Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
File:                     2QrRERMYMAumeOiOBQKx_FHjU3k.mft (raw, json)
Hash identifier:          jdIvylgrqYJpax/Aktils9JKz9FVHs42Ud0bymyVYk8=
Subject key identifier:   0C:BE:30:64:06:75:28:36:B0:12:FF:55:35:4A:92:CB:BF:B9:02:58
Authority key identifier: D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79
Certificate issuer:       /CN=d90ad1111318300ba678e88e0502b1fc51e35379
Certificate serial:       019923D638CD24371878D50A4DB9ABA0E5C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
Manifest number:          027C
Signing time:             Sun 07 Sep 2025 11:01:05 +0000
Manifest this update:     Sun 07 Sep 2025 11:01:05 +0000
Manifest next update:     Mon 08 Sep 2025 11:01:05 +0000
Files and hashes:         1: 2QrRERMYMAumeOiOBQKx_FHjU3k.crl (hash: nl+TpoB+mSe/fbkCVrDyyfV8GbRsUfV6xMKfiD8dsSc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:d6:38:cd:24:37:18:78:d5:0a:4d:b9:ab:a0:e5:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d90ad1111318300ba678e88e0502b1fc51e35379
        Validity
            Not Before: Sep  7 11:01:05 2025 GMT
            Not After : Sep  8 11:01:05 2025 GMT
        Subject: CN=0cbe306406752836b012ff55354a92cbbfb90258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b9:7b:bb:c2:0a:ac:5f:04:4f:6e:43:53:95:
                    f9:16:66:3d:db:86:34:d7:81:c6:06:34:52:5b:57:
                    fd:56:ac:9f:22:dc:a7:88:d7:23:93:6b:59:b4:bb:
                    a3:ca:34:9e:8b:5e:47:02:2b:f9:ee:04:33:6a:32:
                    55:c1:c1:22:6c:33:0e:88:d1:7a:9d:52:8e:41:71:
                    a4:cc:86:0d:04:e1:fe:48:12:44:94:e4:44:a0:cc:
                    1c:48:40:d8:da:d5:f8:90:bc:94:3e:23:e6:82:ad:
                    7a:22:0f:97:a9:65:da:f8:7a:0f:1d:0a:0d:4e:4e:
                    b5:26:94:bd:60:45:50:37:52:08:74:20:77:5c:88:
                    ec:61:4f:f5:64:d7:61:b5:e9:1d:7e:52:11:00:9d:
                    db:4b:72:fe:6a:84:49:a0:6c:31:f5:74:56:bd:25:
                    33:87:65:ac:f3:31:27:20:f4:40:b1:bf:d4:4c:ca:
                    6b:48:4c:8b:ea:70:67:28:70:33:e4:91:6d:87:1e:
                    81:67:01:f7:15:d1:48:d9:6a:68:ae:a2:f3:b9:8a:
                    83:8a:02:18:97:13:c8:f4:08:c8:83:51:80:91:38:
                    5b:55:2e:2e:61:24:73:8d:f7:43:fa:f6:43:d3:a1:
                    c7:eb:ec:c1:dc:3a:8f:cf:e0:57:36:fa:28:30:1c:
                    68:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:BE:30:64:06:75:28:36:B0:12:FF:55:35:4A:92:CB:BF:B9:02:58
            X509v3 Authority Key Identifier:
                keyid:D9:0A:D1:11:13:18:30:0B:A6:78:E8:8E:05:02:B1:FC:51:E3:53:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QrRERMYMAumeOiOBQKx_FHjU3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/758a0f-3c4c-4310-9a72-5a27b8af28a5/1/2QrRERMYMAumeOiOBQKx_FHjU3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:83:f2:de:2d:4c:a1:f5:e4:48:c7:62:a5:dc:a5:e1:f4:06:
         51:d5:a9:69:e0:fb:9f:ab:f6:70:bb:d0:d4:21:77:d7:cf:38:
         e8:5e:aa:15:63:6c:55:0d:74:b0:e1:f6:03:ae:6b:5b:49:1c:
         76:d7:0c:0b:27:43:09:56:e5:91:ae:3d:67:5b:fa:9d:cc:99:
         78:bf:01:d7:96:e4:47:a7:0d:c6:49:59:e6:df:c0:09:a1:de:
         29:62:84:81:53:79:c5:aa:93:cc:bf:71:f7:9f:b1:67:85:80:
         cb:51:ee:01:19:db:9d:96:72:ab:67:70:41:0b:59:eb:0c:da:
         0e:a8:b6:9e:f8:c2:45:bf:d6:9f:75:b6:ee:49:69:52:95:26:
         a5:8b:e9:18:e5:c2:57:76:5e:b7:00:fb:9f:05:cd:38:2c:ed:
         97:0e:67:c6:d2:90:04:bb:8f:54:40:68:f8:67:58:eb:ca:c6:
         ff:bd:49:71:f0:00:d3:45:24:a6:55:eb:4b:36:6f:b9:c7:1d:
         45:4c:5d:1c:82:a8:f7:ba:6f:ac:f7:80:d5:7a:a3:b7:fc:7b:
         02:0a:f4:a5:7e:23:1e:cf:91:e1:95:a2:f5:36:f4:d7:d2:2c:
         dc:4e:52:09:9d:6b:6a:e6:ac:1d:1b:14:b8:db:bd:0c:fd:5a:
         0c:c4:a3:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkj1jjNJDcYeNUKTbmroOXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGFkMTExMTMxODMwMGJhNjc4ZTg4ZTA1MDJiMWZjNTFl
MzUzNzkwHhcNMjUwOTA3MTEwMTA1WhcNMjUwOTA4MTEwMTA1WjAzMTEwLwYDVQQD
EygwY2JlMzA2NDA2NzUyODM2YjAxMmZmNTUzNTRhOTJjYmJmYjkwMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbl7u8IKrF8ET25DU5X5FmY924Y0
14HGBjRSW1f9VqyfItyniNcjk2tZtLujyjSei15HAiv57gQzajJVwcEibDMOiNF6
nVKOQXGkzIYNBOH+SBJElOREoMwcSEDY2tX4kLyUPiPmgq16Ig+XqWXa+HoPHQoN
Tk61JpS9YEVQN1IIdCB3XIjsYU/1ZNdhtekdflIRAJ3bS3L+aoRJoGwx9XRWvSUz
h2Ws8zEnIPRAsb/UTMprSEyL6nBnKHAz5JFthx6BZwH3FdFI2WporqLzuYqDigIY
lxPI9AjIg1GAkThbVS4uYSRzjfdD+vZD06HH6+zB3DqPz+BXNvooMBxoLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAy+MGQGdSg2sBL/VTVKksu/uQJYMB8GA1UdIwQY
MBaAFNkK0RETGDALpnjojgUCsfxR41N5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzIt
NWEyN2I4YWYyOGE1LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NThhMGYtM2M0Yy00MzEwLTlhNzItNWEyN2I4YWYyOGE1
LzEvMlFyUkVSTVlNQXVtZU9pT0JRS3hfRkhqVTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnIPy3i1M
ofXkSMdipdyl4fQGUdWpaeD7n6v2cLvQ1CF318846F6qFWNsVQ10sOH2A65rW0kc
dtcMCydDCVblka49Z1v6ncyZeL8B15bkR6cNxklZ5t/ACaHeKWKEgVN5xaqTzL9x
95+xZ4WAy1HuARnbnZZyq2dwQQtZ6wzaDqi2nvjCRb/Wn3W27klpUpUmpYvpGOXC
V3ZetwD7nwXNOCztlw5nxtKQBLuPVEBo+GdY68rG/71JcfAA00UkplXrSzZvuccd
RUxdHIKo97pvrPeA1Xqjt/x7Agr0pX4jHs+R4ZWi9Tb019Is3E5SCZ1rauasHRsU
uNu9DP1aDMSjTA==
-----END CERTIFICATE-----