Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          njHSdxQYNACL57WN3clWNxrqBg8hc3xiElqEVnF3joc=
Subject key identifier:   5F:CB:ED:63:20:38:00:05:31:F1:7F:B7:1E:B0:0D:80:F0:FE:F9:67
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       0199180A9C55CC1630ECC44CDD661FBEA4DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          0FA9
Signing time:             Fri 05 Sep 2025 04:02:52 +0000
Manifest this update:     Fri 05 Sep 2025 04:02:52 +0000
Manifest next update:     Sat 06 Sep 2025 04:02:52 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: 2l1Om/yoyGJ8n4VdtjoCucDhpFLgknbmdb10CXto8Zc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 01:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:18:0a:9c:55:cc:16:30:ec:c4:4c:dd:66:1f:be:a4:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Sep  5 04:02:52 2025 GMT
            Not After : Sep  6 04:02:52 2025 GMT
        Subject: CN=5fcbed632038000531f17fb71eb00d80f0fef967
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:74:9c:c2:3f:ea:9a:54:a4:71:75:27:79:fe:
                    2b:fe:12:8f:56:3d:6e:f7:6d:3e:1e:50:d6:89:1c:
                    e7:86:69:39:39:a0:af:a3:d4:43:f3:04:9d:03:c6:
                    4b:fd:3a:f7:c3:39:be:6f:94:4f:9a:00:3c:8a:08:
                    37:e6:ce:dd:a3:3f:4a:da:a8:bc:7a:1c:bf:1d:bb:
                    1d:1d:b3:1b:11:5f:38:a5:ca:06:df:e7:1e:3f:c7:
                    bd:bf:a1:17:11:a6:d8:cb:75:d8:4d:3e:19:03:3f:
                    23:22:ed:67:82:fd:32:d9:aa:d2:ee:0f:24:38:9a:
                    ff:2e:6f:9d:c5:aa:e5:83:93:7a:81:fb:aa:f6:08:
                    9b:e5:3d:0e:66:3d:d2:66:ea:23:33:06:f1:9b:9e:
                    ee:be:95:49:9a:0a:09:dd:a5:94:15:83:13:64:0e:
                    2c:d5:b7:f0:3f:58:80:34:56:b6:ac:0f:1e:81:bb:
                    15:da:1d:7d:64:fd:26:ac:77:40:8e:ab:da:50:c3:
                    6d:c5:89:c0:62:29:f3:fe:2f:14:f9:53:2d:93:cc:
                    4d:00:fd:76:1e:c3:cb:78:5c:97:c2:91:e3:78:55:
                    c1:8a:3e:28:50:dd:8c:b4:59:5c:d5:3a:de:f1:76:
                    6d:1b:11:3f:a0:ae:ca:a6:de:7b:e5:a8:63:94:fd:
                    b7:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:CB:ED:63:20:38:00:05:31:F1:7F:B7:1E:B0:0D:80:F0:FE:F9:67
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:6c:47:2f:43:2c:35:9b:07:91:28:1e:f3:72:31:01:e6:ca:
         6a:f7:f6:e8:a6:e7:67:cf:e4:fe:95:df:6a:6f:97:e4:0f:29:
         21:7c:0d:b5:3a:01:84:7a:5d:92:fa:8a:bf:02:e2:0c:af:11:
         b6:41:10:57:47:66:6c:01:86:7b:0a:c0:54:24:ab:76:9f:39:
         13:45:7d:f5:38:8a:99:38:3f:f7:e1:cd:e9:20:52:0d:3c:05:
         91:d5:9f:f3:be:b5:1f:38:79:97:d4:92:e7:3e:3e:a1:7e:5d:
         ba:c0:09:54:70:1a:c8:82:75:41:e6:ff:a5:2e:ff:e4:01:4b:
         d0:fa:e8:01:05:e0:37:39:09:13:5e:67:04:6e:cf:e6:39:54:
         05:09:ab:bb:98:ae:05:b0:3b:8f:cc:be:1a:8c:83:3f:92:ec:
         cf:bf:5c:e4:23:44:47:87:8a:e7:1d:3b:98:a0:e2:95:02:fd:
         f4:f5:73:94:6a:4d:49:ad:2e:37:87:a4:4a:61:e2:aa:f9:24:
         21:2b:e8:d8:65:17:77:ea:8a:a5:1e:04:6a:b8:de:77:81:d0:
         7e:83:4e:e1:33:e6:3c:23:c4:4b:b3:2b:65:9c:c5:57:54:e3:
         06:76:da:24:d9:5f:bd:5b:91:ba:58:96:e1:22:17:88:90:06:
         44:f4:e0:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkYCpxVzBYw7MRM3WYfvqTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUwOTA1MDQwMjUyWhcNMjUwOTA2MDQwMjUyWjAzMTEwLwYDVQQD
Eyg1ZmNiZWQ2MzIwMzgwMDA1MzFmMTdmYjcxZWIwMGQ4MGYwZmVmOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73Scwj/qmlSkcXUnef4r/hKPVj1u
920+HlDWiRznhmk5OaCvo9RD8wSdA8ZL/Tr3wzm+b5RPmgA8igg35s7doz9K2qi8
ehy/HbsdHbMbEV84pcoG3+ceP8e9v6EXEabYy3XYTT4ZAz8jIu1ngv0y2arS7g8k
OJr/Lm+dxarlg5N6gfuq9gib5T0OZj3SZuojMwbxm57uvpVJmgoJ3aWUFYMTZA4s
1bfwP1iANFa2rA8egbsV2h19ZP0mrHdAjqvaUMNtxYnAYinz/i8U+VMtk8xNAP12
HsPLeFyXwpHjeFXBij4oUN2MtFlc1Tre8XZtGxE/oK7Kpt575ahjlP23UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF/L7WMgOAAFMfF/tx6wDYDw/vlnMB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAimxHL0Ms
NZsHkSge83IxAebKavf26KbnZ8/k/pXfam+X5A8pIXwNtToBhHpdkvqKvwLiDK8R
tkEQV0dmbAGGewrAVCSrdp85E0V99TiKmTg/9+HN6SBSDTwFkdWf8761Hzh5l9SS
5z4+oX5dusAJVHAayIJ1Qeb/pS7/5AFL0ProAQXgNzkJE15nBG7P5jlUBQmru5iu
BbA7j8y+GoyDP5Lsz79c5CNER4eK5x07mKDilQL99PVzlGpNSa0uN4ekSmHiqvkk
ISvo2GUXd+qKpR4Earjed4HQfoNO4TPmPCPES7MrZZzFV1TjBnbaJNlfvVuRuliW
4SIXiJAGRPTghA==
-----END CERTIFICATE-----