Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
File:                     2krNipcsDnNxGs9H4MhFmhz3JgY.mft (raw, json)
Hash identifier:          KDUQaalRaaC6/TgP7JmY1XNBzuKeLZfl2TkBH7NN/0c=
Subject key identifier:   03:5A:4E:BB:19:BA:69:2B:2F:BD:FC:B3:CC:64:AE:54:B1:FC:1C:10
Authority key identifier: DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06
Certificate issuer:       /CN=da4acd8a972c0e73711acf47e0c8459a1cf72606
Certificate serial:       019A0FDEA7090DCA6FBE41CD2A78BD28D1C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
Manifest number:          1649
Signing time:             Thu 23 Oct 2025 07:00:41 +0000
Manifest this update:     Thu 23 Oct 2025 07:00:41 +0000
Manifest next update:     Fri 24 Oct 2025 07:00:41 +0000
Files and hashes:         1: 2krNipcsDnNxGs9H4MhFmhz3JgY.crl (hash: rFpts/SglE5Gv1VXQkXQcyXW66d6LfIDeklz7HAdNRg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 07:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:0f:de:a7:09:0d:ca:6f:be:41:cd:2a:78:bd:28:d1:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da4acd8a972c0e73711acf47e0c8459a1cf72606
        Validity
            Not Before: Oct 23 07:00:41 2025 GMT
            Not After : Oct 24 07:00:41 2025 GMT
        Subject: CN=035a4ebb19ba692b2fbdfcb3cc64ae54b1fc1c10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:55:34:4b:45:0d:a0:49:4b:73:17:b8:58:c7:
                    c2:b4:ec:61:c8:cf:1b:6d:bb:a4:89:5d:fd:41:34:
                    7d:c8:3d:59:66:d5:d8:89:d8:87:c2:4b:30:c3:4e:
                    3e:9e:ec:ac:33:a6:23:09:c2:ae:82:36:b8:d2:23:
                    03:93:fd:8c:2b:a4:c5:e0:65:6e:38:14:bb:d4:f2:
                    a9:b5:77:0c:11:7f:a0:16:bf:48:fb:c9:44:43:f8:
                    5a:a3:55:ce:fc:94:9c:b7:a7:41:53:5f:1e:47:a6:
                    3c:17:35:e7:aa:33:be:ce:12:81:b3:8f:14:2e:cd:
                    23:20:5c:71:34:aa:c1:bc:e3:5a:1f:da:3b:f8:69:
                    d8:69:e0:c5:b2:f4:b6:25:c0:32:2a:fd:7f:6e:67:
                    42:86:25:bf:9d:51:8e:20:d7:87:9a:61:68:f6:1a:
                    ae:7b:12:16:bd:71:13:c1:36:4d:d7:c2:cb:89:47:
                    2a:4b:b7:c7:1b:cc:d6:73:9f:57:54:ca:d4:9f:a8:
                    97:a3:9d:dd:ff:c6:41:49:02:e2:4a:7e:ce:62:73:
                    ce:1e:9e:20:b1:64:0c:a0:1d:01:b4:7a:e7:7e:cb:
                    04:1c:08:83:fe:86:4a:93:e8:dd:3a:6e:5e:12:fb:
                    c2:3e:91:7d:28:e2:a5:b7:c8:0d:bf:61:73:3f:43:
