Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          F7KwOnMTwbc3N0kxBnGurGPTwI1nk+RKQuPnzYJLbEQ=
Subject key identifier:   C3:6D:B4:AD:C4:56:67:6E:CE:C8:75:31:C4:F7:F6:4B:67:3A:81:88
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       019A71B8F8D9998CF7E7108824AC9AFB9EAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          1024
Signing time:             Tue 11 Nov 2025 07:02:18 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:18 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:18 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: HTAM9T1h+FmnzNJaaCq8GWTM3k2Oh23m26EcY8C3/vk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:f8:d9:99:8c:f7:e7:10:88:24:ac:9a:fb:9e:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Nov 11 07:02:18 2025 GMT
            Not After : Nov 12 07:02:18 2025 GMT
        Subject: CN=c36db4adc456676ecec87531c4f7f64b673a8188
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:54:a6:1e:49:27:55:13:9a:88:69:6c:03:12:
                    8a:87:03:07:c4:59:9c:60:b4:6e:23:90:69:e3:25:
                    ae:ae:3e:8d:62:13:85:b2:20:c3:52:51:3d:bf:c2:
                    8e:2d:f5:62:ac:ab:00:0c:95:4f:e6:f1:d7:03:05:
                    ba:0b:79:8f:c4:36:dd:a7:31:4e:e3:bf:6b:7c:30:
                    f7:80:51:3c:f0:c4:3c:ac:a1:ec:41:6e:48:bd:9b:
                    8b:3a:40:d9:06:80:d5:9b:2c:29:e8:e2:91:32:00:
                    50:ff:9a:da:8e:44:fd:76:b8:06:4e:ca:d6:e0:92:
                    5f:8e:71:fd:f3:d6:04:9b:2a:e5:56:1a:ff:2c:14:
                    5e:a7:87:fe:a5:c7:26:8d:4d:d1:83:59:ed:67:fc:
                    e0:fa:4b:ec:85:36:aa:63:82:e7:9f:23:8b:1d:96:
                    eb:2a:3b:6b:18:77:af:79:c5:8d:47:ef:64:6c:15:
                    6c:be:c8:a0:83:24:13:69:9c:f4:2d:58:26:ec:9b:
                    92:c9:ef:7e:fc:4e:94:7f:05:dd:f6:34:a8:e6:52:
                    e5:df:ab:5f:f4:fa:fa:7b:27:82:57:52:3d:67:5f:
                    30:14:e6:11:f4:8f:7d:47:38:7a:b7:3e:63:e8:dd:
                    4b:8a:ef:ca:3a:ea:d2:2e:67:ab:cc:4b:9e:57:43:
                    31:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:6D:B4:AD:C4:56:67:6E:CE:C8:75:31:C4:F7:F6:4B:67:3A:81:88
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:8e:10:e6:16:31:43:8b:bb:24:ca:cf:d1:5b:14:a8:a1:32:
         6c:ac:62:3a:64:75:8d:5e:ad:6f:c5:da:b5:4b:5b:78:cc:9b:
         8f:64:88:9e:28:ca:68:c9:a5:19:76:b8:3d:e9:26:6b:d6:6d:
         91:58:fb:5b:82:24:5f:d9:d9:f4:1c:71:eb:d0:af:51:e3:31:
         98:fc:55:e2:8d:ca:0d:84:e7:73:56:e4:82:95:28:86:81:56:
         33:9e:db:ed:5a:ca:ac:d0:9b:7f:34:b3:ed:12:de:a5:4a:d1:
         4e:f0:ab:13:4a:ab:ec:70:ec:3c:82:e9:a1:1a:98:49:84:9b:
         54:4e:97:c1:a2:a1:f5:f3:31:d1:10:78:30:94:33:a5:42:c4:
         a8:3f:72:07:08:3b:f2:33:98:4d:46:33:6f:d5:4a:a1:18:74:
         d4:8e:17:20:af:8e:6b:3d:10:9d:2f:1e:ef:14:50:90:f1:2d:
         2e:c1:0c:8c:e3:bc:2d:5e:a7:b9:b8:e9:1c:68:dd:6a:04:53:
         c4:66:21:1a:9e:49:4c:6e:6b:08:cf:46:c5:8e:ed:5d:c3:7c:
         53:b6:9e:3f:79:47:09:7a:05:08:65:d5:4b:a0:b0:97:bb:4a:
         f6:fe:c8:de:e2:ac:e5:7f:ea:9f:37:87:56:fd:bc:3e:1b:d4:
         24:32:bd:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPjZmYz35xCIJKya+56tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjUxMTExMDcwMjE4WhcNMjUxMTEyMDcwMjE4WjAzMTEwLwYDVQQD
EyhjMzZkYjRhZGM0NTY2NzZlY2VjODc1MzFjNGY3ZjY0YjY3M2E4MTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FSmHkknVROaiGlsAxKKhwMHxFmc
YLRuI5Bp4yWurj6NYhOFsiDDUlE9v8KOLfVirKsADJVP5vHXAwW6C3mPxDbdpzFO
479rfDD3gFE88MQ8rKHsQW5IvZuLOkDZBoDVmywp6OKRMgBQ/5rajkT9drgGTsrW
4JJfjnH989YEmyrlVhr/LBRep4f+pccmjU3Rg1ntZ/zg+kvshTaqY4LnnyOLHZbr
KjtrGHevecWNR+9kbBVsvsiggyQTaZz0LVgm7JuSye9+/E6UfwXd9jSo5lLl36tf
9Pr6eyeCV1I9Z18wFOYR9I99Rzh6tz5j6N1Liu/KOurSLmerzEueV0Mx+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNttK3EVmduzsh1McT39ktnOoGIMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ44Q5hYx
Q4u7JMrP0VsUqKEybKxiOmR1jV6tb8XatUtbeMybj2SInijKaMmlGXa4Pekma9Zt
kVj7W4IkX9nZ9Bxx69CvUeMxmPxV4o3KDYTnc1bkgpUohoFWM57b7VrKrNCbfzSz
7RLepUrRTvCrE0qr7HDsPILpoRqYSYSbVE6XwaKh9fMx0RB4MJQzpULEqD9yBwg7
8jOYTUYzb9VKoRh01I4XIK+Oaz0QnS8e7xRQkPEtLsEMjOO8LV6nubjpHGjdagRT
xGYhGp5JTG5rCM9GxY7tXcN8U7aeP3lHCXoFCGXVS6Cwl7tK9v7I3uKs5X/qnzeH
Vv28PhvUJDK9PA==
-----END CERTIFICATE-----