Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          itju2gm4APchEGrbCxwk3AfPy6+UHtARW4ThlqvmnUk=
Subject key identifier:   14:EE:66:08:EA:64:00:6D:A6:FD:19:04:6B:67:17:22:5E:D7:3E:47
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019A71B7F910D26E4DDEE0EE5CE0586F9227
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 07:01:13 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:13 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:13 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: 4qOmyl8Hv9D2WrJYptAd+beKtUCCojzDlxMQ0zY3S0M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:f9:10:d2:6e:4d:de:e0:ee:5c:e0:58:6f:92:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Nov 11 07:01:13 2025 GMT
            Not After : Nov 12 07:01:13 2025 GMT
        Subject: CN=14ee6608ea64006da6fd19046b6717225ed73e47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4c:e9:00:54:9b:73:e3:a5:b5:6f:08:78:ea:
                    64:17:df:82:cd:2f:cf:90:a2:63:1c:0c:f7:04:b7:
                    1b:26:ae:46:3e:a4:16:b8:03:29:99:78:19:20:eb:
                    2d:d2:d1:35:1b:56:05:2f:e1:f8:f3:a0:16:e0:af:
                    3d:6e:5e:5a:53:b8:de:69:5a:f3:fe:22:61:70:16:
                    17:b0:5a:93:78:93:02:0e:b7:d0:cc:67:75:9d:8c:
                    bb:11:90:27:80:c9:27:f2:65:bc:89:3b:55:20:f1:
                    14:1f:c8:53:0b:8b:fd:dd:48:8b:7e:57:f6:25:d6:
                    e1:ea:8e:8e:89:07:01:20:9c:56:51:2e:00:b2:75:
                    62:65:98:ad:4a:c6:95:e5:2a:51:cb:0f:3a:18:80:
                    f5:93:09:48:26:3b:7d:45:c1:e8:f5:88:21:60:5a:
                    d7:fe:59:c2:74:57:0a:cf:79:82:25:0f:cd:2c:75:
                    b4:cf:ac:28:53:a3:00:1d:4a:73:42:e6:34:8c:e4:
                    45:f3:7f:b8:bc:84:e0:e7:1d:33:5d:23:b1:ac:95:
                    d3:a5:9d:19:74:4c:61:7d:bc:b1:18:32:bf:1d:a9:
                    c1:a3:bc:b5:60:73:8d:2c:3b:37:f3:ab:0d:34:fb:
                    2c:64:19:b8:85:c9:9b:14:58:07:3e:b6:ac:87:56:
                    32:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:EE:66:08:EA:64:00:6D:A6:FD:19:04:6B:67:17:22:5E:D7:3E:47
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:fe:f2:03:ab:f1:e7:dc:f8:e5:94:cb:c0:c0:a3:6f:42:05:
         af:e0:5f:e4:2c:7d:a2:07:56:ca:d4:78:b1:9d:13:7a:91:af:
         d7:ac:2b:2d:8a:a8:ce:f7:17:ea:95:6d:c4:c0:01:0d:76:07:
         a2:a2:67:57:87:1a:3e:d1:c3:41:28:24:13:07:0d:76:c7:b5:
         f6:ea:25:41:e3:98:c2:e4:56:84:81:0e:39:6a:10:a5:42:05:
         65:f2:4b:3a:41:fa:4a:13:41:68:08:e3:4c:f8:bc:03:d6:1c:
         7e:ce:63:1c:48:24:c7:5a:f6:a6:6c:13:b8:c4:d4:b8:7d:8e:
         c1:cb:2c:f8:ec:6a:b9:29:57:06:cc:eb:b6:e9:66:9b:c9:6a:
         71:24:11:00:d8:7b:51:82:2d:5b:3b:d1:08:79:b0:e4:16:69:
         ef:e1:9e:65:8f:70:25:e0:9d:78:05:2d:9b:98:95:bc:80:46:
         82:84:e6:78:70:c2:35:f9:48:29:d6:55:c1:e6:4c:87:65:06:
         14:ca:62:c5:8f:bf:d6:51:98:6d:69:9c:be:da:60:72:ba:04:
         10:47:08:99:5f:03:10:d2:d7:7b:b5:f8:71:ca:f6:98:40:b0:
         e7:17:65:91:a1:22:06:61:20:32:f8:e9:3d:a3:49:6f:0c:b2:
         ca:9a:4d:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/kQ0m5N3uDuXOBYb5InMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjUxMTExMDcwMTEzWhcNMjUxMTEyMDcwMTEzWjAzMTEwLwYDVQQD
EygxNGVlNjYwOGVhNjQwMDZkYTZmZDE5MDQ2YjY3MTcyMjVlZDczZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkzpAFSbc+OltW8IeOpkF9+CzS/P
kKJjHAz3BLcbJq5GPqQWuAMpmXgZIOst0tE1G1YFL+H486AW4K89bl5aU7jeaVrz
/iJhcBYXsFqTeJMCDrfQzGd1nYy7EZAngMkn8mW8iTtVIPEUH8hTC4v93UiLflf2
Jdbh6o6OiQcBIJxWUS4AsnViZZitSsaV5SpRyw86GID1kwlIJjt9RcHo9YghYFrX
/lnCdFcKz3mCJQ/NLHW0z6woU6MAHUpzQuY0jORF83+4vITg5x0zXSOxrJXTpZ0Z
dExhfbyxGDK/HanBo7y1YHONLDs386sNNPssZBm4hcmbFFgHPrash1YyrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBTuZgjqZABtpv0ZBGtnFyJe1z5HMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQv7yA6vx
59z45ZTLwMCjb0IFr+Bf5Cx9ogdWytR4sZ0TepGv16wrLYqozvcX6pVtxMABDXYH
oqJnV4caPtHDQSgkEwcNdse19uolQeOYwuRWhIEOOWoQpUIFZfJLOkH6ShNBaAjj
TPi8A9Ycfs5jHEgkx1r2pmwTuMTUuH2Owcss+OxquSlXBszrtulmm8lqcSQRANh7
UYItWzvRCHmw5BZp7+GeZY9wJeCdeAUtm5iVvIBGgoTmeHDCNflIKdZVweZMh2UG
FMpixY+/1lGYbWmcvtpgcroEEEcImV8DENLXe7X4ccr2mECw5xdlkaEiBmEgMvjp
PaNJbwyyyppNUw==
-----END CERTIFICATE-----