Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
File:                     ksrhHed02u8FJ0JGPOlU9SHG0nI.mft (raw, json)
Hash identifier:          You7ODxGAXOLV2eXba1o5d5to4zrq0xfSjABCnh05TM=
Subject key identifier:   B3:09:F4:FD:6E:CF:0B:56:28:14:41:83:66:95:90:A2:BE:2D:F8:8F
Authority key identifier: 92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72
Certificate issuer:       /CN=92cae11de774daef052742463ce954f521c6d272
Certificate serial:       0199FBEB5ECB7891D987EDD6E60D58C82423
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
Manifest number:          10DA
Signing time:             Sun 19 Oct 2025 10:02:10 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:10 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:10 +0000
Files and hashes:         1: ksrhHed02u8FJ0JGPOlU9SHG0nI.crl (hash: TB0/KMI/7m50G/eRl2q/F8YxV36QJ6Pm5n4PHLUWaUE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:5e:cb:78:91:d9:87:ed:d6:e6:0d:58:c8:24:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92cae11de774daef052742463ce954f521c6d272
        Validity
            Not Before: Oct 19 10:02:10 2025 GMT
            Not After : Oct 20 10:02:10 2025 GMT
        Subject: CN=b309f4fd6ecf0b5628144183669590a2be2df88f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:00:1c:0f:be:77:b3:f8:9b:cf:f7:74:a9:dc:
                    53:bd:f5:bd:43:b1:e3:73:0f:75:94:e8:23:ef:6b:
                    7d:bc:4a:db:74:33:45:42:c0:50:80:40:47:ae:c1:
                    fc:65:b7:87:71:16:1c:79:0d:1a:c4:fb:e5:04:58:
                    a0:c2:a5:0f:d4:40:16:0e:1e:8f:d6:87:a7:1d:6f:
                    96:e5:77:39:9b:b4:3f:e0:fb:3f:33:88:fa:89:42:
                    1f:9f:9a:6a:60:30:de:59:93:d3:8b:80:49:e3:04:
                    dd:af:36:c1:cc:5e:3d:7a:42:00:c1:2b:8c:5b:2e:
                    2a:d4:e9:e2:ce:ea:95:80:74:dc:6a:d8:0f:a3:af:
                    54:05:61:54:83:31:1e:7e:24:e1:88:64:04:76:c3:
                    76:bd:90:95:a7:f2:9d:55:0b:a8:42:15:4e:54:9c:
                    96:d2:75:df:29:a8:de:63:f2:a6:3d:eb:c8:ae:0c:
                    14:8b:86:2c:e6:79:fa:be:87:e8:65:d0:52:7b:b6:
                    d0:3c:8d:34:c7:65:22:fd:3b:1b:86:6c:9e:61:88:
                    e2:72:02:f3:8c:a9:19:73:a5:aa:f1:d7:33:ca:8a:
                    58:8d:44:d3:43:b4:96:98:7f:5d:a1:60:74:99:17:
                    e9:84:5c:4e:48:96:20:55:83:78:07:61:b6:95:bc:
                    91:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:09:F4:FD:6E:CF:0B:56:28:14:41:83:66:95:90:A2:BE:2D:F8:8F
            X509v3 Authority Key Identifier:
                keyid:92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:19:db:38:c6:55:17:87:c3:c2:ff:8d:59:cb:f6:6b:37:bb:
         f3:89:3d:45:29:8f:78:68:41:45:9b:4f:9e:af:c2:6b:1d:68:
         cd:69:ae:c3:a9:b8:a9:bb:ea:8f:28:8f:d9:2e:b1:2a:96:f5:
         c5:e2:dd:56:d5:33:98:9b:4e:db:d0:84:b5:6c:b6:74:d4:41:
         59:63:f1:b6:8f:91:4e:d0:94:b3:77:50:44:15:32:f3:77:13:
         1a:49:6f:48:a7:97:5d:a7:45:aa:5c:df:c5:d6:54:55:13:cd:
         2d:97:81:99:8f:2f:9a:5c:73:c5:fa:6d:f1:f8:7a:17:90:a2:
         75:23:21:42:78:aa:9f:af:90:76:0b:39:96:eb:cd:0d:3f:68:
         27:64:a6:99:01:24:c6:72:4a:92:77:42:d4:89:a2:3e:d8:48:
         bb:87:64:63:15:dd:9a:9f:41:57:06:ae:b2:f9:ff:e3:bd:a7:
         c9:78:78:66:36:f0:5c:90:49:17:7f:8e:8e:d1:d1:e0:fd:e1:
         ac:3f:b3:2a:b7:26:1f:23:a3:cc:b2:9b:70:b4:c1:00:7d:6c:
         69:4a:07:d2:d2:3f:50:a7:2e:8c:70:c7:14:3e:b2:44:f3:35:
         ec:3f:16:3b:e4:6c:13:4e:b4:d7:35:da:54:56:27:ae:9d:5c:
         bb:13:96:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7617LeJHZh+3W5g1YyCQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyY2FlMTFkZTc3NGRhZWYwNTI3NDI0NjNjZTk1NGY1MjFj
NmQyNzIwHhcNMjUxMDE5MTAwMjEwWhcNMjUxMDIwMTAwMjEwWjAzMTEwLwYDVQQD
EyhiMzA5ZjRmZDZlY2YwYjU2MjgxNDQxODM2Njk1OTBhMmJlMmRmODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgAcD753s/ibz/d0qdxTvfW9Q7Hj
cw91lOgj72t9vErbdDNFQsBQgEBHrsH8ZbeHcRYceQ0axPvlBFigwqUP1EAWDh6P
1oenHW+W5Xc5m7Q/4Ps/M4j6iUIfn5pqYDDeWZPTi4BJ4wTdrzbBzF49ekIAwSuM
Wy4q1OnizuqVgHTcatgPo69UBWFUgzEefiThiGQEdsN2vZCVp/KdVQuoQhVOVJyW
0nXfKajeY/KmPevIrgwUi4Ys5nn6vofoZdBSe7bQPI00x2Ui/TsbhmyeYYjicgLz
jKkZc6Wq8dczyopYjUTTQ7SWmH9doWB0mRfphFxOSJYgVYN4B2G2lbyRNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMJ9P1uzwtWKBRBg2aVkKK+LfiPMB8GA1UdIwQY
MBaAFJLK4R3ndNrvBSdCRjzpVPUhxtJyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQt
ZWZmNmZkN2QzYjI4LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQtZWZmNmZkN2QzYjI4
LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaBnbOMZV
F4fDwv+NWcv2aze784k9RSmPeGhBRZtPnq/Cax1ozWmuw6m4qbvqjyiP2S6xKpb1
xeLdVtUzmJtO29CEtWy2dNRBWWPxto+RTtCUs3dQRBUy83cTGklvSKeXXadFqlzf
xdZUVRPNLZeBmY8vmlxzxfpt8fh6F5CidSMhQniqn6+Qdgs5luvNDT9oJ2SmmQEk
xnJKkndC1ImiPthIu4dkYxXdmp9BVwausvn/472nyXh4ZjbwXJBJF3+OjtHR4P3h
rD+zKrcmHyOjzLKbcLTBAH1saUoH0tI/UKcujHDHFD6yRPM17D8WO+RsE0601zXa
VFYnrp1cuxOWlg==
-----END CERTIFICATE-----