Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.mft
File:                     k4KIfhkEky8RhsLDHGqS_17GQ4c.mft (raw, json)
Hash identifier:          htqwCcgELUeaHW7whWdvmYoK0MTigb/BdDlOzEK3FUI=
Subject key identifier:   86:16:0C:23:3F:87:E5:78:EF:14:D1:1A:A3:C0:7E:8A:C3:61:CC:29
Authority key identifier: 93:82:88:7E:19:04:93:2F:11:86:C2:C3:1C:6A:92:FF:5E:C6:43:87
Certificate issuer:       /CN=9382887e1904932f1186c2c31c6a92ff5ec64387
Certificate serial:       0199FDDA4DD67EF2234763D581C90FE65B3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k4KIfhkEky8RhsLDHGqS_17GQ4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.mft
Manifest number:          0412
Signing time:             Sun 19 Oct 2025 19:02:46 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:46 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:46 +0000
Files and hashes:         1: k4KIfhkEky8RhsLDHGqS_17GQ4c.crl (hash: ZUOi+BaOdYnzQmOMiT29Po/UVbw1Ph2Zu3T/KDvJGH0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/k4KIfhkEky8RhsLDHGqS_17GQ4c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:4d:d6:7e:f2:23:47:63:d5:81:c9:0f:e6:5b:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9382887e1904932f1186c2c31c6a92ff5ec64387
        Validity
            Not Before: Oct 19 19:02:46 2025 GMT
            Not After : Oct 20 19:02:46 2025 GMT
        Subject: CN=86160c233f87e578ef14d11aa3c07e8ac361cc29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e0:17:d0:2a:9c:bd:c5:4c:15:87:a8:27:8d:
                    7b:56:31:4c:d7:92:3a:82:f0:4c:bc:1b:38:ba:0a:
                    19:ac:94:d1:b3:df:2a:28:7f:0f:ee:35:45:90:f8:
                    6a:bf:4b:c2:3b:ff:a7:6c:84:fa:fc:19:8a:68:f7:
                    74:a8:d3:d7:b6:61:09:76:da:32:57:8e:33:6a:30:
                    8d:a0:83:80:9c:70:ba:5c:17:10:08:e3:fb:2a:09:
                    62:82:df:33:54:9a:cc:e3:e8:09:cf:a5:45:2d:fa:
                    d8:59:fa:68:5a:1b:81:a0:22:05:51:0f:c2:b3:0f:
                    98:3e:27:d9:8f:9f:4d:72:b6:79:5b:27:a8:55:95:
                    89:18:d8:89:8a:5b:78:41:c1:5e:73:8a:c2:0e:19:
                    3b:e5:c6:69:04:e7:54:51:d6:1a:ae:e5:36:ec:cc:
                    72:dc:99:47:db:7e:e0:1c:97:9b:9a:9b:65:05:6b:
                    2b:41:80:76:86:f9:5c:3f:f0:3a:46:41:03:e0:bf:
                    90:08:25:da:e7:c8:30:e7:cd:48:bc:5c:9e:ae:0a:
                    71:8c:ba:08:49:f8:9e:48:ac:fc:0b:8f:f0:c2:7a:
                    64:08:c3:cc:50:71:f8:a5:fd:c0:33:ed:59:9c:da:
                    ef:f6:81:78:dd:18:1b:39:a9:e1:d5:9a:be:96:63:
                    12:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:16:0C:23:3F:87:E5:78:EF:14:D1:1A:A3:C0:7E:8A:C3:61:CC:29
            X509v3 Authority Key Identifier:
