
                    f2:eb:1c:d2:c3:73:c9:0a:14:55:26:22:19:20:29:
                    8a:8b:26:50:31:5c:ca:c2:f0:14:a2:4b:c4:e6:11:
                    f8:fc:b0:08:95:0a:96:98:67:0e:cb:3c:ec:22:d5:
                    de:5b:a9:29:c2:7f:0e:b4:6c:4c:a5:ec:35:39:b6:
                    f2:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:6E:A4:AF:23:D1:16:0A:8C:82:34:CB:AD:6E:9C:9B:88:AB:2B:16
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         37:cb:9d:30:1d:ed:f4:d6:e3:ea:66:13:84:9e:fa:6d:d5:94:
         37:32:52:4a:fa:67:56:87:d6:8e:c6:9a:7e:4d:84:83:31:8b:
         dc:c4:04:e6:d7:db:c0:18:ec:69:4f:b2:7e:1f:3e:e3:cd:22:
         a1:c1:14:bf:48:51:d1:63:e4:8a:e8:0d:dc:aa:fb:a1:3a:2b:
         c9:66:09:07:c1:c3:67:71:40:33:84:97:88:ba:37:3b:4d:a3:
         64:b7:54:42:a2:6e:0d:fa:3c:a8:4a:04:60:3e:ac:b2:83:d3:
         f1:18:15:68:a9:ed:12:22:0c:ff:2a:0b:c1:50:2a:11:74:04:
         8c:d9:84:9c:97:b2:7a:e6:01:de:7f:38:78:31:d3:cb:0c:07:
         ce:f2:df:a0:25:ea:92:fd:b8:6f:61:5a:37:0d:30:db:c9:74:
         1e:ba:e4:67:7c:92:82:33:2d:06:19:7e:28:60:fb:62:28:bf:
         32:ad:ac:0e:fb:78:67:bf:ee:92:90:c8:ab:39:3a:f2:63:62:
         4e:29:a7:67:70:81:0f:27:82:dd:95:a2:01:43:53:85:bb:7e:
         d3:41:fb:3c:13:5e:00:79:e6:ef:aa:ca:65:8d:a3:fe:10:35:
         31:ef:4c:16:04:77:84:ad:26:12:dd:f3:1b:89:e1:ed:7d:7f:
         11:bd:c1:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn62FPIPr2vuKouhZ43WpOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjUxMDE5MDUwMTQ1WhcNMjUxMDIwMDUwMTQ1WjAzMTEwLwYDVQQD
EyhhOTZlYTRhZjIzZDExNjBhOGM4MjM0Y2JhZDZlOWM5Yjg4YWIyYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz847l8xRrHqphy5I7CaLEdLGPLyP
Ru3GHGSocr7kk2zqFl0HN+H4xMAFaUXskZzXEHm4EfskoMBUaoU5Tt40xDsLluqA
8p2C9xjrLI2Ro9cBkR61QzCXe/0sha2FNbuDV7EOrUIpCqTNkEv7jT19HHB1aI6O
5XQ182984RNBZX3Au+H1Gm8knNZhlZ1PdlMR/jKPIi55t39uhevQMDJDCzRmaAWR
n7QLSC5n6KwneQJdajg0+v75qznNl3UGrAI6C5/y6xzSw3PJChRVJiIZICmKiyZQ
MVzKwvAUokvE5hH4/LAIlQqWmGcOyzzsItXeW6kpwn8OtGxMpew1Obby5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlupK8j0RYKjII0y61unJuIqysWMB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN8udMB3t
9Nbj6mYThJ76bdWUNzJSSvpnVofWjsaafk2EgzGL3MQE5tfbwBjsaU+yfh8+480i
ocEUv0hR0WPkiugN3Kr7oToryWYJB8HDZ3FAM4SXiLo3O02jZLdUQqJuDfo8qEoE
YD6ssoPT8RgVaKntEiIM/yoLwVAqEXQEjNmEnJeyeuYB3n84eDHTywwHzvLfoCXq
kv24b2FaNw0w28l0HrrkZ3ySgjMtBhl+KGD7Yii/Mq2sDvt4Z7/ukpDIqzk68mNi
TimnZ3CBDyeC3ZWiAUNThbt+00H7PBNeAHnm76rKZY2j/hA1Me9MFgR3hK0mEt3z
G4nh7X1/Eb3Big==
-----END CERTIFICATE-----