Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
File:                     kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft (raw, json)
Hash identifier:          LoJHgJ+/lBAPI22F+2F84pD+R1jcw85c6tJE2aPPYiI=
Subject key identifier:   CB:43:13:B6:3D:C1:86:80:D0:45:EB:02:A3:BD:17:69:62:1B:D1:7B
Authority key identifier: 93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44
Certificate issuer:       /CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44
Certificate serial:       0198D6CD57C4C2E4B67916B074961921E3D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
Manifest number:          15DA
Signing time:             Sat 23 Aug 2025 12:00:38 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:38 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:38 +0000
Files and hashes:         1: kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl (hash: ZWxCQgPQh8CIdFHxB8XiGsAETpWacCbB393tvK2deMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:57:c4:c2:e4:b6:79:16:b0:74:96:19:21:e3:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44
        Validity
            Not Before: Aug 23 12:00:38 2025 GMT
            Not After : Aug 24 12:00:38 2025 GMT
        Subject: CN=cb4313b63dc18680d045eb02a3bd1769621bd17b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:d6:f6:de:82:89:65:8e:60:57:d3:84:18:9c:
                    3a:b8:ec:93:f1:d5:e4:96:09:44:fe:c5:6e:c2:0d:
                    61:71:ec:1a:11:5b:b8:00:6a:63:6b:7a:f7:d0:7a:
                    68:0b:3f:42:a4:0c:f2:86:2d:e6:32:01:a4:e3:94:
                    e8:c2:bb:68:b5:bd:21:7f:8d:92:69:e0:95:2d:ca:
                    b0:04:92:43:00:28:4b:b8:a1:f0:21:12:4f:91:3c:
                    0d:41:ef:1c:ae:bb:cf:ea:97:07:bb:90:c4:24:37:
                    d2:1c:4b:0d:4c:c6:b4:d6:27:83:28:71:e7:4a:52:
                    cf:75:3f:b4:28:6b:13:0c:54:00:db:df:aa:18:ca:
                    67:61:34:85:38:98:81:f1:a5:b8:48:a0:08:7a:87:
                    7b:47:e6:a2:45:8f:5d:3e:8a:15:9d:a0:9a:47:23:
                    ea:28:7b:d9:b5:25:c0:11:78:c9:8e:d7:dc:63:88:
                    c2:28:32:e2:f7:ba:c3:2e:59:4f:fe:21:63:6b:dd:
                    5a:08:c1:4e:a4:2d:74:95:45:1d:ba:56:f3:9a:a9:
                    09:64:1f:27:a1:94:2b:3c:07:5b:78:4e:62:e9:2d:
                    80:45:bd:c7:93:a7:6d:dc:c5:49:0b:df:36:ae:ed:
                    c8:0f:8d:61:39:2a:74:6f:7e:25:ed:c2:9d:10:f4:
                    50:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:43:13:B6:3D:C1:86:80:D0:45:EB:02:A3:BD:17:69:62:1B:D1:7B
            X509v3 Authority Key Identifier:
                keyid:93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:52:a7:86:0e:9d:1b:e9:af:5d:14:4c:17:cf:ee:e0:a5:46:
         ff:2c:c5:e7:52:b3:3e:d1:66:6a:a6:a4:a6:55:2e:35:82:5c:
         6c:f8:04:e4:c3:06:15:2f:a1:97:04:34:4d:f1:22:45:0c:69:
         e8:34:08:c8:62:4b:49:d1:f7:50:c7:e5:1c:34:2e:56:46:f2:
         5a:67:83:43:d0:98:63:a2:b1:43:5c:16:73:fb:0a:4b:04:3e:
         65:91:16:f9:ed:a4:d1:e9:a7:fc:ab:30:05:54:18:b8:d4:ec:
         51:4a:43:20:98:8d:bf:81:08:3b:8e:ad:b3:84:60:89:30:0a:
         1b:6c:24:11:22:3a:5a:d3:08:49:17:4b:d7:4d:cb:7c:9e:fd:
         e6:cd:89:9a:e3:c1:b8:7e:5e:3e:3f:b0:a0:22:bb:7a:c6:5a:
         2a:04:c4:ec:a4:e2:38:95:d9:7a:75:89:92:e3:06:c0:6e:17:
         bd:27:01:8a:4d:98:ec:f9:39:72:36:f3:ce:6a:64:6c:86:07:
         ff:df:c4:0c:d7:c4:84:36:c5:d0:c7:8c:b4:a0:16:19:ec:d9:
         ac:cb:5e:78:47:4b:6d:da:be:34:a7:4b:14:39:9b:43:5a:30:
         81:9e:cb:d0:87:bf:5a:09:4a:e2:b4:07:4c:44:52:a5:0c:df:
         bd:84:68:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzVfEwuS2eRawdJYZIePYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzIwZThiZTdjNzRjYTY1NWM3YzNlOTc4YmMxYWE2MGZk
OGRiNDQwHhcNMjUwODIzMTIwMDM4WhcNMjUwODI0MTIwMDM4WjAzMTEwLwYDVQQD
EyhjYjQzMTNiNjNkYzE4NjgwZDA0NWViMDJhM2JkMTc2OTYyMWJkMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdb23oKJZY5gV9OEGJw6uOyT8dXk
lglE/sVuwg1hcewaEVu4AGpja3r30HpoCz9CpAzyhi3mMgGk45Towrtotb0hf42S
aeCVLcqwBJJDAChLuKHwIRJPkTwNQe8crrvP6pcHu5DEJDfSHEsNTMa01ieDKHHn
SlLPdT+0KGsTDFQA29+qGMpnYTSFOJiB8aW4SKAIeod7R+aiRY9dPooVnaCaRyPq
KHvZtSXAEXjJjtfcY4jCKDLi97rDLllP/iFja91aCMFOpC10lUUdulbzmqkJZB8n
oZQrPAdbeE5i6S2ARb3Hk6dt3MVJC982ru3ID41hOSp0b34l7cKdEPRQOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtDE7Y9wYaA0EXrAqO9F2liG9F7MB8GA1UdIwQY
MBaAFJMyDovnx0ymVcfD6Xi8GqYP2NtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYt
ZmE5MWM3NWZiOWRjLzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYtZmE5MWM3NWZiOWRj
LzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1Knhg6d
G+mvXRRMF8/u4KVG/yzF51KzPtFmaqakplUuNYJcbPgE5MMGFS+hlwQ0TfEiRQxp
6DQIyGJLSdH3UMflHDQuVkbyWmeDQ9CYY6KxQ1wWc/sKSwQ+ZZEW+e2k0emn/Ksw
BVQYuNTsUUpDIJiNv4EIO46ts4RgiTAKG2wkESI6WtMISRdL103LfJ795s2JmuPB
uH5ePj+woCK7esZaKgTE7KTiOJXZenWJkuMGwG4XvScBik2Y7Pk5cjbzzmpkbIYH
/9/EDNfEhDbF0MeMtKAWGezZrMteeEdLbdq+NKdLFDmbQ1owgZ7L0Ie/WglK4rQH
TERSpQzfvYRobQ==
-----END CERTIFICATE-----