Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
File:                     2qM7UIN5nEnPntwAhit8nCGMZhM.mft (raw, json)
Hash identifier:          8INoreH77XBMSv0lGnXIGxBbvK2ZyFhcyFoDqUG5zmo=
Subject key identifier:   C1:12:66:BD:8D:C7:1F:EA:02:04:E3:0F:7B:F1:29:5C:DB:72:0E:9D
Authority key identifier: DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13
Certificate issuer:       /CN=daa33b5083799c49cf9edc00862b7c9c218c6613
Certificate serial:       019923318AFC748BF2417C79CE73C3C0CC86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
Manifest number:          03F9
Signing time:             Sun 07 Sep 2025 08:01:13 +0000
Manifest this update:     Sun 07 Sep 2025 08:01:13 +0000
Manifest next update:     Mon 08 Sep 2025 08:01:13 +0000
Files and hashes:         1: 2qM7UIN5nEnPntwAhit8nCGMZhM.crl (hash: xVsCsseTFhkE2GCsZlBvH3R03+s+ur6IAjdaTSkuhzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:31:8a:fc:74:8b:f2:41:7c:79:ce:73:c3:c0:cc:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=daa33b5083799c49cf9edc00862b7c9c218c6613
        Validity
            Not Before: Sep  7 08:01:13 2025 GMT
            Not After : Sep  8 08:01:13 2025 GMT
        Subject: CN=c11266bd8dc71fea0204e30f7bf1295cdb720e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:dd:ab:12:9b:72:2f:93:61:ba:22:02:5f:c1:
                    dc:6e:be:bf:d6:c6:31:11:51:9d:8e:a5:06:18:12:
                    21:32:fc:57:00:e7:2e:c0:de:26:65:85:69:2b:67:
                    81:26:08:9f:0f:71:59:9f:ee:e0:c6:e1:fd:5d:d1:
                    93:ed:b9:fa:5f:bc:f4:92:76:90:21:c6:21:d3:d5:
                    c8:25:11:50:a0:86:c4:01:2a:b4:84:43:77:ac:d3:
                    b3:ee:46:25:c3:5e:96:a1:f6:f9:31:dd:a4:42:70:
                    d4:39:c1:6b:aa:c4:b7:00:b4:17:83:af:ae:18:33:
                    a0:7f:05:5a:c1:8c:70:05:79:dd:f4:68:51:ef:4b:
                    42:63:6d:fd:2a:62:0b:a6:26:c8:21:09:cd:0b:c0:
                    72:8f:16:f2:92:e5:fe:cf:9a:21:94:ad:10:53:98:
                    45:a2:ee:ba:c6:5d:76:8b:5e:e1:f7:93:28:af:f3:
                    63:15:c5:04:ed:07:6c:8d:b1:66:d6:9b:ac:ed:ce:
                    8d:f3:12:36:af:1d:db:7e:06:66:a6:be:5e:18:bd:
                    c9:1d:5d:08:9e:c0:c2:b4:7c:a6:07:c1:1b:64:8c:
                    4c:bc:e6:14:31:96:bd:16:cd:ca:9e:19:1d:56:c5:
                    04:66:ff:26:86:7c:f3:38:0d:30:16:9b:2e:cb:c8:
                    ec:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:12:66:BD:8D:C7:1F:EA:02:04:E3:0F:7B:F1:29:5C:DB:72:0E:9D
            X509v3 Authority Key Identifier:
                keyid:DA:A3:3B:50:83:79:9C:49:CF:9E:DC:00:86:2B:7C:9C:21:8C:66:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qM7UIN5nEnPntwAhit8nCGMZhM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cf318e-8951-4e1e-bbe3-16f43dba2abc/1/2qM7UIN5nEnPntwAhit8nCGMZhM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:4c:ff:51:89:aa:0c:69:69:68:6b:52:d4:08:cc:0d:02:90:
         a8:ae:42:29:1c:ce:2d:30:b2:d8:ac:76:37:2b:7f:ee:0e:02:
         a9:e9:51:76:b1:b8:68:75:a0:af:d4:99:81:65:5b:6b:52:11:
         93:c8:67:a3:f8:fd:9d:b6:5d:94:93:eb:89:59:93:b9:97:c0:
         a8:7e:99:5f:a4:e0:0c:28:5b:7c:26:27:80:01:c3:3d:bb:58:
         e4:5d:18:64:d8:1d:74:9b:3e:ab:ba:17:e5:d7:62:25:db:4f:
         ad:5a:90:8c:26:a1:14:53:b2:fa:33:d6:b3:e8:a6:55:f4:d7:
         10:70:4e:e1:0b:67:86:69:6a:ed:8e:79:06:36:ae:77:92:af:
         02:d7:ed:fc:3c:e7:ef:51:af:20:9f:46:3b:ce:00:5f:b1:ce:
         d4:9e:ff:4e:22:f2:24:f6:f7:c3:8c:cb:77:13:26:3f:89:65:
         d9:d5:b9:64:d6:63:8e:28:5b:51:d5:26:15:1d:3c:1e:0d:34:
         d7:85:bb:82:b9:3b:e9:6d:4c:af:87:d4:bf:ea:98:9e:0d:13:
         f6:c3:b9:8a:98:32:71:e3:ed:45:9b:33:83:06:12:c7:79:e2:
         f2:0c:34:c8:28:01:59:ef:ee:0b:9a:2e:ac:93:13:43:74:ee:
         d6:2b:3f:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMYr8dIvyQXx5znPDwMyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTMzYjUwODM3OTljNDljZjllZGMwMDg2MmI3YzljMjE4
YzY2MTMwHhcNMjUwOTA3MDgwMTEzWhcNMjUwOTA4MDgwMTEzWjAzMTEwLwYDVQQD
EyhjMTEyNjZiZDhkYzcxZmVhMDIwNGUzMGY3YmYxMjk1Y2RiNzIwZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt2rEptyL5NhuiICX8Hcbr6/1sYx
EVGdjqUGGBIhMvxXAOcuwN4mZYVpK2eBJgifD3FZn+7gxuH9XdGT7bn6X7z0knaQ
IcYh09XIJRFQoIbEASq0hEN3rNOz7kYlw16Wofb5Md2kQnDUOcFrqsS3ALQXg6+u
GDOgfwVawYxwBXnd9GhR70tCY239KmILpibIIQnNC8ByjxbykuX+z5ohlK0QU5hF
ou66xl12i17h95Mor/NjFcUE7QdsjbFm1pus7c6N8xI2rx3bfgZmpr5eGL3JHV0I
nsDCtHymB8EbZIxMvOYUMZa9Fs3KnhkdVsUEZv8mhnzzOA0wFpsuy8jsEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMESZr2Nxx/qAgTjD3vxKVzbcg6dMB8GA1UdIwQY
MBaAFNqjO1CDeZxJz57cAIYrfJwhjGYTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMt
MTZmNDNkYmEyYWJjLzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZjMxOGUtODk1MS00ZTFlLWJiZTMtMTZmNDNkYmEyYWJj
LzEvMnFNN1VJTjVuRW5QbnR3QWhpdDhuQ0dNWmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEz/UYmq
DGlpaGtS1AjMDQKQqK5CKRzOLTCy2Kx2Nyt/7g4CqelRdrG4aHWgr9SZgWVba1IR
k8hno/j9nbZdlJPriVmTuZfAqH6ZX6TgDChbfCYngAHDPbtY5F0YZNgddJs+q7oX
5ddiJdtPrVqQjCahFFOy+jPWs+imVfTXEHBO4Qtnhmlq7Y55Bjaud5KvAtft/Dzn
71GvIJ9GO84AX7HO1J7/TiLyJPb3w4zLdxMmP4ll2dW5ZNZjjihbUdUmFR08Hg00
14W7grk76W1Mr4fUv+qYng0T9sO5ipgycePtRZszgwYSx3ni8gw0yCgBWe/uC5ou
rJMTQ3Tu1is/xA==
-----END CERTIFICATE-----