Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
File:                     D2HrqF8lrXvk2foP9UUoqUorNjc.mft (raw, json)
Hash identifier:          8H4OkMopVriXejHJqw5E/Sa3snBWAdDaYfwXB56s+l4=
Subject key identifier:   2B:7A:3D:9D:B6:D7:49:0F:C4:E0:8A:6B:72:5C:87:C9:01:97:8B:14
Authority key identifier: 0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37
Certificate issuer:       /CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
Certificate serial:       019A72257AFA0A58D362FC7A7E8527C1A1ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
Manifest number:          028E
Signing time:             Tue 11 Nov 2025 09:00:49 +0000
Manifest this update:     Tue 11 Nov 2025 09:00:49 +0000
Manifest next update:     Wed 12 Nov 2025 09:00:49 +0000
Files and hashes:         1: D2HrqF8lrXvk2foP9UUoqUorNjc.crl (hash: 7lGbt+lembptqbV7HpV8/tfFf2UI/BfK/L+MwBjXhEw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:7a:fa:0a:58:d3:62:fc:7a:7e:85:27:c1:a1:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f61eba85f25ad7be4d9fa0ff54528a94a2b3637
        Validity
            Not Before: Nov 11 09:00:49 2025 GMT
            Not After : Nov 12 09:00:49 2025 GMT
        Subject: CN=2b7a3d9db6d7490fc4e08a6b725c87c901978b14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ff:f7:00:0e:94:06:b3:53:a3:1a:de:10:20:
                    07:ff:40:6f:93:dd:8d:9a:15:4c:e1:6e:9e:5c:0b:
                    a9:f5:e7:19:f5:a5:2d:76:e8:53:76:bd:15:a9:f1:
                    91:fd:12:6a:0b:03:0d:27:e0:38:0f:ad:ff:e9:f3:
                    d8:6b:1e:c8:e0:ee:04:c3:aa:e8:d3:5c:ee:9c:b2:
                    0f:46:da:3b:11:53:83:f6:f4:ef:4f:0a:1b:c9:1c:
                    06:3d:77:cc:1c:7b:01:5d:df:b9:d0:15:71:fa:89:
                    29:fe:f6:22:ac:a6:d0:58:a3:79:4b:d7:f6:24:bd:
                    3b:5c:bd:23:d3:51:0a:fa:03:3e:00:01:9e:de:6f:
                    83:de:fe:be:23:25:3c:6c:a4:1c:73:24:f3:d7:29:
                    33:eb:e5:a5:8d:07:35:8a:c3:a8:63:e8:db:3f:d6:
                    8e:3e:40:61:ff:d1:74:12:7d:72:59:9a:61:95:6d:
                    e7:0a:ac:7b:da:00:38:11:53:4a:ce:21:b4:14:d6:
                    4b:dc:e6:29:95:ac:8b:d1:5f:56:99:14:d1:e8:3e:
                    a9:0f:ec:7c:b2:94:78:9b:fe:68:2e:04:01:a1:40:
                    bd:fc:16:72:a5:a6:5f:49:fc:3d:31:22:0c:34:7f:
                    41:fd:10:08:81:df:44:df:55:a7:cc:1e:87:77:0a:
                    8f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:7A:3D:9D:B6:D7:49:0F:C4:E0:8A:6B:72:5C:87:C9:01:97:8B:14
            X509v3 Authority Key Identifier:
