Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
File:                     K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft (raw, json)
Hash identifier:          FgP+hitrlp39sINH8uMBBiVnOdKcr5aaNv3F2BBOTY8=
Subject key identifier:   3E:FD:A0:D0:D0:E4:40:60:66:A6:74:4E:A2:20:40:C4:43:C2:A0:1D
Authority key identifier: 2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F
Certificate issuer:       /CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
Certificate serial:       019A71B7A34343974527966E4D06CCB52CB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
Manifest number:          0838
Signing time:             Tue 11 Nov 2025 07:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:51 +0000
Files and hashes:         1: K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl (hash: ZqeltM7/iwXkf/CfnDPTeDhGKeQ5MHECusAuLBvy53w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:a3:43:43:97:45:27:96:6e:4d:06:cc:b5:2c:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
        Validity
            Not Before: Nov 11 07:00:51 2025 GMT
            Not After : Nov 12 07:00:51 2025 GMT
        Subject: CN=3efda0d0d0e4406066a6744ea22040c443c2a01d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c9:f2:94:2f:0b:87:da:63:15:3d:a4:ea:90:
                    6d:33:f7:70:3e:b7:a7:3d:91:2c:d2:f7:07:6d:97:
                    d8:35:b7:1e:63:6b:30:13:8e:77:89:15:af:63:81:
                    de:bb:66:08:47:4e:fb:f8:13:25:7e:c8:b9:2a:ba:
                    16:ce:37:46:e9:f7:e4:95:b7:26:ec:8a:32:98:a1:
                    24:25:0f:36:ac:9d:a5:88:0d:93:ad:f1:27:a8:0c:
                    7d:5d:1c:46:0c:a5:7c:e1:77:98:40:c6:e8:ff:26:
                    5f:d8:04:1d:a6:d4:df:a2:69:75:e1:1e:0f:c9:28:
                    35:c3:0c:46:98:18:8c:16:77:ac:5a:69:84:31:47:
                    d4:b3:3a:e2:3f:0a:1e:5c:32:77:c3:da:be:48:89:
                    ac:e6:29:84:b9:d0:dd:fd:d9:43:eb:fb:72:bb:33:
                    cb:59:8e:a4:13:d7:cc:60:13:13:94:57:51:98:00:
                    c5:47:41:cf:af:7b:16:60:7c:9a:3d:8f:34:aa:74:
                    f9:76:12:c3:99:06:b8:f3:6e:f4:dd:68:f9:03:0b:
                    88:a9:8a:b5:2c:92:84:3d:46:dd:97:4d:8e:be:21:
                    0d:78:79:06:36:16:91:93:94:8d:95:38:b7:8c:60:
                    21:cb:93:73:d5:b9:01:1f:e3:23:08:e1:87:c9:a9:
                    4e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:FD:A0:D0:D0:E4:40:60:66:A6:74:4E:A2:20:40:C4:43:C2:A0:1D
            X509v3 Authority Key Identifier:
                keyid:2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:33:0e:f3:1d:57:d6:c6:59:bf:e8:f2:1a:18:29:4e:68:fe:
         80:15:2b:03:19:00:2c:eb:e9:46:2e:fa:75:e3:8b:39:99:a5:
         2b:68:b5:8c:3f:a5:c4:c2:ac:6a:3c:8e:57:f2:eb:5f:a7:84:
         be:31:3d:f2:f0:6c:07:7c:ca:11:d4:97:b6:b5:48:6b:8d:6b:
         28:9b:b8:cd:6f:36:79:ea:46:4b:fd:88:7a:f6:b3:0c:85:ce:
         ec:7d:ab:c8:a2:8a:7c:88:78:52:8c:83:80:59:49:d2:18:6c:
         e0:a9:37:ee:89:b3:69:cd:55:b3:e0:be:b6:67:45:36:3e:35:
         c8:30:36:58:0e:c2:01:f3:1f:5b:10:d9:3f:c3:1f:81:47:fe:
         26:72:76:b7:6d:4a:02:db:80:00:74:67:f6:0a:85:b5:f2:7b:
         01:fe:ce:63:87:4e:f8:65:2e:63:0e:1d:2d:0b:52:48:56:bd:
         94:8a:e4:54:e3:10:e4:7a:97:6b:96:6c:f9:36:60:92:7a:01:
         5a:98:40:77:0e:60:3c:5a:ea:8a:cf:f9:ae:5f:c5:db:56:ee:
         92:55:24:29:18:8d:be:96:93:76:68:e2:80:e6:8c:1e:a1:a0:
         24:4a:1f:4d:34:74:8d:9b:8f:86:46:b6:59:e8:05:ec:82:fe:
         9f:95:c7:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6NDQ5dFJ5ZuTQbMtSywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNTdiMGRiMDAxNmZlNjI1MDk1ZGYwYzZlNTdmZTA3ZjFj
ZjI4OWYwHhcNMjUxMTExMDcwMDUxWhcNMjUxMTEyMDcwMDUxWjAzMTEwLwYDVQQD
EygzZWZkYTBkMGQwZTQ0MDYwNjZhNjc0NGVhMjIwNDBjNDQzYzJhMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MnylC8Lh9pjFT2k6pBtM/dwPren
PZEs0vcHbZfYNbceY2swE453iRWvY4Heu2YIR077+BMlfsi5KroWzjdG6ffklbcm
7IoymKEkJQ82rJ2liA2TrfEnqAx9XRxGDKV84XeYQMbo/yZf2AQdptTfoml14R4P
ySg1wwxGmBiMFnesWmmEMUfUszriPwoeXDJ3w9q+SIms5imEudDd/dlD6/tyuzPL
WY6kE9fMYBMTlFdRmADFR0HPr3sWYHyaPY80qnT5dhLDmQa482703Wj5AwuIqYq1
LJKEPUbdl02OviENeHkGNhaRk5SNlTi3jGAhy5Nz1bkBH+MjCOGHyalOMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD79oNDQ5EBgZqZ0TqIgQMRDwqAdMB8GA1UdIwQY
MBaAFCtXsNsAFv5iUJXfDG5X/gfxzyifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgt
ZjQ0ZjM1YjdhOTVkLzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgtZjQ0ZjM1YjdhOTVk
LzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIjMO8x1X
1sZZv+jyGhgpTmj+gBUrAxkALOvpRi76deOLOZmlK2i1jD+lxMKsajyOV/LrX6eE
vjE98vBsB3zKEdSXtrVIa41rKJu4zW82eepGS/2IevazDIXO7H2ryKKKfIh4UoyD
gFlJ0hhs4Kk37omzac1Vs+C+tmdFNj41yDA2WA7CAfMfWxDZP8MfgUf+JnJ2t21K
AtuAAHRn9gqFtfJ7Af7OY4dO+GUuYw4dLQtSSFa9lIrkVOMQ5HqXa5Zs+TZgknoB
WphAdw5gPFrqis/5rl/F21buklUkKRiNvpaTdmjigOaMHqGgJEofTTR0jZuPhka2
WegF7IL+n5XHpQ==
-----END CERTIFICATE-----