Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
File:                     kdTzrA50tq60hL0U9ocdmjBCK30.mft (raw, json)
Hash identifier:          fgRQR4yNiHXXmC1F3WzlgjKYuVn2YlTsfRAMugzQRDo=
Subject key identifier:   34:08:A4:9A:83:4D:87:4D:10:C1:25:FC:22:C2:81:E2:93:11:BE:56
Authority key identifier: 91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D
Certificate issuer:       /CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
Certificate serial:       0198D660D27D0CF63089684156E931BC2F05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
Manifest number:          C1
Signing time:             Sat 23 Aug 2025 10:02:06 +0000
Manifest this update:     Sat 23 Aug 2025 10:02:06 +0000
Manifest next update:     Sun 24 Aug 2025 10:02:06 +0000
Files and hashes:         1: kdTzrA50tq60hL0U9ocdmjBCK30.crl (hash: 17ioHjqDvdwOc6zLl7cwh7Q3YPimJQkWPFnMC39IQAw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:60:d2:7d:0c:f6:30:89:68:41:56:e9:31:bc:2f:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
        Validity
            Not Before: Aug 23 10:02:06 2025 GMT
            Not After : Aug 24 10:02:06 2025 GMT
        Subject: CN=3408a49a834d874d10c125fc22c281e29311be56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:50:0f:b5:c1:7a:df:8f:b8:03:bb:4c:94:bd:
                    35:ff:86:00:86:81:82:86:00:67:32:f6:f3:a0:a1:
                    6f:2c:3e:22:0a:41:a2:86:ae:d0:20:b4:fb:bb:00:
                    4f:0a:f3:d6:3c:9d:de:7e:1a:75:b5:f1:95:ad:27:
                    da:ba:6f:80:c5:1e:91:03:ee:69:35:c9:21:62:61:
                    36:2f:62:c2:69:13:0b:e6:42:96:55:de:6a:ed:65:
                    fe:eb:54:f0:1b:14:db:19:0f:d3:15:0d:ea:2f:51:
                    60:44:26:93:3d:f2:45:7e:53:42:ef:69:d4:c2:42:
                    0f:f6:79:6b:d0:27:5e:ba:72:33:d2:af:a0:d3:51:
                    cd:7b:c4:f1:82:7d:c5:b0:96:b9:49:18:7e:6c:13:
                    37:f1:4f:c5:88:77:18:fa:65:86:ac:4a:63:f5:c9:
                    c2:31:b0:3b:f4:d7:6c:68:38:87:bc:08:07:1c:4b:
                    92:06:78:d3:ce:4d:0a:da:24:ff:36:6e:e8:c3:c4:
                    fa:dc:76:06:f5:16:49:a6:0b:b5:bc:68:25:5e:0d:
                    14:89:d7:a5:6a:73:12:b6:3f:67:15:56:49:23:03:
                    f9:24:2f:7f:e5:b4:7b:c4:07:18:22:dd:7c:6a:84:
                    f0:d6:7d:22:e9:6b:d8:8f:3a:32:56:68:ff:97:8b:
                    f6:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:08:A4:9A:83:4D:87:4D:10:C1:25:FC:22:C2:81:E2:93:11:BE:56
            X509v3 Authority Key Identifier:
                keyid:91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:fe:10:64:6f:ac:28:62:49:f4:ed:8c:4e:2e:a0:73:87:0a:
         7f:00:35:33:98:a8:21:19:b7:16:78:43:39:96:21:e0:20:0c:
         44:71:6a:bd:f3:6a:27:05:d6:38:fe:fb:20:d5:17:d2:5b:c1:
         d9:a5:34:99:ee:12:6b:5c:00:4e:19:17:14:41:5d:f0:2b:9b:
         75:d8:e5:3c:5d:b7:68:e1:0f:8b:55:88:2f:18:6a:3e:f1:00:
         3f:26:27:46:34:f9:a4:48:ff:2e:a0:b6:c6:30:d7:20:b0:9e:
         70:26:9b:24:f7:fc:40:73:cc:1f:f3:f7:d4:52:4f:e8:df:ad:
         cf:e7:1a:2f:bf:03:55:11:9f:87:1e:77:03:db:fa:fe:48:82:
         2f:5d:c3:4c:2a:70:2d:32:8b:64:a1:47:a8:82:b5:8a:b4:b0:
         2e:a5:d7:b6:b9:67:3b:43:bc:07:8e:cf:e6:b2:b8:e0:5d:0b:
         4c:44:6f:da:1d:f2:c7:92:22:bb:93:9b:c8:24:29:2d:cd:3c:
         56:19:f5:00:de:49:85:0d:82:d3:87:83:9e:03:ec:9d:ae:2a:
         f3:72:50:d9:e4:a2:9d:8b:a3:8c:8a:1e:e8:6c:80:0d:1a:af:
         44:38:f4:7b:9a:37:4d:a3:62:7e:11:f6:91:f0:c9:2b:31:68:
         66:78:c5:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWYNJ9DPYwiWhBVukxvC8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDRmM2FjMGU3NGI2YWViNDg0YmQxNGY2ODcxZDlhMzA0
MjJiN2QwHhcNMjUwODIzMTAwMjA2WhcNMjUwODI0MTAwMjA2WjAzMTEwLwYDVQQD
EygzNDA4YTQ5YTgzNGQ4NzRkMTBjMTI1ZmMyMmMyODFlMjkzMTFiZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FAPtcF634+4A7tMlL01/4YAhoGC
hgBnMvbzoKFvLD4iCkGihq7QILT7uwBPCvPWPJ3efhp1tfGVrSfaum+AxR6RA+5p
NckhYmE2L2LCaRML5kKWVd5q7WX+61TwGxTbGQ/TFQ3qL1FgRCaTPfJFflNC72nU
wkIP9nlr0CdeunIz0q+g01HNe8Txgn3FsJa5SRh+bBM38U/FiHcY+mWGrEpj9cnC
MbA79NdsaDiHvAgHHEuSBnjTzk0K2iT/Nm7ow8T63HYG9RZJpgu1vGglXg0Uidel
anMStj9nFVZJIwP5JC9/5bR7xAcYIt18aoTw1n0i6WvYjzoyVmj/l4v2AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDQIpJqDTYdNEMEl/CLCgeKTEb5WMB8GA1UdIwQY
MBaAFJHU86wOdLautIS9FPaHHZowQit9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEt
YWExMDQ3MzJmNTczLzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEtYWExMDQ3MzJmNTcz
LzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArP4QZG+s
KGJJ9O2MTi6gc4cKfwA1M5ioIRm3FnhDOZYh4CAMRHFqvfNqJwXWOP77INUX0lvB
2aU0me4Sa1wAThkXFEFd8CubddjlPF23aOEPi1WILxhqPvEAPyYnRjT5pEj/LqC2
xjDXILCecCabJPf8QHPMH/P31FJP6N+tz+caL78DVRGfhx53A9v6/kiCL13DTCpw
LTKLZKFHqIK1irSwLqXXtrlnO0O8B47P5rK44F0LTERv2h3yx5Iiu5ObyCQpLc08
Vhn1AN5JhQ2C04eDngPsna4q83JQ2eSinYujjIoe6GyADRqvRDj0e5o3TaNifhH2
kfDJKzFoZnjFFQ==
-----END CERTIFICATE-----