Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
File:                     2lNAluw_e_xU1lT84PAWitlmIs0.mft (raw, json)
Hash identifier:          s1MiUVQdtgAsk8h73pz6b+InpRx620GnapkppuJl85I=
Subject key identifier:   8D:25:89:1B:B6:37:56:FC:B3:B4:EE:39:93:ED:35:E6:34:24:5B:80
Authority key identifier: DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD
Certificate issuer:       /CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
Certificate serial:       019A7149DD05D1970D445CC27D110CF25672
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
Manifest number:          0484
Signing time:             Tue 11 Nov 2025 05:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 05:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 05:00:57 +0000
Files and hashes:         1: 2lNAluw_e_xU1lT84PAWitlmIs0.crl (hash: CIfllncqe/XBWzaePgCPLLT5+zr3XipMwsuw5YwXByc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 05:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:49:dd:05:d1:97:0d:44:5c:c2:7d:11:0c:f2:56:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da534096ec3f7bfc54d654fce0f0168ad96622cd
        Validity
            Not Before: Nov 11 05:00:57 2025 GMT
            Not After : Nov 12 05:00:57 2025 GMT
        Subject: CN=8d25891bb63756fcb3b4ee3993ed35e634245b80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:94:e2:cb:26:0d:dd:f1:4f:a8:54:85:a7:b8:
                    bd:eb:89:bd:23:36:9a:d0:21:f4:03:60:27:fb:f1:
                    aa:fa:39:b7:c3:70:4f:3f:02:a4:35:31:7f:65:98:
                    ae:a7:a5:35:80:68:d5:0b:a7:d7:c0:60:f2:e9:8b:
                    ff:6c:14:99:4d:a6:5d:a7:a1:00:c1:04:0f:f2:06:
                    d8:54:8e:9f:b5:43:c1:2a:92:9f:e9:39:dd:cf:c6:
                    00:20:99:dd:81:39:0c:01:ca:aa:e6:82:d8:4f:3d:
                    0e:fe:d8:6d:bf:bf:18:e1:0d:39:57:cd:84:98:1b:
                    dd:72:71:d8:2a:d6:17:6b:6d:7f:76:31:4e:12:bb:
                    82:7a:26:18:78:e0:e5:fc:38:a0:b6:10:a4:10:ae:
                    47:cf:6c:61:3f:b6:fb:01:3a:bd:37:89:9c:09:87:
                    2d:aa:b9:e1:15:cb:6a:e5:d7:ee:24:e7:a6:f5:b8:
                    e6:e9:2e:85:1e:c8:16:44:83:34:78:4f:23:d3:2c:
                    e5:7d:98:da:76:30:de:4b:6e:41:23:79:db:b9:60:
                    ed:ab:92:8d:13:c1:54:b5:dd:34:c6:7d:f2:a8:90:
                    75:14:17:39:99:f4:6a:63:ed:56:c6:11:fb:af:5a:
                    2d:99:ec:f8:3d:e6:79:a9:d5:fb:d5:a8:02:f3:1e:
                    14:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:25:89:1B:B6:37:56:FC:B3:B4:EE:39:93:ED:35:E6:34:24:5B:80
            X509v3 Authority Key Identifier:
