Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
File:                     K2s1AF0wIoBENtctw8nIZc-qoAM.mft (raw, json)
Hash identifier:          GN87V5nVaIFY4Aka21Iwz/BtT28n4FkRCJUnkNbahBk=
Subject key identifier:   2B:D2:25:E3:4E:F9:3D:F6:29:5E:25:D7:68:46:AA:16:EE:32:5F:62
Authority key identifier: 2B:6B:35:00:5D:30:22:80:44:36:D7:2D:C3:C9:C8:65:CF:AA:A0:03
Certificate issuer:       /CN=2b6b35005d3022804436d72dc3c9c865cfaaa003
Certificate serial:       019A72263740F787BCA39B839A52BD2E6290
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
Manifest number:          0C4A
Signing time:             Tue 11 Nov 2025 09:01:38 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:38 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:38 +0000
Files and hashes:         1: K2s1AF0wIoBENtctw8nIZc-qoAM.crl (hash: lATCIecAKUrRg40j2rPcBM9pR/kyW/BQeu7608za7nw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:37:40:f7:87:bc:a3:9b:83:9a:52:bd:2e:62:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b6b35005d3022804436d72dc3c9c865cfaaa003
        Validity
            Not Before: Nov 11 09:01:38 2025 GMT
            Not After : Nov 12 09:01:38 2025 GMT
        Subject: CN=2bd225e34ef93df6295e25d76846aa16ee325f62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:16:a0:f1:07:21:5d:06:2e:f8:4b:4d:d0:96:
                    a8:05:ff:27:1d:7c:4f:8e:c1:18:be:86:c2:85:07:
                    9e:66:11:13:7f:27:ee:6f:29:8b:25:25:c6:a3:c3:
                    72:c5:5d:01:c7:8e:5e:87:7e:0c:46:c2:ee:a0:66:
                    cf:f3:2e:0b:0b:08:f9:2b:c2:7b:41:ef:75:b2:b8:
                    49:9d:74:4a:c7:be:c1:31:f8:c3:a8:03:bc:45:ff:
                    db:0a:90:27:6f:2b:01:61:8a:9d:73:fa:62:f4:99:
                    38:ae:53:34:b3:64:10:bc:2c:0d:2e:5a:aa:36:b9:
                    17:b7:c4:77:6e:0c:07:71:51:69:9d:da:dc:c9:8e:
                    b4:2f:6f:4b:f2:a8:e4:04:7e:0d:ab:22:a9:1b:48:
                    63:a8:a0:48:cc:2a:70:2f:c8:0b:47:45:ee:c7:37:
                    fe:e4:b6:17:5c:42:ef:66:8a:87:42:94:32:8a:7f:
                    5d:bf:71:47:f2:9a:4a:40:8c:01:46:c0:78:0b:5d:
                    84:06:c4:68:ce:c3:4d:a9:6f:21:44:e0:78:f5:f3:
                    3c:93:d2:a9:35:47:7f:bd:ae:84:ca:da:ce:33:81:
                    c0:72:39:f1:ae:db:b7:e6:7a:ee:7e:44:71:db:81:
                    68:a6:40:a6:58:6e:ed:19:5d:8b:30:d9:71:4f:a6:
                    1c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:D2:25:E3:4E:F9:3D:F6:29:5E:25:D7:68:46:AA:16:EE:32:5F:62
            X509v3 Authority Key Identifier:
