Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e8a2f6-6c0f-4276-849e-0c52556e9865/1/bSsrfHiimiI-pZxnydqj3H7bHnQ.mft
File:                     bSsrfHiimiI-pZxnydqj3H7bHnQ.mft (raw, json)
Hash identifier:          JR3xHZ+ulIUfnZJKWYduS6CiTnGv6vqUyUjqfyNIyb4=
Subject key identifier:   EF:74:DE:CC:87:3B:BA:BF:5D:51:C9:81:AE:17:77:F6:BB:2D:E9:2A
Authority key identifier: 6D:2B:2B:7C:78:A2:9A:22:3E:A5:9C:67:C9:DA:A3:DC:7E:DB:1E:74
Certificate issuer:       /CN=6d2b2b7c78a29a223ea59c67c9daa3dc7edb1e74
Certificate serial:       019A725CB9E4CD43024737F5F3D743734468
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bSsrfHiimiI-pZxnydqj3H7bHnQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e8a2f6-6c0f-4276-849e-0c52556e9865/1/bSsrfHiimiI-pZxnydqj3H7bHnQ.mft
Manifest number:          02E9
Signing time:             Tue 11 Nov 2025 10:01:10 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:10 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:10 +0000
Files and hashes:         1: bSsrfHiimiI-pZxnydqj3H7bHnQ.crl (hash: 2F1i5JO6y36bVPGqH159hHEP19b6k7Z9fBZf6fqF+2A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e8a2f6-6c0f-4276-849e-0c52556e9865/1/bSsrfHiimiI-pZxnydqj3H7bHnQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e8a2f6-6c0f-4276-849e-0c52556e9865/1/bSsrfHiimiI-pZxnydqj3H7bHnQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bSsrfHiimiI-pZxnydqj3H7bHnQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:b9:e4:cd:43:02:47:37:f5:f3:d7:43:73:44:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d2b2b7c78a29a223ea59c67c9daa3dc7edb1e74
        Validity
            Not Before: Nov 11 10:01:10 2025 GMT
            Not After : Nov 12 10:01:10 2025 GMT
        Subject: CN=ef74decc873bbabf5d51c981ae1777f6bb2de92a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:00:93:79:a2:58:2c:8c:10:6c:05:64:e2:e1:
                    09:22:29:26:67:b4:30:21:c4:15:d5:d3:3c:b4:ad:
                    ff:37:f7:6b:36:12:b3:6c:c6:72:e4:7e:92:20:dd:
                    e9:45:73:d2:75:da:b6:27:c0:8e:4a:14:b9:a9:e6:
                    47:a6:5a:3d:e7:1f:97:30:d8:1c:54:74:f0:47:5d:
                    70:20:02:0a:49:b4:2d:c2:25:40:35:1e:d4:a5:1a:
                    cb:cc:c2:4b:20:df:2d:d1:50:00:b1:ca:f3:b2:5c:
                    2e:98:f5:4c:ee:c9:81:29:71:8a:3d:0f:90:5f:00:
                    ff:de:e1:8d:b0:f3:34:86:b8:74:67:01:ec:81:d5:
                    7c:c7:ce:4c:d3:e9:b2:52:4f:e7:65:fa:da:8e:36:
                    06:39:86:34:03:80:2c:17:96:39:54:18:37:f8:87:
                    ec:bb:ea:b3:ce:0c:83:6b:98:ca:4d:8f:8a:cf:81:
                    32:b9:bb:7d:23:47:20:a1:3a:01:7f:3a:07:db:e5:
                    c5:30:ba:bc:28:2c:31:e0:de:75:2e:8b:be:44:a4:
                    ee:db:8b:c3:f1:47:eb:d2:cc:74:31:6f:6b:ff:f7:
                    e5:3c:9d:35:fc:3e:c0:87:29:54:eb:ba:b5:11:7e:
                    ca:e2:cf:a1:c3:9b:80:e0:cd:ac:e6:5b:29:a1:54:
                    cd:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:74:DE:CC:87:3B:BA:BF:5D:51:C9:81:AE:17:77:F6:BB:2D:E9:2A
