Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          6xK06+GlaBo8ifJBPd0gaYom8F+gEJy67zSvMuZ4lmQ=
Subject key identifier:   7E:E9:69:24:13:AB:02:C4:EC:7F:52:C8:D1:B1:35:46:35:B3:56:B5
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       019A71B93CA8ABE2AE191F6742E4FAE2950D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0B2D
Signing time:             Tue 11 Nov 2025 07:02:35 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:35 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:35 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: 1T2FFK0//C+kwIve3Zlvdj4MmJB2+qC0LxilFWqFwI0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:3c:a8:ab:e2:ae:19:1f:67:42:e4:fa:e2:95:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Nov 11 07:02:35 2025 GMT
            Not After : Nov 12 07:02:35 2025 GMT
        Subject: CN=7ee9692413ab02c4ec7f52c8d1b1354635b356b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8f:af:33:f8:a9:e9:af:3b:62:2b:cb:5a:0a:
                    c6:b0:6e:b2:c5:f8:d3:ac:1b:5c:c3:b0:ca:0d:33:
                    10:4c:bb:f5:2b:74:a8:d7:90:a2:95:c4:db:f0:e2:
                    b9:b9:e2:9a:71:5e:5b:33:60:79:19:9f:ba:40:6b:
                    8e:e9:e1:63:79:c6:56:c5:37:88:f6:11:c9:41:ed:
                    f9:f6:4f:5a:ba:b6:14:c7:a4:83:50:15:29:41:d5:
                    2f:f6:fb:f1:21:cc:83:95:23:1c:14:fe:11:36:9b:
                    8a:7b:c4:da:5c:86:97:06:f7:37:da:47:3e:5b:f1:
                    20:9d:92:f5:a4:46:1c:cc:39:1a:13:f1:c0:26:18:
                    6a:0b:04:fe:5d:40:33:83:60:fe:69:27:8a:c9:4d:
                    86:8e:ba:a6:50:62:c7:ae:65:e0:ba:70:62:13:c1:
                    48:99:05:ca:c9:70:93:51:9f:1f:e5:60:49:68:14:
                    f4:fb:18:c4:da:91:2a:87:fe:ff:61:5e:91:0b:ce:
                    c1:d4:a9:42:26:96:c0:77:62:1a:4e:7b:3b:93:17:
                    7b:ae:8d:1f:4a:64:0c:db:47:db:c7:bc:4e:9b:84:
                    dc:b8:6f:48:95:80:bc:46:44:be:4e:22:6a:bb:20:
                    c1:5e:a4:83:e3:30:a9:66:d8:a9:25:6d:f9:53:51:
                    aa:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:E9:69:24:13:AB:02:C4:EC:7F:52:C8:D1:B1:35:46:35:B3:56:B5
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:3c:85:40:26:06:46:bb:07:2e:df:fe:26:91:25:96:42:68:
         6c:cc:66:60:cf:c2:46:c2:35:6c:25:85:98:4c:62:b6:55:6d:
         55:16:70:35:25:30:9e:82:ca:f3:d1:07:d5:91:46:8b:31:cc:
         7f:98:9d:cd:a3:15:ad:83:f7:b0:54:b0:7b:27:1d:29:94:c4:
         31:a9:1c:0e:c6:a1:4c:af:d5:b7:b1:c0:77:94:c1:01:1c:02:
         6c:ac:04:52:f2:d7:41:07:9a:5d:b6:ae:12:c9:0a:48:2a:93:
         9e:bb:f4:0a:f3:9c:0a:4a:90:0b:a9:c3:a0:ff:c7:b4:28:43:
         52:65:d7:57:f5:3c:b8:ad:d1:d9:dd:19:5c:28:e4:2c:4e:31:
         47:e8:3c:5e:3c:34:48:92:20:10:83:20:f6:89:0a:c4:1b:7f:
         f9:08:50:a8:cf:82:dc:63:9e:89:b9:a5:b9:f1:43:a8:fe:2f:
         7f:25:f7:68:2c:b6:05:18:22:9b:ba:8f:18:a9:f7:81:0a:99:
         e7:1c:19:1e:51:c8:a0:7f:aa:02:14:3b:1e:f9:9a:24:bf:f3:
         5d:1d:75:37:ad:d6:de:70:88:fa:3a:9a:67:aa:b8:55:25:b1:
         98:2e:b1:8a:dc:a0:85:06:81:c7:6c:79:ae:5e:6a:89:53:61:
         eb:65:ac:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuTyoq+KuGR9nQuT64pUNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUxMTExMDcwMjM1WhcNMjUxMTEyMDcwMjM1WjAzMTEwLwYDVQQD
Eyg3ZWU5NjkyNDEzYWIwMmM0ZWM3ZjUyYzhkMWIxMzU0NjM1YjM1NmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4+vM/ip6a87YivLWgrGsG6yxfjT
rBtcw7DKDTMQTLv1K3So15CilcTb8OK5ueKacV5bM2B5GZ+6QGuO6eFjecZWxTeI
9hHJQe359k9aurYUx6SDUBUpQdUv9vvxIcyDlSMcFP4RNpuKe8TaXIaXBvc32kc+
W/EgnZL1pEYczDkaE/HAJhhqCwT+XUAzg2D+aSeKyU2GjrqmUGLHrmXgunBiE8FI
mQXKyXCTUZ8f5WBJaBT0+xjE2pEqh/7/YV6RC87B1KlCJpbAd2IaTns7kxd7ro0f
SmQM20fbx7xOm4TcuG9IlYC8RkS+TiJquyDBXqSD4zCpZtipJW35U1GqVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH7paSQTqwLE7H9SyNGxNUY1s1a1MB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDyFQCYG
RrsHLt/+JpEllkJobMxmYM/CRsI1bCWFmExitlVtVRZwNSUwnoLK89EH1ZFGizHM
f5idzaMVrYP3sFSweycdKZTEMakcDsahTK/Vt7HAd5TBARwCbKwEUvLXQQeaXbau
EskKSCqTnrv0CvOcCkqQC6nDoP/HtChDUmXXV/U8uK3R2d0ZXCjkLE4xR+g8Xjw0
SJIgEIMg9okKxBt/+QhQqM+C3GOeibmlufFDqP4vfyX3aCy2BRgim7qPGKn3gQqZ
5xwZHlHIoH+qAhQ7HvmaJL/zXR11N63W3nCI+jqaZ6q4VSWxmC6xityghQaBx2x5
rl5qiVNh62WsVQ==
-----END CERTIFICATE-----