Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          Vk+bPz178XY3QTLP3vADboKtImWPMSCcSQYZOKI955Q=
Subject key identifier:   63:33:9A:AF:58:D1:6D:79:3A:EB:76:CB:DB:F5:32:97:DF:D7:77:13
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       019A72265360508A757D15B00AE34B36E127
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          171B
Signing time:             Tue 11 Nov 2025 09:01:45 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:45 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:45 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: ndaO6TT/5uzE6MvvY0pckebgp6ovBGu7JGDyZ761tGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:53:60:50:8a:75:7d:15:b0:0a:e3:4b:36:e1:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: Nov 11 09:01:45 2025 GMT
            Not After : Nov 12 09:01:45 2025 GMT
        Subject: CN=63339aaf58d16d793aeb76cbdbf53297dfd77713
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:55:78:54:4e:5e:38:aa:fc:34:bd:68:4f:0b:
                    8a:3e:c3:2e:31:67:11:20:6d:03:29:3c:e9:bf:0f:
                    35:d2:e0:b0:03:58:52:27:fb:10:9c:0a:ad:6c:3b:
                    44:15:b7:d1:6c:a3:7f:7d:57:51:96:06:2e:b8:e7:
                    1a:c0:58:24:a1:3e:48:a4:d8:39:3a:3c:23:c9:6d:
                    64:bf:3d:92:e9:86:f3:bb:cd:49:14:08:6e:3d:37:
                    99:44:b8:3f:98:d6:e4:24:96:24:aa:a3:3f:61:e7:
                    e3:41:50:ec:bd:7c:7e:4b:c6:10:08:a8:94:c5:f6:
                    63:23:3b:7a:eb:6b:6d:e5:55:67:6c:16:39:4c:06:
                    c8:db:ec:77:2e:55:c1:c4:a3:22:d7:8c:39:0b:25:
                    0f:db:b6:10:b8:ac:26:d3:b3:de:b9:86:1c:d7:df:
                    af:43:5c:11:31:75:9b:ec:91:5f:0c:d0:cb:84:75:
                    ac:8a:94:f4:7e:19:6a:24:66:2e:a7:02:01:ff:4e:
                    34:0f:58:53:36:94:1f:b5:6b:83:d6:cd:20:c5:41:
                    4a:d8:51:fe:35:5e:b9:25:54:ab:a3:bd:a7:0d:56:
                    c4:20:ca:28:75:34:1c:2e:c7:db:bd:9a:1b:ba:48:
                    f5:f1:07:e7:5d:14:c8:56:5d:a1:55:6f:fe:53:98:
                    43:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:33:9A:AF:58:D1:6D:79:3A:EB:76:CB:DB:F5:32:97:DF:D7:77:13
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:c1:98:c9:0d:be:d4:6c:d8:f3:f1:cf:c4:fb:0b:d0:b3:8f:
         e4:19:28:ed:04:53:8d:b3:fd:28:89:dd:3d:f6:de:9d:99:4a:
         8f:20:46:65:a3:9c:e9:1e:2e:09:1a:14:30:16:b7:63:b4:55:
         b2:af:be:3d:58:88:94:b7:7e:27:93:5d:79:9a:6c:be:39:0f:
         80:72:8e:b2:47:d7:c8:bb:42:a9:69:06:38:19:74:f4:e4:7b:
         d5:93:a9:cd:b7:fb:05:f0:e7:e2:1e:83:32:56:db:4b:01:4c:
         32:2c:d6:e5:a8:41:70:93:97:8b:de:7f:5d:87:70:a8:18:5d:
         fb:a0:fa:d4:71:04:7a:27:46:bf:ff:81:b1:82:86:ff:a0:82:
         63:19:e8:ed:25:3f:d4:a4:cc:bc:73:aa:5c:be:df:66:c5:16:
         a7:26:ec:63:fa:06:95:e8:70:bc:db:b3:19:fd:a2:97:e3:17:
         3b:41:e5:6d:20:d7:55:6b:d1:9f:5a:43:69:86:c3:a5:04:33:
         15:75:f8:03:cf:96:62:19:75:2e:22:8c:6a:86:fb:6b:f9:fe:
         41:67:f1:23:2a:c5:4e:6f:a3:6d:a5:f4:49:a2:bd:5e:6d:d3:
         dd:c9:e8:c8:6a:6a:74:51:6f:2a:9c:91:6a:c2:5a:49:2d:8d:
         67:d8:52:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlNgUIp1fRWwCuNLNuEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjUxMTExMDkwMTQ1WhcNMjUxMTEyMDkwMTQ1WjAzMTEwLwYDVQQD
Eyg2MzMzOWFhZjU4ZDE2ZDc5M2FlYjc2Y2JkYmY1MzI5N2RmZDc3NzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFV4VE5eOKr8NL1oTwuKPsMuMWcR
IG0DKTzpvw810uCwA1hSJ/sQnAqtbDtEFbfRbKN/fVdRlgYuuOcawFgkoT5IpNg5
OjwjyW1kvz2S6Ybzu81JFAhuPTeZRLg/mNbkJJYkqqM/YefjQVDsvXx+S8YQCKiU
xfZjIzt662tt5VVnbBY5TAbI2+x3LlXBxKMi14w5CyUP27YQuKwm07PeuYYc19+v
Q1wRMXWb7JFfDNDLhHWsipT0fhlqJGYupwIB/040D1hTNpQftWuD1s0gxUFK2FH+
NV65JVSro72nDVbEIMoodTQcLsfbvZobukj18QfnXRTIVl2hVW/+U5hDFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMzmq9Y0W15Out2y9v1Mpff13cTMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdcGYyQ2+
1GzY8/HPxPsL0LOP5Bko7QRTjbP9KIndPfbenZlKjyBGZaOc6R4uCRoUMBa3Y7RV
sq++PViIlLd+J5NdeZpsvjkPgHKOskfXyLtCqWkGOBl09OR71ZOpzbf7BfDn4h6D
MlbbSwFMMizW5ahBcJOXi95/XYdwqBhd+6D61HEEeidGv/+BsYKG/6CCYxno7SU/
1KTMvHOqXL7fZsUWpybsY/oGlehwvNuzGf2il+MXO0HlbSDXVWvRn1pDaYbDpQQz
FXX4A8+WYhl1LiKMaob7a/n+QWfxIyrFTm+jbaX0SaK9Xm3T3cnoyGpqdFFvKpyR
asJaSS2NZ9hSOg==
-----END CERTIFICATE-----