                keyid:0F:61:EB:A8:5F:25:AD:7B:E4:D9:FA:0F:F5:45:28:A9:4A:2B:36:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2HrqF8lrXvk2foP9UUoqUorNjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/671bac-9f98-440e-87b7-f094069675e3/1/D2HrqF8lrXvk2foP9UUoqUorNjc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:19:69:63:1f:90:3e:c1:ee:48:18:17:19:7f:c0:86:14:b7:
         24:3e:fa:0b:dd:2e:27:4a:b2:2f:25:76:49:fb:cc:bf:74:76:
         16:38:dc:e6:5e:60:33:7c:33:d7:da:3f:3b:6d:a9:0e:f3:9b:
         f7:9d:19:32:1e:c2:cd:ea:05:f8:31:b7:b7:68:1e:1b:07:0b:
         db:07:0d:02:77:2c:f5:cc:7e:56:ac:da:74:0c:3e:d0:34:e3:
         d5:5f:48:e3:43:ac:05:c2:92:a9:fa:44:f7:70:f5:f7:34:0b:
         eb:e4:15:81:7b:a7:7c:a2:6b:e5:6f:ff:ea:22:0d:6f:56:58:
         65:a2:bf:e9:dc:87:90:0d:0d:76:da:d4:d4:bd:96:50:5f:35:
         65:f1:d9:70:fd:41:3d:d9:d3:af:32:9f:ea:c7:0a:66:40:32:
         28:e3:ce:7f:44:77:04:46:71:fb:28:0c:10:f8:ab:35:70:23:
         01:0a:0d:23:8b:af:93:c6:6b:fd:5e:b1:7d:26:13:99:e6:7a:
         36:54:18:68:7e:1c:cf:8a:50:04:91:a1:bc:f5:ae:0e:56:71:
         8e:36:33:75:7d:24:69:1a:c8:80:d5:9c:a9:bc:3d:cf:42:5c:
         d2:2d:ac:94:61:cc:31:02:44:4f:b0:cb:46:55:8d:33:66:2f:
         5a:2e:59:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJXr6CljTYvx6foUnwaHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjFlYmE4NWYyNWFkN2JlNGQ5ZmEwZmY1NDUyOGE5NGEy
YjM2MzcwHhcNMjUxMTExMDkwMDQ5WhcNMjUxMTEyMDkwMDQ5WjAzMTEwLwYDVQQD
EygyYjdhM2Q5ZGI2ZDc0OTBmYzRlMDhhNmI3MjVjODdjOTAxOTc4YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP/3AA6UBrNToxreECAH/0Bvk92N
mhVM4W6eXAup9ecZ9aUtduhTdr0VqfGR/RJqCwMNJ+A4D63/6fPYax7I4O4Ew6ro
01zunLIPRto7EVOD9vTvTwobyRwGPXfMHHsBXd+50BVx+okp/vYirKbQWKN5S9f2
JL07XL0j01EK+gM+AAGe3m+D3v6+IyU8bKQccyTz1ykz6+WljQc1isOoY+jbP9aO
PkBh/9F0En1yWZphlW3nCqx72gA4EVNKziG0FNZL3OYplayL0V9WmRTR6D6pD+x8
spR4m/5oLgQBoUC9/BZypaZfSfw9MSIMNH9B/RAIgd9E31WnzB6HdwqPvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCt6PZ2210kPxOCKa3Jch8kBl4sUMB8GA1UdIwQY
MBaAFA9h66hfJa175Nn6D/VFKKlKKzY3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3Yjct
ZjA5NDA2OTY3NWUzLzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi82NzFiYWMtOWY5OC00NDBlLTg3YjctZjA5NDA2OTY3NWUz
LzEvRDJIcnFGOGxyWHZrMmZvUDlVVW9xVW9yTmpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfhlpYx+Q
PsHuSBgXGX/AhhS3JD76C90uJ0qyLyV2SfvMv3R2Fjjc5l5gM3wz19o/O22pDvOb
950ZMh7CzeoF+DG3t2geGwcL2wcNAncs9cx+VqzadAw+0DTj1V9I40OsBcKSqfpE
93D19zQL6+QVgXunfKJr5W//6iINb1ZYZaK/6dyHkA0NdtrU1L2WUF81ZfHZcP1B
PdnTrzKf6scKZkAyKOPOf0R3BEZx+ygMEPirNXAjAQoNI4uvk8Zr/V6xfSYTmeZ6
NlQYaH4cz4pQBJGhvPWuDlZxjjYzdX0kaRrIgNWcqbw9z0Jc0i2slGHMMQJET7DL
RlWNM2YvWi5ZFw==
-----END CERTIFICATE-----