                keyid:DA:53:40:96:EC:3F:7B:FC:54:D6:54:FC:E0:F0:16:8A:D9:66:22:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lNAluw_e_xU1lT84PAWitlmIs0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4052b5-b59e-433f-87aa-86f2a1af4d79/1/2lNAluw_e_xU1lT84PAWitlmIs0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:76:f4:33:62:17:64:4a:82:0d:30:86:9a:f3:53:a4:41:3d:
         08:ff:4c:82:0b:8e:ef:20:a0:4b:a1:4e:66:17:bc:43:ab:53:
         a0:7e:81:ae:22:37:6d:d0:31:e7:84:58:f9:19:6d:96:5e:aa:
         9b:86:42:b9:97:0f:9b:3e:f8:51:b9:8a:f8:25:a6:cd:fa:33:
         33:dd:31:9f:d5:2d:f9:93:29:49:38:38:ac:8a:86:b4:c6:e0:
         3f:fb:3d:a3:71:a2:72:12:68:1b:97:35:46:10:fd:f4:fb:a3:
         99:4c:59:28:84:70:2d:75:f7:aa:9b:dc:8d:55:4f:fe:b4:1d:
         9f:15:85:25:3f:ee:28:c6:9e:29:34:8c:6f:b7:dd:1b:1c:72:
         45:49:d8:db:75:50:1c:e5:ef:3c:20:06:8a:ba:3e:d0:18:54:
         dc:0b:34:25:71:bb:87:1f:a3:ed:c0:12:32:0c:60:3d:91:3f:
         39:4e:b0:f9:f8:08:fd:89:20:42:51:58:a7:ad:0a:36:00:f6:
         85:0f:ff:29:4f:01:ab:9e:c4:60:aa:c2:9b:83:7b:8f:13:51:
         7d:c8:d6:b1:ef:9c:5c:b3:30:14:45:f6:16:44:f3:6c:f0:e9:
         94:97:eb:5a:57:77:ff:27:00:1c:66:07:4c:39:6f:02:c2:ce:
         8f:e7:92:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSd0F0ZcNRFzCfREM8lZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTM0MDk2ZWMzZjdiZmM1NGQ2NTRmY2UwZjAxNjhhZDk2
NjIyY2QwHhcNMjUxMTExMDUwMDU3WhcNMjUxMTEyMDUwMDU3WjAzMTEwLwYDVQQD
Eyg4ZDI1ODkxYmI2Mzc1NmZjYjNiNGVlMzk5M2VkMzVlNjM0MjQ1YjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJTiyyYN3fFPqFSFp7i964m9Izaa
0CH0A2An+/Gq+jm3w3BPPwKkNTF/ZZiup6U1gGjVC6fXwGDy6Yv/bBSZTaZdp6EA
wQQP8gbYVI6ftUPBKpKf6Tndz8YAIJndgTkMAcqq5oLYTz0O/thtv78Y4Q05V82E
mBvdcnHYKtYXa21/djFOEruCeiYYeODl/DigthCkEK5Hz2xhP7b7ATq9N4mcCYct
qrnhFctq5dfuJOem9bjm6S6FHsgWRIM0eE8j0yzlfZjadjDeS25BI3nbuWDtq5KN
E8FUtd00xn3yqJB1FBc5mfRqY+1WxhH7r1otmez4PeZ5qdX71agC8x4ULQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0liRu2N1b8s7TuOZPtNeY0JFuAMB8GA1UdIwQY
MBaAFNpTQJbsP3v8VNZU/ODwForZZiLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEt
ODZmMmExYWY0ZDc5LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80MDUyYjUtYjU5ZS00MzNmLTg3YWEtODZmMmExYWY0ZDc5
LzEvMmxOQWx1d19lX3hVMWxUODRQQVdpdGxtSXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALHb0M2IX
ZEqCDTCGmvNTpEE9CP9MgguO7yCgS6FOZhe8Q6tToH6BriI3bdAx54RY+Rltll6q
m4ZCuZcPmz74UbmK+CWmzfozM90xn9Ut+ZMpSTg4rIqGtMbgP/s9o3GichJoG5c1
RhD99PujmUxZKIRwLXX3qpvcjVVP/rQdnxWFJT/uKMaeKTSMb7fdGxxyRUnY23VQ
HOXvPCAGiro+0BhU3As0JXG7hx+j7cASMgxgPZE/OU6w+fgI/YkgQlFYp60KNgD2
hQ//KU8Bq57EYKrCm4N7jxNRfcjWse+cXLMwFEX2FkTzbPDplJfrWld3/ycAHGYH
TDlvAsLOj+eS9A==
-----END CERTIFICATE-----