Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.mft
File:                     g8t2BW38QWNCZu0C0GkCA6dUoXs.mft (raw, json)
Hash identifier:          Tz8sK259w+rRgxPuHImhgab73nh7rAwky+yIzsR8mG0=
Subject key identifier:   6D:2F:34:A0:DE:7B:73:C6:10:2C:25:AF:6D:A8:FA:57:88:AB:30:22
Authority key identifier: 83:CB:76:05:6D:FC:41:63:42:66:ED:02:D0:69:02:03:A7:54:A1:7B
Certificate issuer:       /CN=83cb76056dfc41634266ed02d0690203a754a17b
Certificate serial:       019A71B8060B0523CF5E0E0759E5A2B51963
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g8t2BW38QWNCZu0C0GkCA6dUoXs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.mft
Manifest number:          01D3
Signing time:             Tue 11 Nov 2025 07:01:16 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:16 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:16 +0000
Files and hashes:         1: g8t2BW38QWNCZu0C0GkCA6dUoXs.crl (hash: hOGAJZM6M2OVwlgwoKdL2NolmL99SqZSpXUlWE45xfk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/g8t2BW38QWNCZu0C0GkCA6dUoXs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:06:0b:05:23:cf:5e:0e:07:59:e5:a2:b5:19:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83cb76056dfc41634266ed02d0690203a754a17b
        Validity
            Not Before: Nov 11 07:01:16 2025 GMT
            Not After : Nov 12 07:01:16 2025 GMT
        Subject: CN=6d2f34a0de7b73c6102c25af6da8fa5788ab3022
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:bf:98:c2:3f:fc:d6:52:15:80:e5:2a:cb:cd:
                    3f:9b:a7:8b:84:61:f6:14:4c:21:4a:12:36:00:69:
                    a0:74:4a:bc:66:70:36:3c:a2:96:49:82:b0:33:f5:
                    47:ac:a1:7d:ea:62:6e:d6:47:3c:09:69:31:5f:86:
                    4a:0a:73:37:cc:18:4d:63:8e:a8:6c:0e:33:f3:93:
                    a2:e1:31:2b:88:ef:80:65:c1:41:cf:bc:f1:74:25:
                    be:a1:41:b6:0a:bc:7b:87:5e:32:cb:00:c1:98:63:
                    af:f3:bf:de:46:e5:77:ef:73:6b:f6:d0:a6:c9:04:
                    06:20:1e:40:2a:b3:23:38:b5:da:61:c4:c6:55:90:
                    36:1c:22:c8:36:fa:9f:ae:a8:92:e2:71:fc:e7:86:
                    3d:db:e8:d7:94:92:1d:d0:7e:7e:74:cc:2e:43:1f:
                    d5:a2:d6:d7:46:f8:4b:9f:99:23:87:46:0c:c4:55:
                    bf:08:f9:95:fb:bc:0d:75:a9:c8:f2:d5:9f:5f:de:
                    e1:6d:5b:9a:fc:75:09:38:bf:29:9c:a8:fe:61:67:
                    85:55:5f:b7:cb:2f:05:67:3f:70:79:2b:42:31:61:
                    8b:d5:c7:b7:ed:cf:5b:4f:d8:66:21:cb:20:0e:5d:
                    04:44:04:39:18:38:ab:f9:9d:1b:06:82:0f:5d:b6:
                    5e:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:2F:34:A0:DE:7B:73:C6:10:2C:25:AF:6D:A8:FA:57:88:AB:30:22
            X509v3 Authority Key Identifier:
                keyid:83:CB:76:05:6D:FC:41:63:42:66:ED:02:D0:69:02:03:A7:54:A1:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8t2BW38QWNCZu0C0GkCA6dUoXs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/5ebf50-dea3-4778-8923-dfef1d2b669c/1/g8t2BW38QWNCZu0C0GkCA6dUoXs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:c2:64:91:13:ec:42:b0:39:ee:b2:c5:50:2d:88:bb:99:db:
         31:32:1d:ad:68:69:97:5f:28:4d:1f:45:4b:93:7d:a1:5e:e0:
         3c:b5:2a:3a:5b:96:52:02:0b:a5:91:7a:70:ac:ca:db:35:16:
         b1:92:bc:af:0d:b7:b5:76:1a:de:b7:da:5b:72:1c:7c:a7:72:
         b3:0e:d2:db:1d:98:c4:9e:0d:7b:45:36:cc:fb:84:00:f1:64:
         ee:ab:d1:2f:71:e4:1d:d6:79:34:9b:ec:0c:be:40:8d:cf:bc:
         76:fc:a0:3d:cc:0b:e1:01:89:51:f8:56:8c:78:49:e7:ec:6d:
         b8:ab:a6:bf:dd:64:24:63:2e:29:a9:b0:75:c7:9e:dc:78:01:
         e7:29:5e:30:ef:76:18:8b:3d:1e:9f:30:cf:e3:3d:6e:8c:13:
         68:22:2b:7d:e2:89:a2:f4:0b:11:f0:4a:be:4c:a6:97:99:a8:
         ce:17:0a:62:c6:9f:f9:32:74:70:e3:67:81:39:80:73:90:1c:
         51:b2:80:ea:36:97:44:b2:eb:9a:58:8f:44:60:19:30:fe:bc:
         80:c9:90:5d:74:25:ef:18:d8:59:18:d9:19:f4:39:57:b6:a9:
         03:83:41:4d:05:4f:09:27:a5:c5:48:ec:73:bc:25:6f:4c:d0:
         82:04:fd:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAYLBSPPXg4HWeWitRljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzY2I3NjA1NmRmYzQxNjM0MjY2ZWQwMmQwNjkwMjAzYTc1
NGExN2IwHhcNMjUxMTExMDcwMTE2WhcNMjUxMTEyMDcwMTE2WjAzMTEwLwYDVQQD
Eyg2ZDJmMzRhMGRlN2I3M2M2MTAyYzI1YWY2ZGE4ZmE1Nzg4YWIzMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7+Ywj/81lIVgOUqy80/m6eLhGH2
FEwhShI2AGmgdEq8ZnA2PKKWSYKwM/VHrKF96mJu1kc8CWkxX4ZKCnM3zBhNY46o
bA4z85Oi4TEriO+AZcFBz7zxdCW+oUG2Crx7h14yywDBmGOv87/eRuV373Nr9tCm
yQQGIB5AKrMjOLXaYcTGVZA2HCLINvqfrqiS4nH854Y92+jXlJId0H5+dMwuQx/V
otbXRvhLn5kjh0YMxFW/CPmV+7wNdanI8tWfX97hbVua/HUJOL8pnKj+YWeFVV+3
yy8FZz9weStCMWGL1ce37c9bT9hmIcsgDl0ERAQ5GDir+Z0bBoIPXbZe7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0vNKDee3PGECwlr22o+leIqzAiMB8GA1UdIwQY
MBaAFIPLdgVt/EFjQmbtAtBpAgOnVKF7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzh0MkJXMzhRV05DWnUwQzBHa0NBNmRVb1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81ZWJmNTAtZGVhMy00Nzc4LTg5MjMt
ZGZlZjFkMmI2NjljLzEvZzh0MkJXMzhRV05DWnUwQzBHa0NBNmRVb1hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81ZWJmNTAtZGVhMy00Nzc4LTg5MjMtZGZlZjFkMmI2Njlj
LzEvZzh0MkJXMzhRV05DWnUwQzBHa0NBNmRVb1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbMJkkRPs
QrA57rLFUC2Iu5nbMTIdrWhpl18oTR9FS5N9oV7gPLUqOluWUgILpZF6cKzK2zUW
sZK8rw23tXYa3rfaW3IcfKdysw7S2x2YxJ4Ne0U2zPuEAPFk7qvRL3HkHdZ5NJvs
DL5Ajc+8dvygPcwL4QGJUfhWjHhJ5+xtuKumv91kJGMuKamwdcee3HgB5yleMO92
GIs9Hp8wz+M9bowTaCIrfeKJovQLEfBKvkyml5mozhcKYsaf+TJ0cONngTmAc5Ac
UbKA6jaXRLLrmliPRGAZMP68gMmQXXQl7xjYWRjZGfQ5V7apA4NBTQVPCSelxUjs
c7wlb0zQggT9gg==
-----END CERTIFICATE-----