                    ef:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:5A:4E:BB:19:BA:69:2B:2F:BD:FC:B3:CC:64:AE:54:B1:FC:1C:10
            X509v3 Authority Key Identifier:
                keyid:DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:1b:4f:a2:c3:59:19:5b:bf:61:4c:cd:db:78:91:f1:fb:76:
         66:fb:03:23:58:cc:6d:06:67:f8:53:87:4c:5f:1c:e5:47:2f:
         4c:6b:1b:f6:d2:2b:8c:81:29:d5:10:24:3d:53:02:ac:b9:31:
         a1:c8:89:b0:a4:58:71:19:6e:b1:2a:2c:1a:ba:dc:ab:8d:e0:
         1e:4e:84:22:d9:a6:c4:bf:8f:f6:6f:43:46:a3:2b:df:a1:3b:
         b7:7a:00:91:1d:e7:0a:88:8d:b3:11:c9:06:c5:2d:e6:dc:86:
         e7:7b:30:15:e6:0d:81:06:1c:db:ab:98:b0:76:92:d3:2f:5c:
         62:77:ee:8e:c7:8d:f5:e9:24:fd:fa:4b:93:af:c2:98:5b:cc:
         6b:b3:90:d8:4a:65:e6:a3:7f:24:da:a8:4a:69:ab:44:dd:f9:
         63:c8:7e:94:61:cf:62:54:f3:35:dc:34:66:d9:4f:7c:bc:b6:
         f1:2e:13:c2:52:88:5d:b2:a3:c7:55:3f:b9:ca:4c:08:a3:43:
         55:0d:52:d0:df:b1:e7:a2:6e:e4:31:0b:e1:1b:4e:ca:02:5c:
         3f:4f:b1:84:af:cb:6f:82:da:a3:36:a8:43:38:44:9c:f7:0d:
         7e:00:f4:04:a4:cb:96:1e:85:b9:64:a6:8f:3e:61:58:6c:74:
         c4:26:14:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoP3qcJDcpvvkHNKni9KNHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNGFjZDhhOTcyYzBlNzM3MTFhY2Y0N2UwYzg0NTlhMWNm
NzI2MDYwHhcNMjUxMDIzMDcwMDQxWhcNMjUxMDI0MDcwMDQxWjAzMTEwLwYDVQQD
EygwMzVhNGViYjE5YmE2OTJiMmZiZGZjYjNjYzY0YWU1NGIxZmMxYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VU0S0UNoElLcxe4WMfCtOxhyM8b
bbukiV39QTR9yD1ZZtXYidiHwksww04+nuysM6YjCcKugja40iMDk/2MK6TF4GVu
OBS71PKptXcMEX+gFr9I+8lEQ/hao1XO/JSct6dBU18eR6Y8FzXnqjO+zhKBs48U
Ls0jIFxxNKrBvONaH9o7+GnYaeDFsvS2JcAyKv1/bmdChiW/nVGOINeHmmFo9hqu
exIWvXETwTZN18LLiUcqS7fHG8zWc59XVMrUn6iXo53d/8ZBSQLiSn7OYnPOHp4g
sWQMoB0BtHrnfssEHAiD/oZKk+jdOm5eEvvCPpF9KOKlt8gNv2FzP0PvswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANaTrsZumkrL738s8xkrlSx/BwQMB8GA1UdIwQY
MBaAFNpKzYqXLA5zcRrPR+DIRZoc9yYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAt
OWU1ZmQ0MzkzNWI3LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAtOWU1ZmQ0MzkzNWI3
LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuhtPosNZ
GVu/YUzN23iR8ft2ZvsDI1jMbQZn+FOHTF8c5UcvTGsb9tIrjIEp1RAkPVMCrLkx
ociJsKRYcRlusSosGrrcq43gHk6EItmmxL+P9m9DRqMr36E7t3oAkR3nCoiNsxHJ
BsUt5tyG53swFeYNgQYc26uYsHaS0y9cYnfujseN9ekk/fpLk6/CmFvMa7OQ2Epl
5qN/JNqoSmmrRN35Y8h+lGHPYlTzNdw0ZtlPfLy28S4TwlKIXbKjx1U/ucpMCKND
VQ1S0N+x56Ju5DEL4RtOygJcP0+xhK/Lb4LaozaoQzhEnPcNfgD0BKTLlh6FuWSm
jz5hWGx0xCYU8Q==
-----END CERTIFICATE-----