Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          2T8si2KTf7NwkyrtfUx1V0PzKUCUyWtSLKv8b4+ksW8=
Subject key identifier:   35:C1:FE:48:D4:7A:68:A9:73:32:47:5A:81:6A:5B:C1:A7:DE:49:37
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       019A72268328AFE3ABFE88CEF2503B181491
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          0765
Signing time:             Tue 11 Nov 2025 09:01:57 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:57 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:57 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: NLY2gqRNlqpHMe6cNl2icVEUrgoIM8aTTNuLDyumHtk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:83:28:af:e3:ab:fe:88:ce:f2:50:3b:18:14:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Nov 11 09:01:57 2025 GMT
            Not After : Nov 12 09:01:57 2025 GMT
        Subject: CN=35c1fe48d47a68a97332475a816a5bc1a7de4937
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:aa:c2:70:ef:d5:3d:42:75:dc:ea:f1:8d:8f:
                    55:94:6f:00:74:0e:2b:85:71:71:34:a4:cd:00:9e:
                    e4:ea:23:5b:ee:06:ec:f8:49:35:11:1d:e7:ab:75:
                    02:46:cd:ca:37:5c:c0:58:22:7c:bc:f9:b2:29:34:
                    51:51:ca:e6:9c:f6:40:6b:23:6a:55:73:6f:8d:52:
                    fe:95:d7:6e:5f:95:63:7f:66:a8:68:d9:20:e7:69:
                    c1:5e:c1:64:49:c8:56:bd:b6:21:aa:fc:e2:8c:fe:
                    de:e0:b1:25:64:1d:ea:46:3d:1e:bc:86:2f:88:1c:
                    cf:aa:5b:b1:ec:81:9d:d7:3a:8e:79:c3:ae:c5:24:
                    f5:10:99:89:66:e6:d8:8a:5e:60:e0:40:ec:7e:b1:
                    82:d3:03:80:d0:d9:94:72:13:0e:12:f4:cf:ba:bc:
                    4d:e7:b8:77:e3:03:15:79:7f:d7:83:39:d1:67:9b:
                    74:66:69:c8:91:e4:2f:f2:d0:5a:eb:61:87:c3:2e:
                    bc:10:a2:8a:f6:1e:71:ce:0e:dd:6c:9d:59:61:ea:
                    e8:49:31:e7:a6:ae:f2:42:f9:b1:fb:9b:13:c1:84:
                    a1:37:ed:e9:09:95:8f:86:2c:19:a0:78:32:f6:c1:
                    11:52:7d:24:5a:0e:bb:97:08:0e:51:38:89:7d:ef:
                    b0:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:C1:FE:48:D4:7A:68:A9:73:32:47:5A:81:6A:5B:C1:A7:DE:49:37
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:e6:c3:e9:c2:50:f6:5d:26:64:46:d2:42:aa:4c:fc:e2:03:
         96:4e:bb:2a:41:72:1c:50:50:9c:05:a2:48:56:53:d5:18:45:
         6e:36:48:70:19:6a:e4:33:6d:0f:cc:4b:da:82:f7:f8:25:13:
         a6:a6:88:ea:12:03:d1:50:3f:61:b3:aa:29:90:71:84:59:12:
         f9:3c:84:e9:96:68:4e:3c:6d:8b:0d:75:ea:a3:b7:44:2d:e9:
         e1:df:f9:24:2d:fb:e3:e2:d0:10:15:f8:4c:04:96:15:b3:18:
         b0:61:b0:f5:33:e3:5b:21:00:da:e1:9a:d7:7a:02:c1:f2:91:
         5d:95:a7:6d:0a:ad:0b:e0:81:25:52:82:d1:60:07:1f:75:5c:
         d8:e8:15:e8:3b:e4:4f:9f:8a:b9:6a:9d:55:c3:91:32:24:77:
         ff:5c:8e:da:02:d5:f2:6e:a7:df:07:fc:21:60:bd:c2:8a:1a:
         05:65:40:73:22:43:9e:89:0c:17:56:b0:1b:8b:c3:47:53:4a:
         bb:79:ce:3f:a4:ef:db:c8:59:6e:61:db:a1:85:ba:98:bc:a5:
         3f:82:94:c5:28:bc:ae:e8:9d:c3:f5:61:45:30:6d:ec:78:d1:
         57:ca:f9:82:b2:28:b8:5c:dd:23:48:d3:7d:7f:4c:cd:cc:1b:
         02:07:29:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJoMor+Or/ojO8lA7GBSRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjUxMTExMDkwMTU3WhcNMjUxMTEyMDkwMTU3WjAzMTEwLwYDVQQD
EygzNWMxZmU0OGQ0N2E2OGE5NzMzMjQ3NWE4MTZhNWJjMWE3ZGU0OTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6rCcO/VPUJ13OrxjY9VlG8AdA4r
hXFxNKTNAJ7k6iNb7gbs+Ek1ER3nq3UCRs3KN1zAWCJ8vPmyKTRRUcrmnPZAayNq
VXNvjVL+ldduX5Vjf2aoaNkg52nBXsFkSchWvbYhqvzijP7e4LElZB3qRj0evIYv
iBzPqlux7IGd1zqOecOuxST1EJmJZubYil5g4EDsfrGC0wOA0NmUchMOEvTPurxN
57h34wMVeX/XgznRZ5t0ZmnIkeQv8tBa62GHwy68EKKK9h5xzg7dbJ1ZYeroSTHn
pq7yQvmx+5sTwYShN+3pCZWPhiwZoHgy9sERUn0kWg67lwgOUTiJfe+w/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDXB/kjUemipczJHWoFqW8Gn3kk3MB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh+bD6cJQ
9l0mZEbSQqpM/OIDlk67KkFyHFBQnAWiSFZT1RhFbjZIcBlq5DNtD8xL2oL3+CUT
pqaI6hID0VA/YbOqKZBxhFkS+TyE6ZZoTjxtiw116qO3RC3p4d/5JC374+LQEBX4
TASWFbMYsGGw9TPjWyEA2uGa13oCwfKRXZWnbQqtC+CBJVKC0WAHH3Vc2OgV6Dvk
T5+KuWqdVcORMiR3/1yO2gLV8m6n3wf8IWC9wooaBWVAcyJDnokMF1awG4vDR1NK
u3nOP6Tv28hZbmHboYW6mLylP4KUxSi8ruidw/VhRTBt7HjRV8r5grIouFzdI0jT
fX9MzcwbAgcpSA==
-----END CERTIFICATE-----