Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
File:                     kdTzrA50tq60hL0U9ocdmjBCK30.mft (raw, json)
Hash identifier:          VZZHWaMQAHBnwXaRGLM1pimNqd3577V8eaYz8lnLRGA=
Subject key identifier:   05:F7:CC:4A:E3:BD:18:8B:B5:C8:EF:64:C9:2F:FE:80:3D:21:0B:18
Authority key identifier: 91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D
Certificate issuer:       /CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
Certificate serial:       0199FBEBE944F8B11D2ED76D8B400449A557
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
Manifest number:          0159
Signing time:             Sun 19 Oct 2025 10:02:45 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:45 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:45 +0000
Files and hashes:         1: kdTzrA50tq60hL0U9ocdmjBCK30.crl (hash: mDJWjwXsDE7EVDNfLuRmckAXc+IDkYijcfYSMqt3E48=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:e9:44:f8:b1:1d:2e:d7:6d:8b:40:04:49:a5:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91d4f3ac0e74b6aeb484bd14f6871d9a30422b7d
        Validity
            Not Before: Oct 19 10:02:45 2025 GMT
            Not After : Oct 20 10:02:45 2025 GMT
        Subject: CN=05f7cc4ae3bd188bb5c8ef64c92ffe803d210b18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d8:88:c5:c8:bd:4b:34:f5:43:b3:b9:24:66:
                    08:82:92:15:44:5e:24:01:a4:70:bb:c1:3b:8e:38:
                    a2:a6:7c:9f:57:c9:93:19:6a:5b:b7:20:d7:4a:b7:
                    8b:4e:98:6b:a0:8d:2a:43:a2:d0:60:92:15:6a:c9:
                    1b:1d:f8:e9:4f:cf:7b:ec:8c:c1:f2:f0:23:29:a9:
                    88:58:15:fa:da:df:ba:30:b4:27:a0:86:a2:fc:71:
                    10:66:ff:cf:2e:dc:b4:bc:9d:c6:1c:e5:36:fe:a1:
                    82:32:a8:34:04:df:d8:71:f4:7f:06:7a:5e:46:c4:
                    47:fa:99:f4:88:cd:26:35:f5:e8:5e:ad:77:58:18:
                    18:7f:bd:29:66:d3:a3:e8:a8:da:73:d8:46:de:37:
                    79:5a:9b:3a:07:53:67:24:ac:8f:f0:81:1f:54:3e:
                    62:64:74:bf:0e:a3:8a:b7:a6:c3:4b:17:5c:dc:29:
                    61:ea:da:41:79:d9:f5:54:6d:c7:33:84:06:84:cd:
                    fd:02:c4:16:39:9a:e4:f8:fb:31:76:80:2b:b2:51:
                    51:a2:3d:40:0d:c2:55:60:0a:10:06:2a:19:94:e6:
                    11:df:88:f5:4b:c6:9d:41:a1:ae:94:2e:91:8e:44:
                    75:a6:3b:78:76:00:6e:de:25:8b:30:26:bb:f6:29:
                    6a:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:F7:CC:4A:E3:BD:18:8B:B5:C8:EF:64:C9:2F:FE:80:3D:21:0B:18
            X509v3 Authority Key Identifier:
                keyid:91:D4:F3:AC:0E:74:B6:AE:B4:84:BD:14:F6:87:1D:9A:30:42:2B:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdTzrA50tq60hL0U9ocdmjBCK30.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/8d0c68-61a5-4ae1-a831-aa104732f573/1/kdTzrA50tq60hL0U9ocdmjBCK30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:d9:a8:30:42:70:ba:e2:01:bc:6b:f6:d9:00:e6:d5:70:6b:
         a4:82:67:ec:56:66:10:a7:bc:d0:a2:de:42:df:59:80:c5:f8:
         0a:f3:90:a5:72:e2:24:7d:83:64:e8:4d:ce:31:5b:61:c2:f4:
         7a:5b:ae:91:9d:0b:b4:b7:95:c3:b0:53:ed:bf:47:a2:95:39:
         c7:4c:a8:ee:1e:fa:c6:81:9d:b7:a5:f7:cf:b8:b2:a2:18:c6:
         6c:8c:00:92:e8:f3:ca:79:5f:04:6e:af:d2:5d:a0:bc:ba:a5:
         bb:df:f4:b4:17:3b:a8:0f:91:e8:d6:b8:76:b9:26:8f:45:3d:
         be:48:a6:39:65:67:70:5c:53:aa:58:a8:0c:e6:a4:d1:48:aa:
         cf:0c:42:bc:82:e9:cc:52:c4:4e:3b:c0:25:f4:82:ce:28:21:
         6d:2f:36:36:b3:cf:72:cd:3f:0f:6f:94:58:2e:7a:cf:30:7d:
         53:c0:57:8d:f8:55:f8:d4:ce:af:9d:bf:d3:34:3a:af:3e:f8:
         48:3a:6b:67:6a:9a:e8:66:9b:77:9f:13:35:05:b4:df:f0:94:
         d5:ab:2f:2c:9a:d9:8f:62:1c:53:7e:13:60:7f:5a:22:21:e7:
         0e:e8:29:14:05:c2:19:d4:bf:af:8a:cd:98:21:90:52:e8:63:
         0e:46:e7:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76+lE+LEdLtdti0AESaVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDRmM2FjMGU3NGI2YWViNDg0YmQxNGY2ODcxZDlhMzA0
MjJiN2QwHhcNMjUxMDE5MTAwMjQ1WhcNMjUxMDIwMTAwMjQ1WjAzMTEwLwYDVQQD
EygwNWY3Y2M0YWUzYmQxODhiYjVjOGVmNjRjOTJmZmU4MDNkMjEwYjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldiIxci9SzT1Q7O5JGYIgpIVRF4k
AaRwu8E7jjiipnyfV8mTGWpbtyDXSreLTphroI0qQ6LQYJIVaskbHfjpT8977IzB
8vAjKamIWBX62t+6MLQnoIai/HEQZv/PLty0vJ3GHOU2/qGCMqg0BN/YcfR/Bnpe
RsRH+pn0iM0mNfXoXq13WBgYf70pZtOj6Kjac9hG3jd5Wps6B1NnJKyP8IEfVD5i
ZHS/DqOKt6bDSxdc3Clh6tpBedn1VG3HM4QGhM39AsQWOZrk+PsxdoArslFRoj1A
DcJVYAoQBioZlOYR34j1S8adQaGulC6RjkR1pjt4dgBu3iWLMCa79ilqNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAX3zErjvRiLtcjvZMkv/oA9IQsYMB8GA1UdIwQY
MBaAFJHU86wOdLautIS9FPaHHZowQit9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEt
YWExMDQ3MzJmNTczLzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84ZDBjNjgtNjFhNS00YWUxLWE4MzEtYWExMDQ3MzJmNTcz
LzEva2RUenJBNTB0cTYwaEwwVTlvY2RtakJDSzMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhdmoMEJw
uuIBvGv22QDm1XBrpIJn7FZmEKe80KLeQt9ZgMX4CvOQpXLiJH2DZOhNzjFbYcL0
eluukZ0LtLeVw7BT7b9HopU5x0yo7h76xoGdt6X3z7iyohjGbIwAkujzynlfBG6v
0l2gvLqlu9/0tBc7qA+R6Na4drkmj0U9vkimOWVncFxTqlioDOak0UiqzwxCvILp
zFLETjvAJfSCzighbS82NrPPcs0/D2+UWC56zzB9U8BXjfhV+NTOr52/0zQ6rz74
SDprZ2qa6Gabd58TNQW03/CU1asvLJrZj2IcU34TYH9aIiHnDugpFAXCGdS/r4rN
mCGQUuhjDkbnOw==
-----END CERTIFICATE-----