Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
File:                     M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft (raw, json)
Hash identifier:          tMbIxOIgGNdibLoWQQ6DRUgSvisJArQ5SJG1FEeIjOI=
Subject key identifier:   66:05:43:03:38:D8:41:A8:18:D9:E7:2F:6B:EA:FA:78:D1:96:05:34
Authority key identifier: 33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99
Certificate issuer:       /CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
Certificate serial:       019A71B8795B7B3695FA52C069A90E22EB8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
Manifest number:          1304
Signing time:             Tue 11 Nov 2025 07:01:46 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:46 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:46 +0000
Files and hashes:         1: M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl (hash: pWKgId+hoQcz8oFrEh5bFCnPsl9wECqD/4mrWp6qStc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:79:5b:7b:36:95:fa:52:c0:69:a9:0e:22:eb:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
        Validity
            Not Before: Nov 11 07:01:46 2025 GMT
            Not After : Nov 12 07:01:46 2025 GMT
        Subject: CN=6605430338d841a818d9e72f6beafa78d1960534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:20:01:d7:fe:92:b9:81:fe:b7:76:74:0c:0d:
                    22:d9:bf:6f:96:42:c8:7c:0b:aa:3e:26:04:c4:9b:
                    39:f5:64:cf:a5:7b:6f:81:0a:07:40:65:fe:39:e6:
                    cb:35:5b:d3:12:ff:4b:25:b7:35:f4:c2:8c:f8:ec:
                    ad:c8:03:76:15:ca:e0:b5:67:34:ab:59:a0:5a:31:
                    e1:87:16:d6:21:05:18:08:56:ba:b2:d8:6b:58:75:
                    5b:db:b8:fa:3e:67:f1:e0:7b:a1:0a:55:b6:ed:8f:
                    33:4b:14:de:b8:b2:d9:2a:01:bb:0b:4c:1d:0c:ff:
                    dd:60:7a:83:18:99:c1:77:00:6c:4c:f3:6d:bf:12:
                    5b:a3:58:27:c7:fc:9a:24:ee:f6:b8:e3:f8:55:17:
                    3e:77:41:39:0e:b9:bc:87:35:89:8d:86:fd:ff:eb:
                    12:b7:9e:7e:9e:91:ed:ac:28:27:6d:d3:2e:5f:90:
                    0a:ed:5c:eb:6c:18:8f:b1:04:6d:6b:c9:68:77:c6:
                    cd:2d:a3:d2:36:49:45:07:bb:7b:97:ef:0e:fe:03:
                    ec:fa:c5:f2:a0:73:83:6b:48:7c:60:25:af:86:ed:
                    38:d3:b9:66:b6:09:1b:20:ba:4e:ce:f4:e0:13:d2:
                    a2:4e:9a:b5:f1:98:0f:98:da:f3:03:45:15:a1:36:
                    08:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:05:43:03:38:D8:41:A8:18:D9:E7:2F:6B:EA:FA:78:D1:96:05:34
            X509v3 Authority Key Identifier:
                keyid:33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:0e:1c:3e:28:5b:39:1c:af:5c:d8:8b:5b:ec:c0:ca:72:3a:
         fd:4c:6a:85:58:08:4e:3a:63:e0:ed:8c:b7:41:2f:e4:4a:59:
         2c:51:c1:38:08:ea:07:4a:3b:f2:1d:e9:d5:28:a4:c0:46:21:
         a3:f0:06:d5:c9:2f:b9:44:68:19:ff:ae:00:07:5b:10:36:8e:
         73:04:f5:0b:f1:43:db:da:77:ca:2f:53:61:68:f3:22:c3:02:
         e1:e0:57:8f:9b:31:38:e4:60:03:fd:9b:9b:f9:3c:d9:fc:d9:
         fb:75:b5:df:2b:e8:6f:94:28:54:91:70:01:46:4b:09:5d:e9:
         7b:0b:b7:c0:74:fd:49:a3:b5:24:0f:44:30:42:74:a9:40:4e:
         79:db:6e:be:97:1e:2c:c9:e9:c5:0d:d4:5d:38:f3:f6:44:07:
         c7:79:1a:70:60:2d:01:5a:c2:a0:ed:27:d4:fc:8f:9b:f9:2e:
         7c:27:14:c4:29:e6:2e:c9:3b:f2:f3:2c:45:ef:c5:a7:b7:f8:
         ee:30:85:37:69:f6:e2:67:45:38:15:42:1c:6c:60:8f:6e:18:
         fb:f8:49:26:09:e7:46:f6:f0:74:3f:96:df:67:fc:72:66:bb:
         3e:e5:e2:02:87:87:e3:71:9a:aa:a9:93:dd:10:43:73:45:62:
         fb:12:c6:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuHlbezaV+lLAaakOIuuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjNkNzJjZGQ5M2FiMDJmZTNmNzg4ZDYyMWQ3MTVkOWVm
ZDc2OTkwHhcNMjUxMTExMDcwMTQ2WhcNMjUxMTEyMDcwMTQ2WjAzMTEwLwYDVQQD
Eyg2NjA1NDMwMzM4ZDg0MWE4MThkOWU3MmY2YmVhZmE3OGQxOTYwNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSAB1/6SuYH+t3Z0DA0i2b9vlkLI
fAuqPiYExJs59WTPpXtvgQoHQGX+OebLNVvTEv9LJbc19MKM+OytyAN2FcrgtWc0
q1mgWjHhhxbWIQUYCFa6sthrWHVb27j6Pmfx4HuhClW27Y8zSxTeuLLZKgG7C0wd
DP/dYHqDGJnBdwBsTPNtvxJbo1gnx/yaJO72uOP4VRc+d0E5Drm8hzWJjYb9/+sS
t55+npHtrCgnbdMuX5AK7VzrbBiPsQRta8lod8bNLaPSNklFB7t7l+8O/gPs+sXy
oHODa0h8YCWvhu0407lmtgkbILpOzvTgE9KiTpq18ZgPmNrzA0UVoTYIsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGYFQwM42EGoGNnnL2vq+njRlgU0MB8GA1UdIwQY
MBaAFDNj1yzdk6sC/j94jWIdcV2e/XaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgt
NDM0ZjllMGQ3NTBjLzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgtNDM0ZjllMGQ3NTBj
LzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVA4cPihb
ORyvXNiLW+zAynI6/UxqhVgITjpj4O2Mt0Ev5EpZLFHBOAjqB0o78h3p1SikwEYh
o/AG1ckvuURoGf+uAAdbEDaOcwT1C/FD29p3yi9TYWjzIsMC4eBXj5sxOORgA/2b
m/k82fzZ+3W13yvob5QoVJFwAUZLCV3pewu3wHT9SaO1JA9EMEJ0qUBOedtuvpce
LMnpxQ3UXTjz9kQHx3kacGAtAVrCoO0n1PyPm/kufCcUxCnmLsk78vMsRe/Fp7f4
7jCFN2n24mdFOBVCHGxgj24Y+/hJJgnnRvbwdD+W32f8cma7PuXiAoeH43GaqqmT
3RBDc0Vi+xLG4Q==
-----END CERTIFICATE-----