            X509v3 Authority Key Identifier:
                keyid:6D:2B:2B:7C:78:A2:9A:22:3E:A5:9C:67:C9:DA:A3:DC:7E:DB:1E:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSsrfHiimiI-pZxnydqj3H7bHnQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e8a2f6-6c0f-4276-849e-0c52556e9865/1/bSsrfHiimiI-pZxnydqj3H7bHnQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e8a2f6-6c0f-4276-849e-0c52556e9865/1/bSsrfHiimiI-pZxnydqj3H7bHnQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:05:6e:29:d0:b2:bf:2a:44:c1:ba:dd:58:b5:90:8e:70:af:
         29:41:60:1b:8d:f5:57:f5:1f:52:16:53:df:54:02:85:1f:59:
         83:a1:99:38:4a:8d:80:a8:68:cb:3c:4f:6a:e9:3d:14:89:25:
         2e:59:f5:fe:f4:4a:6c:b0:e1:2c:65:79:13:3a:0e:8c:5a:fe:
         52:a4:1e:47:1c:0d:fb:7b:23:4a:5d:63:dd:cf:da:9c:5e:1c:
         4c:9b:c7:84:a0:33:bc:fc:9c:5a:7f:e8:42:f4:25:f8:3e:f9:
         28:99:6e:3d:fa:b7:2b:b2:27:3b:74:83:74:98:cd:09:23:a3:
         a4:fa:7a:55:64:67:91:c1:4d:a6:dc:a2:07:73:e0:9f:7f:8e:
         9e:db:39:8f:72:13:bd:82:98:c5:1d:4c:bd:d7:3c:74:2c:bf:
         52:5f:85:03:8f:52:7a:f1:fa:2f:6b:69:85:13:ac:ef:50:2c:
         ea:4b:4d:3c:f2:57:b4:64:c7:39:dc:e5:58:e6:41:60:90:c2:
         24:b8:14:44:e5:08:fd:74:e0:42:f2:7c:81:19:41:01:fc:f7:
         30:2a:14:41:b0:84:80:fb:bf:9a:d8:74:59:27:20:f2:cb:ab:
         c3:6d:2a:f7:30:e6:af:0c:fc:55:31:8d:e6:9d:98:8e:a8:57:
         da:ee:b0:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXLnkzUMCRzf189dDc0RoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMmIyYjdjNzhhMjlhMjIzZWE1OWM2N2M5ZGFhM2RjN2Vk
YjFlNzQwHhcNMjUxMTExMTAwMTEwWhcNMjUxMTEyMTAwMTEwWjAzMTEwLwYDVQQD
EyhlZjc0ZGVjYzg3M2JiYWJmNWQ1MWM5ODFhZTE3NzdmNmJiMmRlOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyACTeaJYLIwQbAVk4uEJIikmZ7Qw
IcQV1dM8tK3/N/drNhKzbMZy5H6SIN3pRXPSddq2J8COShS5qeZHplo95x+XMNgc
VHTwR11wIAIKSbQtwiVANR7UpRrLzMJLIN8t0VAAscrzslwumPVM7smBKXGKPQ+Q
XwD/3uGNsPM0hrh0ZwHsgdV8x85M0+myUk/nZfrajjYGOYY0A4AsF5Y5VBg3+Ifs
u+qzzgyDa5jKTY+Kz4Eyubt9I0cgoToBfzoH2+XFMLq8KCwx4N51Lou+RKTu24vD
8Ufr0sx0MW9r//flPJ01/D7AhylU67q1EX7K4s+hw5uA4M2s5lspoVTNlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO903syHO7q/XVHJga4Xd/a7LekqMB8GA1UdIwQY
MBaAFG0rK3x4opoiPqWcZ8nao9x+2x50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNzcmZIaWltaUktcFp4bnlkcWozSDdiSG5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lOGEyZjYtNmMwZi00Mjc2LTg0OWUt
MGM1MjU1NmU5ODY1LzEvYlNzcmZIaWltaUktcFp4bnlkcWozSDdiSG5RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lOGEyZjYtNmMwZi00Mjc2LTg0OWUtMGM1MjU1NmU5ODY1
LzEvYlNzcmZIaWltaUktcFp4bnlkcWozSDdiSG5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGAVuKdCy
vypEwbrdWLWQjnCvKUFgG431V/UfUhZT31QChR9Zg6GZOEqNgKhoyzxPauk9FIkl
Lln1/vRKbLDhLGV5EzoOjFr+UqQeRxwN+3sjSl1j3c/anF4cTJvHhKAzvPycWn/o
QvQl+D75KJluPfq3K7InO3SDdJjNCSOjpPp6VWRnkcFNptyiB3Pgn3+Onts5j3IT
vYKYxR1Mvdc8dCy/Ul+FA49SevH6L2tphROs71As6ktNPPJXtGTHOdzlWOZBYJDC
JLgUROUI/XTgQvJ8gRlBAfz3MCoUQbCEgPu/mth0WScg8surw20q9zDmrwz8VTGN
5p2YjqhX2u6wJQ==
-----END CERTIFICATE-----