Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
File:                     kNRNBKKqhYbulMejNTbDaBatoWM.mft (raw, json)
Hash identifier:          mMrinknTJyKguSK8JLvV+BSMOcinMGbn7QyYbC2k83w=
Subject key identifier:   F2:39:64:25:A4:59:5E:54:8C:87:1B:CC:2A:7D:9E:7F:C1:D1:5D:0C
Authority key identifier: 90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63
Certificate issuer:       /CN=90d44d04a2aa8586ee94c7a33536c36816ada163
Certificate serial:       0199FBEBBDA42FAEF311A807426EB40C9DD9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 10:02:34 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:34 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:34 +0000
Files and hashes:         1: kNRNBKKqhYbulMejNTbDaBatoWM.crl (hash: h20gtmZu56UNxgiC8Ys0uhOd4PpGok9uNsz4Qo5/6Vk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:bd:a4:2f:ae:f3:11:a8:07:42:6e:b4:0c:9d:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90d44d04a2aa8586ee94c7a33536c36816ada163
        Validity
            Not Before: Oct 19 10:02:34 2025 GMT
            Not After : Oct 20 10:02:34 2025 GMT
        Subject: CN=f2396425a4595e548c871bcc2a7d9e7fc1d15d0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:4c:62:21:00:0a:40:cc:84:50:ac:8f:35:4d:
                    0c:8e:31:0a:2e:c7:f9:0b:7a:e3:29:3e:3c:90:14:
                    ba:2f:04:00:a0:19:ae:df:6b:ae:fa:5f:e8:b4:b8:
                    7e:25:70:a4:c9:7f:7c:25:fd:b1:55:49:1f:8e:f4:
                    6d:72:c6:8d:51:b1:15:31:9c:f2:bb:b1:ef:e1:4f:
                    8e:18:89:d9:0a:d5:75:ec:52:2c:23:7d:57:33:00:
                    0f:48:c4:64:0c:b6:65:66:54:71:95:b1:33:96:bc:
                    96:d2:49:04:7e:67:80:69:c5:79:7b:a8:68:38:36:
                    f3:cd:83:b9:80:ad:0f:98:27:a4:dd:2b:2f:0d:55:
                    ea:dc:b0:5f:04:69:7f:13:b2:79:4c:76:ac:95:47:
                    87:20:9d:c4:c7:74:7a:94:74:8c:ed:3e:d3:86:c2:
                    c9:59:b1:46:af:c0:ce:10:57:29:13:3c:e6:82:4d:
                    9e:5c:fc:77:5e:60:99:fe:ed:bd:af:51:32:3f:43:
                    92:bd:cf:f1:22:c5:6d:e5:bc:e6:70:09:1d:d5:3a:
                    ec:99:a8:07:09:12:a8:a2:75:fe:62:f8:b5:75:aa:
                    0f:d1:95:c1:13:99:6f:bb:03:f5:db:d1:9c:46:32:
                    f2:c6:4c:2c:3d:2e:9d:2d:f0:94:6a:0c:f0:33:72:
                    07:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:39:64:25:A4:59:5E:54:8C:87:1B:CC:2A:7D:9E:7F:C1:D1:5D:0C
            X509v3 Authority Key Identifier:
                keyid:90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:e5:77:74:64:91:46:7c:0c:9b:d1:f2:e2:05:ba:26:7f:c3:
         34:86:7f:d9:a0:8b:8f:86:39:0a:4d:1d:33:38:19:c7:1f:79:
         e9:5b:5e:3c:42:db:f2:ad:c4:d6:d4:02:6d:09:4e:da:99:25:
         a0:62:4f:db:4c:37:e6:c1:1a:a2:95:03:25:cd:1f:67:3d:94:
         ff:82:bf:02:04:f7:23:6b:f7:8e:ab:ed:a7:90:f2:14:7a:69:
         59:64:e3:21:af:d1:fc:0d:3e:82:47:6f:35:74:c0:a7:b9:a8:
         d0:b1:bf:db:12:06:b9:8d:80:92:40:b6:ec:3e:67:a0:0a:7e:
         f7:55:e7:20:f3:41:ea:2d:04:ab:2b:58:c8:2d:6c:00:39:d5:
         78:23:da:62:60:ac:d8:5d:18:0e:c3:d9:07:f4:87:01:bb:45:
         57:16:e0:90:77:bf:4b:79:ea:9e:93:cc:8d:2c:79:a5:61:c9:
         52:de:0e:9f:b9:34:3a:6f:72:e5:a9:3b:51:f5:00:5c:36:52:
         73:1d:95:fb:ff:ca:f4:1c:fb:a3:3d:02:eb:1c:d0:bf:4c:0b:
         3f:c3:d0:a4:46:f3:af:9c:6d:be:ad:ce:3e:39:c6:31:b7:f8:
         3e:5a:b9:56:06:7d:b4:3e:24:b1:77:76:85:2c:7e:ed:43:e1:
         f3:b8:75:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7672kL67zEagHQm60DJ3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDQ0ZDA0YTJhYTg1ODZlZTk0YzdhMzM1MzZjMzY4MTZh
ZGExNjMwHhcNMjUxMDE5MTAwMjM0WhcNMjUxMDIwMTAwMjM0WjAzMTEwLwYDVQQD
EyhmMjM5NjQyNWE0NTk1ZTU0OGM4NzFiY2MyYTdkOWU3ZmMxZDE1ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ExiIQAKQMyEUKyPNU0MjjEKLsf5
C3rjKT48kBS6LwQAoBmu32uu+l/otLh+JXCkyX98Jf2xVUkfjvRtcsaNUbEVMZzy
u7Hv4U+OGInZCtV17FIsI31XMwAPSMRkDLZlZlRxlbEzlryW0kkEfmeAacV5e6ho
ODbzzYO5gK0PmCek3SsvDVXq3LBfBGl/E7J5THaslUeHIJ3Ex3R6lHSM7T7ThsLJ
WbFGr8DOEFcpEzzmgk2eXPx3XmCZ/u29r1EyP0OSvc/xIsVt5bzmcAkd1TrsmagH
CRKoonX+Yvi1daoP0ZXBE5lvuwP129GcRjLyxkwsPS6dLfCUagzwM3IH8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPI5ZCWkWV5UjIcbzCp9nn/B0V0MMB8GA1UdIwQY
MBaAFJDUTQSiqoWG7pTHozU2w2gWraFjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzIt
NmY4Y2FjYzEyMzM5LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzItNmY4Y2FjYzEyMzM5
LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtOV3dGSR
RnwMm9Hy4gW6Jn/DNIZ/2aCLj4Y5Ck0dMzgZxx956VtePELb8q3E1tQCbQlO2pkl
oGJP20w35sEaopUDJc0fZz2U/4K/AgT3I2v3jqvtp5DyFHppWWTjIa/R/A0+gkdv
NXTAp7mo0LG/2xIGuY2AkkC27D5noAp+91XnIPNB6i0EqytYyC1sADnVeCPaYmCs
2F0YDsPZB/SHAbtFVxbgkHe/S3nqnpPMjSx5pWHJUt4On7k0Om9y5ak7UfUAXDZS
cx2V+//K9Bz7oz0C6xzQv0wLP8PQpEbzr5xtvq3OPjnGMbf4Plq5VgZ9tD4ksXd2
hSx+7UPh87h1Ig==
-----END CERTIFICATE-----