Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
File:                     _x2DMuEYqaIYfqtYhCedZYDxGfc.mft (raw, json)
Hash identifier:          hLVKbmF1oSBwRkRCoQUMZc18QIM/AEi64PNNq09mVFw=
Subject key identifier:   0B:DA:06:E2:27:CE:A5:03:D8:39:85:C1:CC:FC:93:15:DA:18:BF:3F
Authority key identifier: FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7
Certificate issuer:       /CN=ff1d8332e118a9a2187eab5884279d6580f119f7
Certificate serial:       019A706E210B64AC51261850D6E088BC3BE5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
Manifest number:          0578
Signing time:             Tue 11 Nov 2025 01:00:56 +0000
Manifest this update:     Tue 11 Nov 2025 01:00:56 +0000
Manifest next update:     Wed 12 Nov 2025 01:00:56 +0000
Files and hashes:         1: _x2DMuEYqaIYfqtYhCedZYDxGfc.crl (hash: nMeZhHjal3wlF2ZxcoXvKgsV0y4mQtFvgETHQTOkfJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 01:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:6e:21:0b:64:ac:51:26:18:50:d6:e0:88:bc:3b:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff1d8332e118a9a2187eab5884279d6580f119f7
        Validity
            Not Before: Nov 11 01:00:56 2025 GMT
            Not After : Nov 12 01:00:56 2025 GMT
        Subject: CN=0bda06e227cea503d83985c1ccfc9315da18bf3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:1e:02:67:88:c8:5a:a1:b1:b9:a4:fa:26:3f:
                    9a:e6:3e:0e:c6:c1:b9:75:d1:36:92:d9:71:f5:fe:
                    b6:0d:31:ad:34:eb:ea:d3:45:c7:26:5e:4d:a1:c2:
                    7b:77:08:7c:76:94:11:66:2d:74:e2:a1:f8:65:ef:
                    d5:ec:88:71:7a:16:ee:83:93:30:98:92:e6:09:09:
                    96:37:ee:8c:a8:2b:9a:e6:26:12:51:f5:85:e5:4a:
                    9c:0f:8d:99:68:7b:ee:e0:6e:56:d1:10:d1:fe:3f:
                    70:5f:f1:44:20:c5:f1:b9:6e:e7:80:e9:94:c7:0d:
                    86:97:c1:eb:a6:7b:67:b3:46:d3:1f:12:23:bc:88:
                    59:b8:6f:e7:c9:a3:0b:fa:3a:ac:52:20:f6:94:86:
                    3c:f0:63:91:b8:53:8c:6a:1c:65:57:47:37:b6:d1:
                    53:45:0c:c7:57:47:0f:01:06:8c:23:51:36:c6:ff:
                    71:3a:eb:f7:95:cb:64:e2:52:19:a5:bb:24:df:10:
                    3a:cd:97:0c:c7:2b:ad:98:62:80:3d:fc:4a:3a:31:
                    05:86:df:d9:b2:15:e5:63:8b:0a:90:14:e8:47:72:
                    ca:39:be:8e:3c:9c:df:90:cd:f9:3f:5e:95:92:5c:
                    df:50:26:c4:5a:45:05:22:ce:32:43:22:80:85:bb:
                    6e:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:DA:06:E2:27:CE:A5:03:D8:39:85:C1:CC:FC:93:15:DA:18:BF:3F
            X509v3 Authority Key Identifier:
                keyid:FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:f4:71:9d:b5:83:c0:71:1b:8b:d3:99:a4:27:1d:5f:2d:67:
         03:4d:64:da:36:d1:28:fa:96:4b:07:a3:79:75:aa:b5:27:1b:
         f1:e3:93:90:4c:e3:0e:0b:1e:12:82:23:74:24:ac:45:06:b4:
         02:99:ac:62:85:a9:92:44:b3:d3:6c:05:63:97:e6:96:f8:46:
         73:f4:02:49:df:df:0b:cd:27:a9:a5:76:fb:91:9c:53:fb:5b:
         2a:82:a1:e3:39:58:ed:43:30:8f:d4:55:c3:dc:fb:53:3b:dd:
         72:17:07:ff:a8:1c:74:a1:fb:ff:7e:e3:67:8b:7a:7a:8e:74:
         10:1b:80:0e:35:f2:0c:aa:81:eb:d8:51:02:21:a8:35:dd:ef:
         ef:1c:59:7d:89:4c:25:59:7f:7c:17:76:42:3b:85:01:9c:3e:
         fc:82:e5:79:b4:1d:7b:4e:a0:ff:68:cb:7f:f5:62:b5:c0:f0:
         18:21:be:1e:83:07:4a:a4:ba:44:6b:68:ec:84:7a:2b:f7:90:
         ff:a4:e1:bb:03:2b:d5:ac:75:f8:5d:8b:b9:d5:a8:8a:65:85:
         a9:e1:08:e9:34:12:b1:61:13:0a:75:e3:82:fb:01:c5:7d:de:
         27:f9:68:d6:92:0f:dd:0f:c8:a6:09:cf:5f:b7:8b:5f:51:52:
         bb:87:ec:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbiELZKxRJhhQ1uCIvDvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMWQ4MzMyZTExOGE5YTIxODdlYWI1ODg0Mjc5ZDY1ODBm
MTE5ZjcwHhcNMjUxMTExMDEwMDU2WhcNMjUxMTEyMDEwMDU2WjAzMTEwLwYDVQQD
EygwYmRhMDZlMjI3Y2VhNTAzZDgzOTg1YzFjY2ZjOTMxNWRhMThiZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx4CZ4jIWqGxuaT6Jj+a5j4OxsG5
ddE2ktlx9f62DTGtNOvq00XHJl5NocJ7dwh8dpQRZi104qH4Ze/V7Ihxehbug5Mw
mJLmCQmWN+6MqCua5iYSUfWF5UqcD42ZaHvu4G5W0RDR/j9wX/FEIMXxuW7ngOmU
xw2Gl8Hrpntns0bTHxIjvIhZuG/nyaML+jqsUiD2lIY88GORuFOMahxlV0c3ttFT
RQzHV0cPAQaMI1E2xv9xOuv3lctk4lIZpbsk3xA6zZcMxyutmGKAPfxKOjEFht/Z
shXlY4sKkBToR3LKOb6OPJzfkM35P16VklzfUCbEWkUFIs4yQyKAhbtu6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvaBuInzqUD2DmFwcz8kxXaGL8/MB8GA1UdIwQY
MBaAFP8dgzLhGKmiGH6rWIQnnWWA8Rn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUt
ZGVhMzBlY2I3MzZkLzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUtZGVhMzBlY2I3MzZk
LzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApvRxnbWD
wHEbi9OZpCcdXy1nA01k2jbRKPqWSwejeXWqtScb8eOTkEzjDgseEoIjdCSsRQa0
ApmsYoWpkkSz02wFY5fmlvhGc/QCSd/fC80nqaV2+5GcU/tbKoKh4zlY7UMwj9RV
w9z7UzvdchcH/6gcdKH7/37jZ4t6eo50EBuADjXyDKqB69hRAiGoNd3v7xxZfYlM
JVl/fBd2QjuFAZw+/ILlebQde06g/2jLf/VitcDwGCG+HoMHSqS6RGto7IR6K/eQ
/6ThuwMr1ax1+F2LudWoimWFqeEI6TQSsWETCnXjgvsBxX3eJ/lo1pIP3Q/IpgnP
X7eLX1FSu4fsVg==
-----END CERTIFICATE-----