Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          9dLkASxOu2ew5lD7aRSkWqdNW441v9wHQqNPvr0/+fY=
Subject key identifier:   32:04:20:4A:6B:92:C4:FE:79:FF:F9:3A:DF:0F:C1:DA:53:18:27:D9
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019A7301509A5DEC055DA18922982574037C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          0680
Signing time:             Tue 11 Nov 2025 13:00:57 +0000
Manifest this update:     Tue 11 Nov 2025 13:00:57 +0000
Manifest next update:     Wed 12 Nov 2025 13:00:57 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: IB/56auaqHsR6YTk+x5NonGOQ7eqiCT78oVAVM7SVWg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:73:01:50:9a:5d:ec:05:5d:a1:89:22:98:25:74:03:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Nov 11 13:00:57 2025 GMT
            Not After : Nov 12 13:00:57 2025 GMT
        Subject: CN=3204204a6b92c4fe79fff93adf0fc1da531827d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:e4:a9:08:d8:3b:a2:c8:e6:96:91:4e:63:c0:
                    e5:85:fb:55:cd:bf:e9:c8:7b:ed:28:55:91:dc:c0:
                    e4:c1:14:14:89:f2:4a:4a:cb:89:f0:2d:6d:02:fa:
                    2e:f2:a7:06:a2:bc:0d:30:fe:67:42:8f:0c:32:22:
                    84:ab:6f:7a:d2:c3:9a:d7:ce:24:8e:5c:71:b1:f1:
                    2b:18:4a:85:f0:20:18:e5:ac:d1:79:e1:2f:ed:d0:
                    cd:ca:5f:4b:86:56:e0:bd:db:a4:13:60:53:59:54:
                    5a:a6:f7:14:d0:55:a0:6e:ed:3c:e3:b5:13:c8:b1:
                    b9:a4:fd:a2:4e:ce:22:65:bb:78:e2:01:0e:ac:fc:
                    ad:01:e3:64:29:05:51:32:d3:63:bf:f3:62:02:9b:
                    ea:09:09:11:49:ec:9d:65:0c:f1:7a:e7:72:c7:ef:
                    0c:f6:68:0d:1c:75:05:e3:da:2c:b0:5d:ef:08:4b:
                    c6:44:d5:b7:77:f9:a9:e8:5a:83:a5:80:b3:f5:e7:
                    68:77:03:f8:03:cf:71:f6:f9:45:42:05:d9:f0:cb:
                    c0:70:bf:2a:e9:e8:e1:bf:76:36:a7:f7:d7:a4:d5:
                    ad:35:39:14:4e:72:af:e6:90:3c:04:c1:1b:32:c3:
                    28:ac:2b:eb:dc:10:be:03:7b:65:ac:b2:d9:77:d0:
                    18:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:04:20:4A:6B:92:C4:FE:79:FF:F9:3A:DF:0F:C1:DA:53:18:27:D9
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:13:cf:62:dc:fd:ff:77:f8:a7:b1:b9:6f:29:9d:b7:af:19:
         f9:ae:45:86:41:f6:8d:0f:ef:19:ce:7f:10:35:de:30:ad:a3:
         ad:64:80:3a:05:33:df:49:24:ca:80:f9:08:52:e2:c1:2a:01:
         14:6e:49:5e:ca:32:b0:40:df:20:5b:41:60:2e:01:7e:99:fd:
         fc:49:2d:1b:cd:fb:e7:4a:8a:31:b9:1f:fd:e3:f1:8e:1b:9d:
         4a:f3:8a:b6:a7:fe:1a:46:99:05:00:b1:7c:ff:b0:70:8a:38:
         7b:e8:f4:be:60:0f:ce:80:07:bc:b6:06:9f:b7:3e:75:82:d2:
         3d:b8:24:2e:bb:6a:f1:fe:c2:00:32:f9:a1:98:87:44:62:e7:
         c7:9d:5b:2e:28:f7:1a:ed:6d:57:43:de:7a:72:b6:ed:79:4b:
         d9:a5:ca:f2:8f:99:ca:bf:b8:52:5f:78:62:62:dd:0c:75:70:
         1a:87:be:05:5c:0e:27:61:b4:62:ce:f6:10:82:29:56:c5:83:
         cc:96:92:0e:bd:88:a9:14:2d:2a:01:27:50:2a:71:e7:75:0b:
         de:4a:17:69:ad:a9:73:84:6b:56:bb:55:d4:e1:fa:80:71:8e:
         0a:59:a7:5b:25:e3:a6:79:74:3a:b2:0f:48:8c:e1:79:c3:3d:
         27:41:92:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAVCaXewFXaGJIpgldAN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUxMTExMTMwMDU3WhcNMjUxMTEyMTMwMDU3WjAzMTEwLwYDVQQD
EygzMjA0MjA0YTZiOTJjNGZlNzlmZmY5M2FkZjBmYzFkYTUzMTgyN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOSpCNg7osjmlpFOY8DlhftVzb/p
yHvtKFWR3MDkwRQUifJKSsuJ8C1tAvou8qcGorwNMP5nQo8MMiKEq2960sOa184k
jlxxsfErGEqF8CAY5azReeEv7dDNyl9LhlbgvdukE2BTWVRapvcU0FWgbu0847UT
yLG5pP2iTs4iZbt44gEOrPytAeNkKQVRMtNjv/NiApvqCQkRSeydZQzxeudyx+8M
9mgNHHUF49ossF3vCEvGRNW3d/mp6FqDpYCz9edodwP4A89x9vlFQgXZ8MvAcL8q
6ejhv3Y2p/fXpNWtNTkUTnKv5pA8BMEbMsMorCvr3BC+A3tlrLLZd9AYUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIEIEprksT+ef/5Ot8PwdpTGCfZMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUhPPYtz9
/3f4p7G5bymdt68Z+a5FhkH2jQ/vGc5/EDXeMK2jrWSAOgUz30kkyoD5CFLiwSoB
FG5JXsoysEDfIFtBYC4Bfpn9/EktG83750qKMbkf/ePxjhudSvOKtqf+GkaZBQCx
fP+wcIo4e+j0vmAPzoAHvLYGn7c+dYLSPbgkLrtq8f7CADL5oZiHRGLnx51bLij3
Gu1tV0PeenK27XlL2aXK8o+Zyr+4Ul94YmLdDHVwGoe+BVwOJ2G0Ys72EIIpVsWD
zJaSDr2IqRQtKgEnUCpx53UL3koXaa2pc4RrVrtV1OH6gHGOClmnWyXjpnl0OrIP
SIzhecM9J0GSYQ==
-----END CERTIFICATE-----