                keyid:2B:6B:35:00:5D:30:22:80:44:36:D7:2D:C3:C9:C8:65:CF:AA:A0:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K2s1AF0wIoBENtctw8nIZc-qoAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f4c354-80fb-4c39-a0f8-f18fbf596eba/1/K2s1AF0wIoBENtctw8nIZc-qoAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:a6:69:c0:3a:55:61:15:a2:e3:c4:81:51:dd:b2:35:bd:3c:
         d3:b8:98:6d:59:1e:12:59:69:16:8a:65:aa:82:eb:94:3c:c5:
         74:71:85:59:e4:2f:15:26:a3:97:53:4e:ef:40:2a:6e:40:06:
         ea:e8:06:ba:35:10:52:c8:89:db:6f:d6:6d:49:be:7a:b1:f0:
         09:76:14:75:b3:88:32:fa:11:66:1a:c4:b3:35:eb:a9:5f:be:
         b2:9a:6e:05:70:97:1d:a0:03:a3:56:6e:e4:48:75:e6:f3:a1:
         9e:9f:83:52:67:2e:08:c0:d2:ca:d1:d3:39:44:be:b0:a1:85:
         b0:88:bb:ab:8b:0a:4b:3a:d2:ed:ea:ea:de:f2:55:d6:2d:25:
         02:3d:8a:9b:ef:ac:6d:f1:8b:0f:aa:e2:70:4a:d4:cf:53:49:
         95:ee:f3:05:07:c0:d3:78:87:38:91:08:a2:1b:c3:1d:e9:9e:
         b1:51:ec:30:19:80:fa:6a:e9:c7:78:ec:ab:4f:36:a3:7e:06:
         90:a1:a6:96:88:f1:15:fb:a6:54:95:78:84:63:7b:16:a1:28:
         49:cc:45:d8:3a:1f:b2:6b:71:ab:17:f6:73:0b:fc:24:65:69:
         60:59:8c:17:37:27:2c:8a:0f:bf:47:9f:db:29:7a:54:fb:ba:
         da:7e:e5:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJjdA94e8o5uDmlK9LmKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmIzNTAwNWQzMDIyODA0NDM2ZDcyZGMzYzljODY1Y2Zh
YWEwMDMwHhcNMjUxMTExMDkwMTM4WhcNMjUxMTEyMDkwMTM4WjAzMTEwLwYDVQQD
EygyYmQyMjVlMzRlZjkzZGY2Mjk1ZTI1ZDc2ODQ2YWExNmVlMzI1ZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhag8QchXQYu+EtN0JaoBf8nHXxP
jsEYvobChQeeZhETfyfubymLJSXGo8NyxV0Bx45eh34MRsLuoGbP8y4LCwj5K8J7
Qe91srhJnXRKx77BMfjDqAO8Rf/bCpAnbysBYYqdc/pi9Jk4rlM0s2QQvCwNLlqq
NrkXt8R3bgwHcVFpndrcyY60L29L8qjkBH4NqyKpG0hjqKBIzCpwL8gLR0Xuxzf+
5LYXXELvZoqHQpQyin9dv3FH8ppKQIwBRsB4C12EBsRozsNNqW8hROB49fM8k9Kp
NUd/va6EytrOM4HAcjnxrtu35nrufkRx24FopkCmWG7tGV2LMNlxT6YcvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvSJeNO+T32KV4l12hGqhbuMl9iMB8GA1UdIwQY
MBaAFCtrNQBdMCKARDbXLcPJyGXPqqADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNGMzNTQtODBmYi00YzM5LWEwZjgt
ZjE4ZmJmNTk2ZWJhLzEvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNGMzNTQtODBmYi00YzM5LWEwZjgtZjE4ZmJmNTk2ZWJh
LzEvSzJzMUFGMHdJb0JFTnRjdHc4bklaYy1xb0FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZqZpwDpV
YRWi48SBUd2yNb0807iYbVkeEllpFoplqoLrlDzFdHGFWeQvFSajl1NO70AqbkAG
6ugGujUQUsiJ22/WbUm+erHwCXYUdbOIMvoRZhrEszXrqV++sppuBXCXHaADo1Zu
5Eh15vOhnp+DUmcuCMDSytHTOUS+sKGFsIi7q4sKSzrS7erq3vJV1i0lAj2Km++s
bfGLD6ricErUz1NJle7zBQfA03iHOJEIohvDHemesVHsMBmA+mrpx3jsq082o34G
kKGmlojxFfumVJV4hGN7FqEoScxF2Dofsmtxqxf2cwv8JGVpYFmMFzcnLIoPv0ef
2yl6VPu62n7lmQ==
-----END CERTIFICATE-----