Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          QFls8DPTOSKmZv+09UOVbBwc+MqeT3x/SErAdwHDd4Y=
Subject key identifier:   F6:27:44:22:BF:9F:A7:F5:24:72:48:E4:AB:B1:BB:A3:CA:48:EF:2A
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019A7293A918694431A2C5C0A046E8A33B8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0B2C
Signing time:             Tue 11 Nov 2025 11:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:10 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: exHCkzHE7BOLorF8UlQuttvhJ/rpdy2yKPI3QpqPhTw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:a9:18:69:44:31:a2:c5:c0:a0:46:e8:a3:3b:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Nov 11 11:01:10 2025 GMT
            Not After : Nov 12 11:01:10 2025 GMT
        Subject: CN=f6274422bf9fa7f5247248e4abb1bba3ca48ef2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:5f:6c:42:6e:d2:c9:4e:70:af:43:06:8d:9a:
                    1b:48:7f:f4:8b:fe:42:f5:2f:44:4c:6d:98:20:c2:
                    19:c7:28:66:04:4a:5e:05:89:78:a2:8b:bf:52:53:
                    70:9d:b2:75:69:0f:5e:a3:61:ed:0c:ab:cd:1d:3c:
                    86:c7:90:85:17:09:b1:ec:b7:3a:b3:23:5e:83:e9:
                    50:a4:d3:36:88:e0:14:70:b7:21:38:ad:dd:c0:b8:
                    72:4c:27:03:6c:bf:71:f5:02:b5:4c:d9:f9:c7:d5:
                    33:ca:58:4e:58:2f:02:03:35:6a:a3:60:0c:7f:48:
                    38:be:8c:0c:73:9e:44:b2:6b:87:62:ff:64:dc:4f:
                    0e:d0:01:58:e2:3e:8e:1e:40:b6:bb:18:bd:44:56:
                    dc:bf:b6:63:54:45:07:55:64:87:50:aa:cc:b6:0f:
                    02:bf:23:a7:07:44:9a:33:bf:88:39:5f:4e:fb:19:
                    ec:e7:ff:b6:32:9e:df:3a:f7:cd:ad:c6:f8:09:3f:
                    e3:62:7d:ee:6c:47:8e:55:d7:e3:dc:df:ff:3e:d9:
                    57:70:d5:2c:0f:33:1b:ec:37:7f:59:f9:e1:fc:9c:
                    47:8d:06:19:1d:18:12:03:e7:aa:60:74:28:69:98:
                    3d:d7:3d:29:67:de:c7:8c:29:a5:51:cc:5e:ee:78:
                    ea:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:27:44:22:BF:9F:A7:F5:24:72:48:E4:AB:B1:BB:A3:CA:48:EF:2A
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:46:10:42:57:52:ae:1c:4f:c7:8f:ca:88:2d:a4:46:5e:46:
         43:2d:ce:78:9f:d1:82:15:66:d8:c0:9d:fb:0b:1f:dd:44:01:
         3c:a1:66:a8:e7:ab:c2:b1:80:f6:df:3a:cb:dc:e6:ef:25:a7:
         19:a9:b8:ee:76:7c:f8:30:5b:1f:84:1a:e5:ac:d7:3b:46:9c:
         34:13:07:4c:17:1b:08:b5:98:09:2e:f5:f3:9f:8c:04:cc:3a:
         09:7b:0f:13:c9:21:7f:59:73:82:27:9e:2d:40:2b:35:bc:c3:
         f3:36:53:86:e4:e5:33:87:2a:cb:33:51:48:ac:ef:8a:cb:9e:
         8a:0f:10:36:d7:19:af:4c:69:a5:b3:14:17:08:a3:d2:ee:c2:
         3f:3b:19:e0:b3:d1:a1:d1:20:5f:6c:58:c1:d3:d2:d6:80:31:
         91:03:cc:d9:48:15:18:fc:4c:fe:bb:08:82:83:2b:67:a8:a1:
         1a:46:b7:b1:53:c0:f8:0f:9c:f1:f8:ad:75:75:b6:f9:ef:0c:
         5f:09:37:a1:f8:01:c6:e1:c0:10:bc:6b:83:28:fe:4d:38:d1:
         d1:a5:6e:5f:97:7c:f2:83:18:d1:9f:9f:38:a5:5a:97:30:1a:
         88:7d:4c:63:05:18:17:21:8c:b7:76:08:ea:c5:be:a5:74:24:
         0b:29:be:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk6kYaUQxosXAoEboozuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjUxMTExMTEwMTEwWhcNMjUxMTEyMTEwMTEwWjAzMTEwLwYDVQQD
EyhmNjI3NDQyMmJmOWZhN2Y1MjQ3MjQ4ZTRhYmIxYmJhM2NhNDhlZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl9sQm7SyU5wr0MGjZobSH/0i/5C
9S9ETG2YIMIZxyhmBEpeBYl4oou/UlNwnbJ1aQ9eo2HtDKvNHTyGx5CFFwmx7Lc6
syNeg+lQpNM2iOAUcLchOK3dwLhyTCcDbL9x9QK1TNn5x9UzylhOWC8CAzVqo2AM
f0g4vowMc55EsmuHYv9k3E8O0AFY4j6OHkC2uxi9RFbcv7ZjVEUHVWSHUKrMtg8C
vyOnB0SaM7+IOV9O+xns5/+2Mp7fOvfNrcb4CT/jYn3ubEeOVdfj3N//PtlXcNUs
DzMb7Dd/Wfnh/JxHjQYZHRgSA+eqYHQoaZg91z0pZ97HjCmlUcxe7njq9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPYnRCK/n6f1JHJI5Kuxu6PKSO8qMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXUYQQldS
rhxPx4/KiC2kRl5GQy3OeJ/RghVm2MCd+wsf3UQBPKFmqOerwrGA9t86y9zm7yWn
Gam47nZ8+DBbH4Qa5azXO0acNBMHTBcbCLWYCS7185+MBMw6CXsPE8khf1lzgiee
LUArNbzD8zZThuTlM4cqyzNRSKzvisueig8QNtcZr0xppbMUFwij0u7CPzsZ4LPR
odEgX2xYwdPS1oAxkQPM2UgVGPxM/rsIgoMrZ6ihGka3sVPA+A+c8fitdXW2+e8M
Xwk3ofgBxuHAELxrgyj+TTjR0aVuX5d88oMY0Z+fOKValzAaiH1MYwUYFyGMt3YI
6sW+pXQkCym+FA==
-----END CERTIFICATE-----