Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          zrBfWBjxbGkQv0mSmVAw8pAZrWFE5MQ1yYxihPV+cCs=
Subject key identifier:   21:48:50:7C:23:8A:3B:EB:31:EC:7B:7A:4D:D9:79:0C:9A:DB:4D:EE
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       019A722636B8BAB44E4E9FF5274AE37FB682
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          15AC
Signing time:             Tue 11 Nov 2025 09:01:38 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:38 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:38 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: lxFiUEXEZpuyEnqxBwDJAuOaSEi14pJfOTILgqvgB2Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:36:b8:ba:b4:4e:4e:9f:f5:27:4a:e3:7f:b6:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Nov 11 09:01:38 2025 GMT
            Not After : Nov 12 09:01:38 2025 GMT
        Subject: CN=2148507c238a3beb31ec7b7a4dd9790c9adb4dee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:1d:ee:61:63:c9:ff:43:fd:af:be:d4:bb:b3:
                    93:0f:d6:31:5a:4b:43:f5:cf:7c:c6:80:f9:e3:1a:
                    ba:95:aa:3f:70:8f:67:33:4c:7c:3d:8b:63:f6:39:
                    7b:5e:54:b1:dc:74:d5:e5:41:29:10:72:ed:08:f9:
                    a3:d6:c9:1c:fe:28:40:68:b3:e2:4a:13:52:9c:a2:
                    de:4e:e1:f0:01:b4:67:d6:dc:b2:d5:0f:ad:d9:25:
                    c7:5b:00:8c:7f:89:3d:04:ba:dc:4d:40:19:4e:10:
                    c6:e3:77:d1:6f:93:ed:77:0f:f4:bb:29:c7:61:00:
                    69:f8:db:7f:6e:f4:11:ba:78:0d:f9:37:70:97:d8:
                    c7:9f:29:d5:b0:f2:2b:1f:72:0a:94:c5:d8:94:86:
                    aa:0b:45:28:94:17:56:82:ef:29:10:e6:be:36:f5:
                    b8:16:c8:c3:fd:e6:2c:33:f6:83:cc:f8:7c:46:96:
                    cd:83:b8:9f:b9:be:1a:a9:48:4f:ac:69:45:7b:6a:
                    83:b4:03:54:70:1e:72:30:39:89:ac:6b:79:fd:73:
                    78:4e:74:ed:70:0f:e1:25:d5:a8:ec:2b:42:d1:82:
                    99:b9:ad:26:85:16:21:3c:74:95:3b:51:d3:b7:36:
                    94:61:ca:0b:1c:22:74:5e:70:38:bc:b0:1c:24:70:
                    1a:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:48:50:7C:23:8A:3B:EB:31:EC:7B:7A:4D:D9:79:0C:9A:DB:4D:EE
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:17:a5:34:27:4b:65:70:14:68:cc:80:77:b9:ce:04:fc:f6:
         1e:ae:c0:93:21:ad:b0:27:0a:1b:fc:2f:96:2e:00:c0:7d:ec:
         12:b7:d4:08:4e:ad:fd:13:d5:d9:e8:2c:0e:f0:1e:71:af:ae:
         6b:b0:2a:6b:9a:d5:ad:44:3d:0d:32:43:18:06:c6:47:e4:fd:
         66:8d:15:10:52:c4:bd:13:32:c2:a5:81:8b:40:da:17:5e:d8:
         a8:24:9e:09:c7:59:7d:aa:32:00:dd:17:96:a2:7f:86:92:9a:
         22:84:3d:b8:08:62:ed:3f:cd:7e:c8:70:56:65:fe:d2:4d:09:
         6d:76:ac:31:e3:e8:92:20:44:dc:9f:e2:24:db:61:1e:76:b2:
         38:9b:07:b6:81:fa:87:9f:28:41:6c:92:12:1b:74:ac:1f:ab:
         df:2c:63:25:10:d5:98:2e:01:dc:d4:53:17:f8:df:43:a1:fb:
         47:83:18:b6:a3:50:d4:a8:b2:33:1d:a1:4a:4f:97:fd:01:42:
         e0:e8:9a:ed:f8:b2:c7:55:07:3f:d0:a1:2a:46:39:d1:21:04:
         4c:53:0f:c8:6c:34:af:28:81:c2:12:02:69:40:b0:fb:06:34:
         89:d0:de:d7:d5:ff:4e:5f:69:cb:9a:1e:94:a8:4d:37:ec:82:
         d9:39:50:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJja4urROTp/1J0rjf7aCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjUxMTExMDkwMTM4WhcNMjUxMTEyMDkwMTM4WjAzMTEwLwYDVQQD
EygyMTQ4NTA3YzIzOGEzYmViMzFlYzdiN2E0ZGQ5NzkwYzlhZGI0ZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4B3uYWPJ/0P9r77Uu7OTD9YxWktD
9c98xoD54xq6lao/cI9nM0x8PYtj9jl7XlSx3HTV5UEpEHLtCPmj1skc/ihAaLPi
ShNSnKLeTuHwAbRn1tyy1Q+t2SXHWwCMf4k9BLrcTUAZThDG43fRb5Ptdw/0uynH
YQBp+Nt/bvQRungN+Tdwl9jHnynVsPIrH3IKlMXYlIaqC0UolBdWgu8pEOa+NvW4
FsjD/eYsM/aDzPh8RpbNg7ifub4aqUhPrGlFe2qDtANUcB5yMDmJrGt5/XN4TnTt
cA/hJdWo7CtC0YKZua0mhRYhPHSVO1HTtzaUYcoLHCJ0XnA4vLAcJHAalQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFIUHwjijvrMex7ek3ZeQya203uMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRelNCdL
ZXAUaMyAd7nOBPz2Hq7AkyGtsCcKG/wvli4AwH3sErfUCE6t/RPV2egsDvAeca+u
a7Aqa5rVrUQ9DTJDGAbGR+T9Zo0VEFLEvRMywqWBi0DaF17YqCSeCcdZfaoyAN0X
lqJ/hpKaIoQ9uAhi7T/NfshwVmX+0k0JbXasMePokiBE3J/iJNthHnayOJsHtoH6
h58oQWySEht0rB+r3yxjJRDVmC4B3NRTF/jfQ6H7R4MYtqNQ1KiyMx2hSk+X/QFC
4Oia7fiyx1UHP9ChKkY50SEETFMPyGw0ryiBwhICaUCw+wY0idDe19X/Tl9py5oe
lKhNN+yC2TlQiQ==
-----END CERTIFICATE-----