Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
File:                     2IUFXXA5jPDHLM6sXlga1A8gPvw.mft (raw, json)
Hash identifier:          eyGHuy3REU7JmlbQ940eCwZAH4zpxIy4sK+LGDejDFo=
Subject key identifier:   23:3E:F1:7D:15:C1:2D:D2:EB:FB:1A:4E:43:6F:C0:A4:90:61:75:03
Authority key identifier: D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC
Certificate issuer:       /CN=d885055d70398cf0c72cceac5e581ad40f203efc
Certificate serial:       019A729395230C856435015054FEA41AF028
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
Manifest number:          0EE9
Signing time:             Tue 11 Nov 2025 11:01:05 +0000
Manifest this update:     Tue 11 Nov 2025 11:01:05 +0000
Manifest next update:     Wed 12 Nov 2025 11:01:05 +0000
Files and hashes:         1: 2IUFXXA5jPDHLM6sXlga1A8gPvw.crl (hash: FArd5n/zhOSLq9SsrbyFszYGoDndb08mP/zGWwNFBiQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:93:95:23:0c:85:64:35:01:50:54:fe:a4:1a:f0:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d885055d70398cf0c72cceac5e581ad40f203efc
        Validity
            Not Before: Nov 11 11:01:05 2025 GMT
            Not After : Nov 12 11:01:05 2025 GMT
        Subject: CN=233ef17d15c12dd2ebfb1a4e436fc0a490617503
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:33:7d:12:0a:91:59:83:85:54:74:bf:37:85:
                    4a:be:c9:8f:4e:f6:fb:bb:0c:85:09:dd:ab:16:c8:
                    54:31:6b:1c:68:26:6e:47:46:0d:95:f0:b5:d5:d7:
                    c2:f0:cd:8a:62:9f:ac:ac:bb:dc:dc:ac:4c:45:5a:
                    59:15:a7:1b:5f:e9:1b:24:a8:a5:41:b1:33:fd:fe:
                    78:d9:02:0b:f5:36:74:f2:1b:2e:97:9a:90:8f:c8:
                    1f:a5:73:75:90:dc:60:c6:c4:17:cc:7a:61:09:c0:
                    9f:33:78:36:b3:50:e9:73:d7:e7:3d:05:c5:32:0c:
                    28:75:42:37:20:7a:2e:e5:c7:a3:e9:71:9e:08:23:
                    c6:e7:64:bf:91:f3:42:15:1c:9d:29:96:5f:25:99:
                    37:87:2f:f6:c1:e5:b8:6d:e9:5d:2c:cb:93:4f:e8:
                    8c:81:c7:d1:cc:aa:8a:c0:14:ba:50:6f:cc:e0:7a:
                    df:e3:dc:62:85:f3:1d:cd:69:61:50:2c:0f:49:d0:
                    c7:58:fc:07:4e:3d:39:31:ba:20:e2:2a:04:fe:0f:
                    cb:81:91:3b:9c:f8:38:1a:85:ed:13:9f:0f:a6:6a:
                    43:ce:9d:85:9d:4f:80:07:60:1f:81:3a:e5:28:9d:
                    ae:ef:d0:c2:44:22:99:13:1c:54:6b:a9:85:b0:ad:
                    1f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:3E:F1:7D:15:C1:2D:D2:EB:FB:1A:4E:43:6F:C0:A4:90:61:75:03
            X509v3 Authority Key Identifier:
                keyid:D8:85:05:5D:70:39:8C:F0:C7:2C:CE:AC:5E:58:1A:D4:0F:20:3E:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IUFXXA5jPDHLM6sXlga1A8gPvw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/82af28-b634-463a-b6be-1ca3c67f1506/1/2IUFXXA5jPDHLM6sXlga1A8gPvw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:d0:50:af:57:11:a8:91:33:69:9f:ca:18:83:03:9f:fc:5c:
         57:b0:7c:3d:e5:b7:64:79:89:12:81:2c:61:a4:05:7a:28:98:
         39:14:d5:5f:ac:a2:70:0e:0a:a2:75:72:b4:92:c6:e8:f3:3e:
         2b:1d:0c:6c:a1:b2:57:ef:d8:19:8d:05:4f:90:1a:2c:03:49:
         4b:36:bb:01:cd:03:5e:40:d9:62:79:e5:a2:39:f5:40:80:95:
         e4:68:d9:a2:b4:2b:1c:77:5b:b1:a6:15:50:82:00:5c:36:5a:
         cf:fc:be:0d:67:b0:d9:a5:5d:1a:d8:ff:7d:ff:12:d1:be:19:
         8f:36:0f:fb:d7:39:e4:f2:d9:78:a7:b2:ce:08:86:79:4f:e9:
         32:5f:c8:59:11:e5:0d:1b:60:2b:36:2e:1d:ab:5b:57:a0:24:
         b2:cc:36:b0:dd:b2:8a:18:f7:76:82:90:58:7f:82:03:6f:8d:
         06:d4:6a:b4:e7:69:d9:75:40:46:bf:42:f2:dc:a8:c3:5b:e8:
         09:30:b8:3b:2f:cb:df:f6:ca:10:07:08:d9:83:6a:44:46:82:
         54:74:66:20:5c:0c:2d:2f:14:bb:cb:74:49:46:2d:62:82:b7:
         88:8f:a0:18:ca:6d:ef:80:61:2a:f3:1a:86:17:45:de:41:49:
         be:c9:6e:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk5UjDIVkNQFQVP6kGvAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODUwNTVkNzAzOThjZjBjNzJjY2VhYzVlNTgxYWQ0MGYy
MDNlZmMwHhcNMjUxMTExMTEwMTA1WhcNMjUxMTEyMTEwMTA1WjAzMTEwLwYDVQQD
EygyMzNlZjE3ZDE1YzEyZGQyZWJmYjFhNGU0MzZmYzBhNDkwNjE3NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TN9EgqRWYOFVHS/N4VKvsmPTvb7
uwyFCd2rFshUMWscaCZuR0YNlfC11dfC8M2KYp+srLvc3KxMRVpZFacbX+kbJKil
QbEz/f542QIL9TZ08hsul5qQj8gfpXN1kNxgxsQXzHphCcCfM3g2s1Dpc9fnPQXF
MgwodUI3IHou5cej6XGeCCPG52S/kfNCFRydKZZfJZk3hy/2weW4beldLMuTT+iM
gcfRzKqKwBS6UG/M4Hrf49xihfMdzWlhUCwPSdDHWPwHTj05Mbog4ioE/g/LgZE7
nPg4GoXtE58PpmpDzp2FnU+AB2AfgTrlKJ2u79DCRCKZExxUa6mFsK0fkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCM+8X0VwS3S6/saTkNvwKSQYXUDMB8GA1UdIwQY
MBaAFNiFBV1wOYzwxyzOrF5YGtQPID78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUt
MWNhM2M2N2YxNTA2LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84MmFmMjgtYjYzNC00NjNhLWI2YmUtMWNhM2M2N2YxNTA2
LzEvMklVRlhYQTVqUERITE02c1hsZ2ExQThnUHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApdBQr1cR
qJEzaZ/KGIMDn/xcV7B8PeW3ZHmJEoEsYaQFeiiYORTVX6yicA4KonVytJLG6PM+
Kx0MbKGyV+/YGY0FT5AaLANJSza7Ac0DXkDZYnnlojn1QICV5GjZorQrHHdbsaYV
UIIAXDZaz/y+DWew2aVdGtj/ff8S0b4ZjzYP+9c55PLZeKeyzgiGeU/pMl/IWRHl
DRtgKzYuHatbV6Akssw2sN2yihj3doKQWH+CA2+NBtRqtOdp2XVARr9C8tyow1vo
CTC4Oy/L3/bKEAcI2YNqREaCVHRmIFwMLS8Uu8t0SUYtYoK3iI+gGMpt74BhKvMa
hhdF3kFJvslurQ==
-----END CERTIFICATE-----