Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          bdPGjS53O0p03Oe6HT+AYCWdETkWhei8GVl3o+i0tQw=
Subject key identifier:   75:06:33:81:C1:58:13:2D:2F:2A:03:52:C0:8C:10:F3:A8:DD:2C:20
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       019A71B8DDDE9D6F2E83D3760EA700FB5ED9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          161A
Signing time:             Tue 11 Nov 2025 07:02:12 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:12 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:12 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: 5vAswaXKHMsv8UUGBWva0C8mY92cxwMb5ci0mxnEYbQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:dd:de:9d:6f:2e:83:d3:76:0e:a7:00:fb:5e:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Nov 11 07:02:12 2025 GMT
            Not After : Nov 12 07:02:12 2025 GMT
        Subject: CN=75063381c158132d2f2a0352c08c10f3a8dd2c20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:e3:50:ef:5a:92:99:19:0f:12:a9:9f:4b:99:
                    a4:41:4e:c4:1a:fc:cf:eb:7c:e1:09:fd:59:51:40:
                    8e:78:de:b8:81:8e:54:91:7c:e6:fd:af:b8:44:5d:
                    7d:2e:0c:fe:9c:bb:e5:43:a1:20:3e:df:da:22:8a:
                    e0:9e:a9:1b:ff:16:35:9f:ef:cb:93:00:23:56:ea:
                    7d:1a:60:c7:de:de:af:f2:1f:d8:74:f6:f6:3b:67:
                    d0:d3:d6:48:ec:46:3f:b3:8a:14:d7:ae:77:6a:47:
                    ee:3c:38:96:43:48:25:39:af:8a:dc:b8:28:42:8e:
                    8f:f0:47:93:40:df:e3:36:4c:a5:eb:6d:cf:3c:26:
                    d6:51:85:d4:f9:6a:12:18:fd:bc:39:e8:4a:10:67:
                    be:d0:64:71:c1:5a:7b:65:60:ae:ab:f4:e8:3f:3c:
                    25:b9:32:43:88:8e:d7:63:a0:f3:05:f1:5e:91:3a:
                    1f:ba:d0:1d:e0:c6:31:a3:f8:bf:ff:6c:d4:f2:ea:
                    52:60:13:c8:b1:d3:ce:79:9a:1e:23:04:67:f4:bf:
                    22:b4:0b:a4:19:ea:97:04:37:36:fd:03:7f:d1:6a:
                    27:97:25:92:88:87:45:9b:a8:b1:85:e8:ac:1c:66:
                    f4:83:62:1d:ed:1c:6b:8d:44:4c:bf:5d:dd:0b:ba:
                    c4:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:06:33:81:C1:58:13:2D:2F:2A:03:52:C0:8C:10:F3:A8:DD:2C:20
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:7d:f4:2b:9b:01:54:31:f8:77:c5:65:08:fa:d7:ee:37:28:
         85:00:26:62:d0:7f:77:82:92:e1:94:81:98:0c:2b:5e:61:7e:
         85:d6:7b:8a:2d:2f:ae:00:19:52:e3:e4:de:31:aa:14:bd:5b:
         bd:dd:a3:7d:16:35:d5:40:32:3f:e4:49:7b:66:38:d8:f5:a3:
         c1:50:18:75:a6:ee:ec:35:43:ae:02:d4:0b:89:26:9c:09:37:
         72:bc:70:6d:ca:8f:94:d4:7b:1e:9b:53:32:76:93:06:1f:14:
         60:06:66:10:f5:42:24:1a:4f:83:05:b9:b8:bf:92:01:ac:f5:
         3f:ad:90:fd:2b:87:32:5d:65:97:e4:e6:d2:93:54:0f:53:1a:
         5a:c0:d5:06:eb:1c:a8:a5:e6:6a:da:f9:ab:7d:40:22:5a:36:
         fc:8b:3a:1a:89:e6:a1:60:cb:81:86:2f:7d:4a:67:b0:cf:52:
         37:d9:af:fc:03:b4:56:be:70:4b:c2:6d:23:6f:33:04:89:c1:
         07:b9:b8:af:21:f9:05:20:ea:75:0b:55:42:4a:85:79:98:99:
         e4:48:04:cd:d6:87:33:83:9f:a6:3c:10:c9:ed:c7:02:2b:ef:
         e8:5b:74:76:9e:17:c6:bb:bc:53:f8:2e:77:7e:2d:b4:e3:a9:
         66:3b:a8:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuN3enW8ug9N2DqcA+17ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjUxMTExMDcwMjEyWhcNMjUxMTEyMDcwMjEyWjAzMTEwLwYDVQQD
Eyg3NTA2MzM4MWMxNTgxMzJkMmYyYTAzNTJjMDhjMTBmM2E4ZGQyYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+NQ71qSmRkPEqmfS5mkQU7EGvzP
63zhCf1ZUUCOeN64gY5UkXzm/a+4RF19Lgz+nLvlQ6EgPt/aIorgnqkb/xY1n+/L
kwAjVup9GmDH3t6v8h/YdPb2O2fQ09ZI7EY/s4oU1653akfuPDiWQ0glOa+K3Lgo
Qo6P8EeTQN/jNkyl623PPCbWUYXU+WoSGP28OehKEGe+0GRxwVp7ZWCuq/ToPzwl
uTJDiI7XY6DzBfFekTofutAd4MYxo/i//2zU8upSYBPIsdPOeZoeIwRn9L8itAuk
GeqXBDc2/QN/0WonlyWSiIdFm6ixheisHGb0g2Id7RxrjURMv13dC7rEdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHUGM4HBWBMtLyoDUsCMEPOo3SwgMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC330K5sB
VDH4d8VlCPrX7jcohQAmYtB/d4KS4ZSBmAwrXmF+hdZ7ii0vrgAZUuPk3jGqFL1b
vd2jfRY11UAyP+RJe2Y42PWjwVAYdabu7DVDrgLUC4kmnAk3crxwbcqPlNR7HptT
MnaTBh8UYAZmEPVCJBpPgwW5uL+SAaz1P62Q/SuHMl1ll+Tm0pNUD1MaWsDVBusc
qKXmatr5q31AIlo2/Is6GonmoWDLgYYvfUpnsM9SN9mv/AO0Vr5wS8JtI28zBInB
B7m4ryH5BSDqdQtVQkqFeZiZ5EgEzdaHM4OfpjwQye3HAivv6Ft0dp4Xxru8U/gu
d34ttOOpZjuovQ==
-----END CERTIFICATE-----