                keyid:93:82:88:7E:19:04:93:2F:11:86:C2:C3:1C:6A:92:FF:5E:C6:43:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k4KIfhkEky8RhsLDHGqS_17GQ4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:52:78:0b:60:7f:59:09:13:32:ba:f5:44:de:38:35:db:68:
         1f:82:2a:76:02:48:cc:dd:08:cf:41:17:7f:ec:11:b2:7f:38:
         d8:64:9b:07:d6:46:e3:6c:f7:25:fe:66:8a:db:ac:40:9b:bc:
         16:52:30:a4:5b:4f:ad:95:23:83:04:52:f2:f3:82:e7:39:3e:
         33:74:ef:28:78:6e:2b:60:38:db:7b:9d:fc:eb:10:05:0d:c1:
         5b:76:11:fc:c8:5b:ca:54:34:b3:96:0d:ad:49:8d:9d:53:ed:
         46:fe:ba:6a:53:00:3d:25:e2:12:19:ca:61:23:ee:f1:45:c0:
         43:a8:5f:24:16:7b:35:be:c9:34:8a:ac:91:4b:be:6b:8e:3b:
         b5:d9:87:aa:95:89:ac:4d:c2:95:c7:b7:ca:1a:32:6d:97:e1:
         2e:d7:0b:b5:a7:cb:c7:5a:ec:0a:10:af:fa:b9:49:79:4b:0d:
         89:8f:15:a4:77:bd:95:fe:65:05:eb:39:de:7c:ad:8f:1c:7c:
         53:07:a4:22:55:c9:71:0e:84:7b:b3:3b:d8:d3:58:7e:6a:f8:
         49:d9:d9:3d:0b:80:d1:c3:1b:13:9c:79:f1:98:17:91:3b:62:
         2f:d8:90:d9:ad:46:18:09:80:c7:9f:26:68:13:4c:5e:28:57:
         02:ba:0c:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92k3WfvIjR2PVgckP5ls8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzODI4ODdlMTkwNDkzMmYxMTg2YzJjMzFjNmE5MmZmNWVj
NjQzODcwHhcNMjUxMDE5MTkwMjQ2WhcNMjUxMDIwMTkwMjQ2WjAzMTEwLwYDVQQD
Eyg4NjE2MGMyMzNmODdlNTc4ZWYxNGQxMWFhM2MwN2U4YWMzNjFjYzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+AX0CqcvcVMFYeoJ417VjFM15I6
gvBMvBs4ugoZrJTRs98qKH8P7jVFkPhqv0vCO/+nbIT6/BmKaPd0qNPXtmEJdtoy
V44zajCNoIOAnHC6XBcQCOP7Kgligt8zVJrM4+gJz6VFLfrYWfpoWhuBoCIFUQ/C
sw+YPifZj59NcrZ5WyeoVZWJGNiJilt4QcFec4rCDhk75cZpBOdUUdYaruU27Mxy
3JlH237gHJebmptlBWsrQYB2hvlcP/A6RkED4L+QCCXa58gw581IvFyergpxjLoI
SfieSKz8C4/wwnpkCMPMUHH4pf3AM+1ZnNrv9oF43RgbOanh1Zq+lmMS3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYWDCM/h+V47xTRGqPAforDYcwpMB8GA1UdIwQY
MBaAFJOCiH4ZBJMvEYbCwxxqkv9exkOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazRLSWZoa0VreThSaHNMREhHcVNfMTdHUTRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZjkwZWItMTVjOC00MGQ4LWEyMjAt
NWM5NDU0NjhjNDc1LzEvazRLSWZoa0VreThSaHNMREhHcVNfMTdHUTRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZjkwZWItMTVjOC00MGQ4LWEyMjAtNWM5NDU0NjhjNDc1
LzEvazRLSWZoa0VreThSaHNMREhHcVNfMTdHUTRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVJ4C2B/
WQkTMrr1RN44NdtoH4IqdgJIzN0Iz0EXf+wRsn842GSbB9ZG42z3Jf5mitusQJu8
FlIwpFtPrZUjgwRS8vOC5zk+M3TvKHhuK2A423ud/OsQBQ3BW3YR/MhbylQ0s5YN
rUmNnVPtRv66alMAPSXiEhnKYSPu8UXAQ6hfJBZ7Nb7JNIqskUu+a447tdmHqpWJ
rE3Clce3yhoybZfhLtcLtafLx1rsChCv+rlJeUsNiY8VpHe9lf5lBes53nytjxx8
UwekIlXJcQ6Ee7M72NNYfmr4SdnZPQuA0cMbE5x58ZgXkTtiL9iQ2a1GGAmAx58m
aBNMXihXAroM7Q==
-----END CERTIFICATE-----