Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
File:                     2xjQrivPZ9QUonXLOE8tOWCoN70.mft (raw, json)
Hash identifier:          ZWRJ04aUh46fEGCE7S+MchbKyp4yNeADsA+L/WpEhXA=
Subject key identifier:   0E:B7:8C:13:4D:99:63:13:D1:3E:16:82:30:81:5A:7A:53:3B:6A:21
Authority key identifier: DB:18:D0:AE:2B:CF:67:D4:14:A2:75:CB:38:4F:2D:39:60:A8:37:BD
Certificate issuer:       /CN=db18d0ae2bcf67d414a275cb384f2d3960a837bd
Certificate serial:       0199221E642FC8338A1223EC216F55AB690C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
Manifest number:          0DE9
Signing time:             Sun 07 Sep 2025 03:00:41 +0000
Manifest this update:     Sun 07 Sep 2025 03:00:41 +0000
Manifest next update:     Mon 08 Sep 2025 03:00:41 +0000
Files and hashes:         1: 2xjQrivPZ9QUonXLOE8tOWCoN70.crl (hash: 6GQTyFyKQLzSUF/z7BkjRaJsPil+N8G9ZH18SFkCzMc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 03:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:1e:64:2f:c8:33:8a:12:23:ec:21:6f:55:ab:69:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db18d0ae2bcf67d414a275cb384f2d3960a837bd
        Validity
            Not Before: Sep  7 03:00:41 2025 GMT
            Not After : Sep  8 03:00:41 2025 GMT
        Subject: CN=0eb78c134d996313d13e168230815a7a533b6a21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:a0:7e:47:5a:fd:ad:61:87:c5:07:dd:e3:dd:
                    f3:6b:86:34:cf:e8:04:81:c6:e8:c2:5a:2e:7d:db:
                    c5:f7:8b:d5:77:95:03:d3:41:37:b3:ee:00:14:28:
                    ec:c5:2d:2a:40:75:71:73:09:4c:ab:da:4d:6b:13:
                    cb:b7:2a:5d:77:7d:6f:10:f2:bf:0e:77:b0:c0:39:
                    1a:d2:81:3a:89:34:65:18:a9:13:6b:80:9e:ab:aa:
                    72:16:79:48:f9:97:f5:f4:8d:7d:f8:6e:99:a5:18:
                    b0:e1:11:f2:92:84:80:71:d2:ea:b8:27:1f:b7:f4:
                    d5:7f:c7:9f:61:6d:e3:03:2d:71:1c:ec:0c:0c:5e:
                    15:fd:40:37:a5:d3:0e:98:26:f1:34:7b:af:0d:6b:
                    28:1e:ec:07:46:00:26:b7:e3:28:ea:cc:57:25:ce:
                    b9:5c:5d:20:8b:6e:cf:47:21:09:6a:1b:52:ac:40:
                    00:9f:62:b6:bb:0d:29:79:ad:f7:87:09:55:5a:50:
                    21:49:00:8f:da:64:c1:c9:9f:02:10:09:31:f7:65:
                    e5:5b:f0:f3:41:f5:df:af:30:ab:f6:00:c9:ec:8c:
                    ea:ef:a3:42:a6:5b:14:3f:90:36:91:9d:49:64:c6:
                    a1:ab:b9:86:d4:e9:7f:76:e7:f1:48:23:20:ff:13:
                    b8:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:B7:8C:13:4D:99:63:13:D1:3E:16:82:30:81:5A:7A:53:3B:6A:21
            X509v3 Authority Key Identifier:
                keyid:DB:18:D0:AE:2B:CF:67:D4:14:A2:75:CB:38:4F:2D:39:60:A8:37:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xjQrivPZ9QUonXLOE8tOWCoN70.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/cef896-f968-4c2f-80c4-0acebaa67b79/1/2xjQrivPZ9QUonXLOE8tOWCoN70.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:6b:55:52:be:64:66:45:64:5e:11:9c:48:bf:2c:4d:b0:a8:
         a5:37:6f:42:26:d5:87:ce:94:ce:21:de:67:7b:c2:c9:32:54:
         a4:fd:49:9b:02:3b:11:7e:46:fd:b6:b9:72:36:f5:0c:48:5d:
         49:90:20:3d:97:86:71:59:59:32:28:25:54:d8:4c:f2:ff:3d:
         36:b4:4a:b3:ff:c1:46:bc:ff:0d:57:29:10:17:ea:59:c1:81:
         e8:83:f3:d9:3d:3b:24:0f:c8:71:42:2a:fa:5a:2e:9b:5d:49:
         b2:dd:a7:a1:61:58:4b:e4:ff:ee:bd:88:72:68:7b:b8:48:1e:
         1d:4b:8a:20:d9:79:77:a5:7d:22:7c:09:a6:e2:1c:82:ba:95:
         cf:13:f0:4a:7f:e9:36:6c:a5:fe:8b:6e:c0:a1:be:b5:6b:ee:
         6a:95:3d:f9:44:b9:d0:62:ba:80:89:5c:0e:98:22:fd:93:5d:
         a2:be:9d:a5:8c:5f:f0:bc:4e:18:59:eb:b0:ab:02:27:56:cb:
         bb:df:76:b5:0a:42:d5:7c:56:52:62:01:f4:e8:95:53:46:2a:
         5c:ce:64:2c:d9:08:be:c3:41:c3:0d:80:78:97:d3:ea:3a:9e:
         9c:dc:70:1f:42:b6:62:dd:91:b8:82:1d:4b:0d:8e:9d:a7:ee:
         30:9c:02:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHmQvyDOKEiPsIW9Vq2kMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMThkMGFlMmJjZjY3ZDQxNGEyNzVjYjM4NGYyZDM5NjBh
ODM3YmQwHhcNMjUwOTA3MDMwMDQxWhcNMjUwOTA4MDMwMDQxWjAzMTEwLwYDVQQD
EygwZWI3OGMxMzRkOTk2MzEzZDEzZTE2ODIzMDgxNWE3YTUzM2I2YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqB+R1r9rWGHxQfd493za4Y0z+gE
gcbowloufdvF94vVd5UD00E3s+4AFCjsxS0qQHVxcwlMq9pNaxPLtypdd31vEPK/
DnewwDka0oE6iTRlGKkTa4Ceq6pyFnlI+Zf19I19+G6ZpRiw4RHykoSAcdLquCcf
t/TVf8efYW3jAy1xHOwMDF4V/UA3pdMOmCbxNHuvDWsoHuwHRgAmt+Mo6sxXJc65
XF0gi27PRyEJahtSrEAAn2K2uw0pea33hwlVWlAhSQCP2mTByZ8CEAkx92XlW/Dz
QfXfrzCr9gDJ7Izq76NCplsUP5A2kZ1JZMahq7mG1Ol/dufxSCMg/xO4TwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA63jBNNmWMT0T4WgjCBWnpTO2ohMB8GA1UdIwQY
MBaAFNsY0K4rz2fUFKJ1yzhPLTlgqDe9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9jZWY4OTYtZjk2OC00YzJmLTgwYzQt
MGFjZWJhYTY3Yjc5LzEvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9jZWY4OTYtZjk2OC00YzJmLTgwYzQtMGFjZWJhYTY3Yjc5
LzEvMnhqUXJpdlBaOVFVb25YTE9FOHRPV0NvTjcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdmtVUr5k
ZkVkXhGcSL8sTbCopTdvQibVh86UziHeZ3vCyTJUpP1JmwI7EX5G/ba5cjb1DEhd
SZAgPZeGcVlZMiglVNhM8v89NrRKs//BRrz/DVcpEBfqWcGB6IPz2T07JA/IcUIq
+loum11Jst2noWFYS+T/7r2Icmh7uEgeHUuKINl5d6V9InwJpuIcgrqVzxPwSn/p
Nmyl/otuwKG+tWvuapU9+US50GK6gIlcDpgi/ZNdor6dpYxf8LxOGFnrsKsCJ1bL
u992tQpC1XxWUmIB9OiVU0YqXM5kLNkIvsNBww2AeJfT6jqenNxwH0K2Yt2RuIId
Sw2OnafuMJwCMQ==
-----END CERTIFICATE-----