Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
File:                     kNRNBKKqhYbulMejNTbDaBatoWM.mft (raw, json)
Hash identifier:          qBLm3xuPT6TrEJMqTnjh9kBl89Q1QNg5KVRIF8t6Ek0=
Subject key identifier:   B4:ED:BB:FE:62:7C:9E:28:CA:8E:B5:A7:56:98:7C:9D:16:1C:18:17
Authority key identifier: 90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63
Certificate issuer:       /CN=90d44d04a2aa8586ee94c7a33536c36816ada163
Certificate serial:       0198D4741A9607B28C5898F3991898808B02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 01:03:55 +0000
Manifest this update:     Sat 23 Aug 2025 01:03:55 +0000
Manifest next update:     Sun 24 Aug 2025 01:03:55 +0000
Files and hashes:         1: kNRNBKKqhYbulMejNTbDaBatoWM.crl (hash: lW3ur47jSZ8bDsL4eY7YqMit0tiV8yxBb3jaPa888mA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:74:1a:96:07:b2:8c:58:98:f3:99:18:98:80:8b:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90d44d04a2aa8586ee94c7a33536c36816ada163
        Validity
            Not Before: Aug 23 01:03:55 2025 GMT
            Not After : Aug 24 01:03:55 2025 GMT
        Subject: CN=b4edbbfe627c9e28ca8eb5a756987c9d161c1817
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:61:94:9b:a7:dd:7f:77:02:ba:46:5f:51:5f:
                    0b:97:83:47:e0:99:2d:61:af:fe:5f:41:dd:5c:3f:
                    0b:13:79:38:56:33:b1:13:e7:1b:03:95:7f:02:f9:
                    cc:03:22:48:49:61:52:af:77:19:0c:d6:30:67:b3:
                    97:d6:31:1c:0e:18:43:84:ae:26:09:a5:1e:0e:9c:
                    66:a7:0b:ac:45:ae:2b:d7:4c:9c:f0:a5:98:8e:09:
                    62:7f:fb:1f:92:bd:33:ec:f3:b1:c3:38:19:78:25:
                    06:7a:d3:1a:9f:ae:11:b1:ad:8d:86:5a:1e:ea:be:
                    93:d6:7e:17:6c:8c:8e:27:a9:32:88:91:a9:0a:11:
                    7c:cc:c0:fd:d5:96:8a:f2:aa:ac:10:56:ae:6e:2d:
                    7e:49:b0:c4:e2:28:b7:cd:09:a3:f8:09:6f:3f:0f:
                    12:e4:f9:58:9d:2f:ee:b2:0a:0b:11:01:04:59:ba:
                    62:14:16:db:0e:00:b5:9e:c4:96:5b:eb:7d:23:d7:
                    19:54:6c:f9:26:2f:2c:3e:89:a0:87:d6:85:a6:8b:
                    f1:27:8e:f2:2e:d8:b8:8f:2c:1a:6a:ad:6d:07:09:
                    a6:0f:e1:cf:fd:32:a9:cb:1c:c5:18:b8:b0:c2:8e:
                    74:a1:97:8c:12:6a:9b:a8:eb:da:40:bc:c5:9b:91:
                    c1:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:ED:BB:FE:62:7C:9E:28:CA:8E:B5:A7:56:98:7C:9D:16:1C:18:17
            X509v3 Authority Key Identifier:
                keyid:90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:88:b4:da:60:7c:f7:ff:ed:29:04:ab:00:9b:e4:87:9c:eb:
         02:76:e1:6a:ec:1f:ca:1c:98:b1:ab:d5:17:77:47:e1:87:e4:
         44:06:98:95:f2:79:7d:fb:f7:2a:e5:fe:37:58:ab:3e:fe:1a:
         16:07:f7:2d:f0:f1:35:cc:45:08:2e:66:6d:90:d1:92:4e:e6:
         fc:b4:f7:d4:ca:e7:9a:74:3b:b4:43:c4:d4:9e:8b:56:b0:4b:
         b2:48:bb:e2:61:7d:8e:ed:71:39:a3:2c:16:e4:1d:cd:90:e3:
         9f:70:9b:8f:03:58:f2:1e:c6:f9:95:e1:2d:09:b8:31:9b:63:
         4f:26:7e:ea:8f:41:fc:c5:81:08:20:3b:43:6f:06:94:ec:cd:
         02:6a:cd:7e:1e:39:63:1c:ac:39:b6:1b:33:85:8a:6c:13:4e:
         2e:8b:72:92:86:d5:b7:63:5f:1d:bc:58:1b:97:6d:44:8a:1d:
         10:28:53:f1:e3:2d:05:63:3c:fc:ae:2b:3f:2d:eb:1d:22:ac:
         48:e1:39:fa:7e:68:7f:3d:18:2d:28:7a:55:3c:40:73:c6:64:
         1f:b3:a1:82:8a:af:94:7d:14:e5:31:a1:78:cc:6c:66:8a:fd:
         66:67:30:73:1d:9d:4f:a1:36:de:81:fc:32:8f:6b:e6:55:25:
         b1:53:8b:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUdBqWB7KMWJjzmRiYgIsCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQ0ZDA0YTJhYTg1ODZlZTk0YzdhMzM1MzZjMzY4MTZh
ZGExNjMwHhcNMjUwODIzMDEwMzU1WhcNMjUwODI0MDEwMzU1WjAzMTEwLwYDVQQD
EyhiNGVkYmJmZTYyN2M5ZTI4Y2E4ZWI1YTc1Njk4N2M5ZDE2MWMxODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGGUm6fdf3cCukZfUV8Ll4NH4Jkt
Ya/+X0HdXD8LE3k4VjOxE+cbA5V/AvnMAyJISWFSr3cZDNYwZ7OX1jEcDhhDhK4m
CaUeDpxmpwusRa4r10yc8KWYjglif/sfkr0z7POxwzgZeCUGetMan64Rsa2Nhloe
6r6T1n4XbIyOJ6kyiJGpChF8zMD91ZaK8qqsEFaubi1+SbDE4ii3zQmj+AlvPw8S
5PlYnS/usgoLEQEEWbpiFBbbDgC1nsSWW+t9I9cZVGz5Ji8sPomgh9aFpovxJ47y
Lti4jywaaq1tBwmmD+HP/TKpyxzFGLiwwo50oZeMEmqbqOvaQLzFm5HBkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLTtu/5ifJ4oyo61p1aYfJ0WHBgXMB8GA1UdIwQY
MBaAFJDUTQSiqoWG7pTHozU2w2gWraFjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzIt
NmY4Y2FjYzEyMzM5LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzItNmY4Y2FjYzEyMzM5
LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXIi02mB8
9//tKQSrAJvkh5zrAnbhauwfyhyYsavVF3dH4YfkRAaYlfJ5ffv3KuX+N1irPv4a
Fgf3LfDxNcxFCC5mbZDRkk7m/LT31MrnmnQ7tEPE1J6LVrBLski74mF9ju1xOaMs
FuQdzZDjn3CbjwNY8h7G+ZXhLQm4MZtjTyZ+6o9B/MWBCCA7Q28GlOzNAmrNfh45
YxysObYbM4WKbBNOLotykobVt2NfHbxYG5dtRIodEChT8eMtBWM8/K4rPy3rHSKs
SOE5+n5ofz0YLSh6VTxAc8ZkH7OhgoqvlH0U5TGheMxsZor9Zmcwcx2dT6E23oH8
Mo9r5lUlsVOLkg==
-----END CERTIFICATE-----