Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
File:                     JTncEcLyIukQROG-eygeV23u5Fs.mft (raw, json)
Hash identifier:          DmiYXseC5Su5Ol6zhL+UBdeSi+GE7mSfnbAT0QetZFs=
Subject key identifier:   BB:28:03:77:7B:C8:E9:A3:C0:2E:27:B1:3E:23:4A:59:E9:48:DC:A0
Authority key identifier: 25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B
Certificate issuer:       /CN=2539dc11c2f222e91044e1be7b281e576deee45b
Certificate serial:       019A71EEBDFD2A62317979DEE15728809DB9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
Manifest number:          01F5
Signing time:             Tue 11 Nov 2025 08:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:02 +0000
Files and hashes:         1: JTncEcLyIukQROG-eygeV23u5Fs.crl (hash: 0q8WR//CgMyc5sEup1rjwFNaulj1sPCPefc2TlTDGow=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:bd:fd:2a:62:31:79:79:de:e1:57:28:80:9d:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2539dc11c2f222e91044e1be7b281e576deee45b
        Validity
            Not Before: Nov 11 08:01:02 2025 GMT
            Not After : Nov 12 08:01:02 2025 GMT
        Subject: CN=bb2803777bc8e9a3c02e27b13e234a59e948dca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:81:65:30:c4:da:bd:5c:76:d1:42:7d:17:76:
                    24:a0:9a:8a:ed:65:0f:30:d4:38:e5:87:50:65:81:
                    0e:1e:4b:7b:e2:f8:3c:bb:4c:70:50:ba:82:6a:38:
                    9e:5d:22:70:0d:0d:3f:73:22:25:b4:b1:ac:10:3d:
                    8c:2a:33:08:7d:f3:37:d5:fd:99:d8:83:e4:93:8b:
                    4e:88:b5:27:30:be:ed:ac:c1:49:97:9d:06:c8:47:
                    a2:64:a5:c7:d1:63:75:fc:1c:ad:b2:a6:e8:57:9d:
                    fd:46:66:63:76:88:a2:1c:b3:8e:92:9f:0c:94:e5:
                    91:f8:30:f9:d6:2d:a2:bc:43:e6:97:84:31:45:e4:
                    6e:b7:a9:c3:0a:3d:d1:33:8a:34:f9:31:ae:04:9e:
                    de:f3:a3:77:07:c5:41:34:0d:38:b6:a3:9a:2b:f2:
                    ba:66:06:c2:bb:56:d5:6f:6d:cd:18:ca:89:25:c0:
                    d8:23:6f:8f:4f:88:fa:c3:8d:69:d4:53:d5:34:d3:
                    3f:9a:eb:30:c9:37:b3:81:27:16:69:25:62:35:e0:
                    d4:f4:31:a1:43:9c:36:cd:19:10:46:d4:fb:fb:f5:
                    d3:70:de:11:3f:2b:87:31:e4:eb:44:8d:c7:a8:8d:
                    68:b9:0b:b0:1e:d1:0a:d8:61:49:0f:5d:fa:0f:46:
                    08:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:28:03:77:7B:C8:E9:A3:C0:2E:27:B1:3E:23:4A:59:E9:48:DC:A0
            X509v3 Authority Key Identifier:
                keyid:25:39:DC:11:C2:F2:22:E9:10:44:E1:BE:7B:28:1E:57:6D:EE:E4:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTncEcLyIukQROG-eygeV23u5Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/98a556-6b6f-4d5e-972e-0fc8da0503c9/1/JTncEcLyIukQROG-eygeV23u5Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:79:c7:26:cb:3d:cc:72:5b:82:ac:d7:a6:66:22:8c:35:83:
         92:cc:a3:06:e9:19:d1:9e:40:0b:5f:39:1d:39:25:28:d4:56:
         05:4f:fe:9f:20:74:4c:ed:3e:a3:70:0a:33:db:f1:d4:8d:6b:
         a0:97:65:24:dc:3c:83:93:0e:38:ee:14:c8:64:04:ce:75:29:
         0f:6c:65:9f:8f:d1:ff:20:c3:64:a0:9b:a2:2b:4e:e8:49:f6:
         aa:31:27:d3:62:0f:76:54:cb:28:2d:6c:90:e8:42:f7:b0:bb:
         b7:68:7a:b4:08:81:73:9f:b7:54:23:96:94:6f:60:4e:cc:8b:
         64:14:9c:be:c8:80:6c:2c:b0:2c:db:41:50:8b:65:51:98:0b:
         e2:c5:d6:bc:bd:9a:fc:c5:af:11:02:33:40:be:b3:45:ea:8e:
         f0:04:56:7b:68:80:d3:60:4c:2d:9b:d7:a2:e5:05:af:f4:d4:
         6b:7e:62:37:ff:15:77:57:f1:ae:d3:c5:54:af:a1:fb:19:87:
         33:a3:f9:c9:a7:a5:bc:5e:1c:3e:81:da:eb:14:92:9d:a5:41:
         7d:f7:28:30:ae:53:68:f5:b3:ce:d6:41:ef:30:f6:7a:56:e7:
         92:7a:7f:bb:19:17:8e:db:28:3b:03:de:f2:61:51:68:62:14:
         2d:9e:14:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7r39KmIxeXne4VcogJ25MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzlkYzExYzJmMjIyZTkxMDQ0ZTFiZTdiMjgxZTU3NmRl
ZWU0NWIwHhcNMjUxMTExMDgwMTAyWhcNMjUxMTEyMDgwMTAyWjAzMTEwLwYDVQQD
EyhiYjI4MDM3NzdiYzhlOWEzYzAyZTI3YjEzZTIzNGE1OWU5NDhkY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4FlMMTavVx20UJ9F3YkoJqK7WUP
MNQ45YdQZYEOHkt74vg8u0xwULqCajieXSJwDQ0/cyIltLGsED2MKjMIffM31f2Z
2IPkk4tOiLUnML7trMFJl50GyEeiZKXH0WN1/BytsqboV539RmZjdoiiHLOOkp8M
lOWR+DD51i2ivEPml4QxReRut6nDCj3RM4o0+TGuBJ7e86N3B8VBNA04tqOaK/K6
ZgbCu1bVb23NGMqJJcDYI2+PT4j6w41p1FPVNNM/muswyTezgScWaSViNeDU9DGh
Q5w2zRkQRtT7+/XTcN4RPyuHMeTrRI3HqI1ouQuwHtEK2GFJD136D0YIVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsoA3d7yOmjwC4nsT4jSlnpSNygMB8GA1UdIwQY
MBaAFCU53BHC8iLpEEThvnsoHldt7uRbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUt
MGZjOGRhMDUwM2M5LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85OGE1NTYtNmI2Zi00ZDVlLTk3MmUtMGZjOGRhMDUwM2M5
LzEvSlRuY0VjTHlJdWtRUk9HLWV5Z2VWMjN1NUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARnnHJss9
zHJbgqzXpmYijDWDksyjBukZ0Z5AC185HTklKNRWBU/+nyB0TO0+o3AKM9vx1I1r
oJdlJNw8g5MOOO4UyGQEznUpD2xln4/R/yDDZKCboitO6En2qjEn02IPdlTLKC1s
kOhC97C7t2h6tAiBc5+3VCOWlG9gTsyLZBScvsiAbCywLNtBUItlUZgL4sXWvL2a
/MWvEQIzQL6zReqO8ARWe2iA02BMLZvXouUFr/TUa35iN/8Vd1fxrtPFVK+h+xmH
M6P5yaelvF4cPoHa6xSSnaVBffcoMK5TaPWzztZB7zD2elbnknp/uxkXjtsoOwPe
8mFRaGIULZ4UYQ==
-----END CERTIFICATE-----