Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          VnB/PkmF+8ezAY5qUawCWC8zA96oI0VPqMqVCPjE90M=
Subject key identifier:   F4:03:2B:DD:37:7D:01:3C:2C:AA:E4:9A:57:0E:F9:0D:75:86:15:39
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       019A71B8D7334B54D444DB2BDBE5A2520A10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          105C
Signing time:             Tue 11 Nov 2025 07:02:10 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:10 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:10 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: 1QnH5x9eyQO7z93/UoPqLWJBhwla9WtmSVvE9F7gP0M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:d7:33:4b:54:d4:44:db:2b:db:e5:a2:52:0a:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Nov 11 07:02:10 2025 GMT
            Not After : Nov 12 07:02:10 2025 GMT
        Subject: CN=f4032bdd377d013c2caae49a570ef90d75861539
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:71:ae:54:21:eb:b0:74:57:42:55:3d:27:dd:
                    c9:10:76:04:1c:43:5f:b7:7a:a3:4c:12:33:8f:59:
                    92:8f:11:da:d4:71:24:70:ca:76:48:f5:5a:e0:65:
                    25:82:f5:7f:f5:ec:40:86:94:a7:8e:4f:99:39:76:
                    8a:43:f8:f3:c5:ea:dd:0a:19:b6:66:c7:c5:8d:ef:
                    70:29:c6:6b:8a:00:ca:27:3c:df:04:70:ab:14:d8:
                    f0:61:4c:93:ee:79:04:a6:92:ee:62:78:86:2a:46:
                    01:0b:76:18:6b:90:06:d8:9e:1d:db:0a:13:c7:9a:
                    9a:24:a5:66:e2:0a:db:e3:11:71:98:7e:f2:9e:64:
                    62:a5:78:0d:87:64:65:35:94:c7:46:00:b9:4d:0f:
                    b1:32:94:f6:c9:64:eb:af:1e:04:fb:a4:43:e3:34:
                    96:94:2b:2c:cd:0b:c7:12:a6:1e:81:75:90:81:51:
                    39:61:50:48:c4:5d:b5:59:a2:93:2b:f0:3e:cd:c4:
                    a0:2f:82:db:25:b7:5f:b7:9a:b1:0c:ff:2e:64:98:
                    aa:33:69:aa:99:b7:13:3a:0f:8b:b6:58:7d:9d:d5:
                    72:fa:9e:32:d5:6b:a3:76:e8:00:49:14:77:b1:7c:
                    5b:26:f1:2c:27:e5:62:26:81:6a:a8:d7:48:26:7b:
                    dd:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:03:2B:DD:37:7D:01:3C:2C:AA:E4:9A:57:0E:F9:0D:75:86:15:39
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:eb:a6:f6:3c:a2:ff:a9:f5:a7:ad:f8:57:30:fe:a2:3e:e8:
         89:1f:0b:46:62:28:60:7b:25:e5:9b:3d:34:20:b7:3e:4e:39:
         3e:05:cb:16:18:61:db:cf:5b:af:11:c1:61:b3:bd:57:24:13:
         bb:1d:29:31:40:94:f6:20:cf:12:a4:cf:76:4c:4f:f3:22:ec:
         2e:f0:c0:6b:fe:99:1e:3b:ee:df:65:ac:53:9f:6a:f0:2f:10:
         f1:7a:9d:be:a0:47:87:f2:de:08:00:67:7d:61:e6:7e:1b:2e:
         b5:e6:c1:a9:84:4c:43:dc:c1:2c:51:56:09:6f:33:28:a8:6e:
         d0:b3:de:3c:15:06:b8:87:34:f8:b7:b2:39:aa:b7:51:05:2e:
         9c:dd:ee:95:4b:86:f7:f3:20:02:9e:c9:50:dc:0e:7d:52:aa:
         56:84:bf:3f:d4:e8:0a:82:e1:be:98:49:40:62:e8:31:7a:78:
         c2:55:73:62:cf:81:99:57:9f:43:d4:60:05:0a:a4:db:0f:79:
         3f:49:35:c0:23:c1:fc:a6:e5:75:9f:c1:5a:5e:c7:ea:e3:34:
         ee:03:45:e7:04:68:26:ea:e8:22:f2:ba:2c:f4:94:f2:b0:19:
         a4:75:42:f5:86:31:78:62:c1:70:43:a0:8f:c7:91:45:d4:65:
         72:30:16:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNczS1TURNsr2+WiUgoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
EyhmNDAzMmJkZDM3N2QwMTNjMmNhYWU0OWE1NzBlZjkwZDc1ODYxNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHGuVCHrsHRXQlU9J93JEHYEHENf
t3qjTBIzj1mSjxHa1HEkcMp2SPVa4GUlgvV/9exAhpSnjk+ZOXaKQ/jzxerdChm2
ZsfFje9wKcZrigDKJzzfBHCrFNjwYUyT7nkEppLuYniGKkYBC3YYa5AG2J4d2woT
x5qaJKVm4grb4xFxmH7ynmRipXgNh2RlNZTHRgC5TQ+xMpT2yWTrrx4E+6RD4zSW
lCsszQvHEqYegXWQgVE5YVBIxF21WaKTK/A+zcSgL4LbJbdft5qxDP8uZJiqM2mq
mbcTOg+Ltlh9ndVy+p4y1WujdugASRR3sXxbJvEsJ+ViJoFqqNdIJnvdUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQDK903fQE8LKrkmlcO+Q11hhU5MB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALeum9jyi
/6n1p634VzD+oj7oiR8LRmIoYHsl5Zs9NCC3Pk45PgXLFhhh289brxHBYbO9VyQT
ux0pMUCU9iDPEqTPdkxP8yLsLvDAa/6ZHjvu32WsU59q8C8Q8XqdvqBHh/LeCABn
fWHmfhsutebBqYRMQ9zBLFFWCW8zKKhu0LPePBUGuIc0+LeyOaq3UQUunN3ulUuG
9/MgAp7JUNwOfVKqVoS/P9ToCoLhvphJQGLoMXp4wlVzYs+BmVefQ9RgBQqk2w95
P0k1wCPB/KbldZ/BWl7H6uM07gNF5wRoJuroIvK6LPSU8rAZpHVC9YYxeGLBcEOg
j8eRRdRlcjAWSQ==
-----END CERTIFICATE-----