Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
File:                     2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft (raw, json)
Hash identifier:          CuuLsp1x47NcNe0Oz25cyHF14vZImTO5bNHcB/5XASQ=
Subject key identifier:   0A:BF:77:A0:80:E5:60:2E:F8:91:E5:99:10:58:0F:25:A1:B5:04:94
Authority key identifier: D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5
Certificate issuer:       /CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
Certificate serial:       0199239EB62FD972561E2CDF7BC26AA1EFFA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
Manifest number:          0B10
Signing time:             Sun 07 Sep 2025 10:00:27 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:27 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:27 +0000
Files and hashes:         1: 2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl (hash: 4mL2iIIhP9ONQFEMPmkrhbH9Xp77NmuA1gbwTFpLFjI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:b6:2f:d9:72:56:1e:2c:df:7b:c2:6a:a1:ef:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9fe0cc3143f99c5e55836a3ff6c0b66fc20c4d5
        Validity
            Not Before: Sep  7 10:00:27 2025 GMT
            Not After : Sep  8 10:00:27 2025 GMT
        Subject: CN=0abf77a080e5602ef891e59910580f25a1b50494
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:d3:42:d2:72:e5:0b:5f:ca:e0:db:72:c8:24:
                    c3:4b:74:04:c2:7f:64:8b:65:55:03:92:9b:84:39:
                    6c:56:87:c5:a4:c9:7f:35:b9:d7:19:ce:b9:1a:b6:
                    76:e8:a1:b5:89:57:c7:81:26:87:e5:b5:b5:6f:64:
                    73:7b:df:bc:65:c5:d1:ac:0d:71:b9:f8:66:83:06:
                    c3:0f:53:a8:0e:62:94:0d:58:a8:e4:3e:37:bc:9a:
                    fc:f1:31:d3:4c:46:81:db:11:0b:88:13:d5:68:7c:
                    d5:d8:1c:08:31:4f:84:ef:4d:92:b4:c5:76:55:75:
                    2a:88:99:4a:61:4d:eb:7f:09:f6:22:36:16:16:4f:
                    b1:ae:6d:04:9b:84:69:9e:72:37:1d:42:3d:a1:8d:
                    14:43:52:76:bc:9e:e7:1b:2d:6d:5d:ea:8f:f9:32:
                    84:0d:36:b2:71:1b:60:0c:86:98:39:34:5a:8a:40:
                    0d:fd:01:8c:38:87:3d:20:f6:d5:fd:35:b6:23:10:
                    af:cc:cc:0d:77:87:c1:ac:b2:e3:c0:8b:97:a9:7e:
                    28:01:77:e2:0c:06:bf:2b:a3:92:2e:9a:19:47:e4:
                    fd:3e:b8:2e:a8:94:6f:9b:fb:88:a6:75:d1:76:fd:
                    bb:c2:d8:1f:84:1e:5d:46:af:22:8f:89:e8:73:71:
                    55:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:BF:77:A0:80:E5:60:2E:F8:91:E5:99:10:58:0F:25:A1:B5:04:94
            X509v3 Authority Key Identifier:
                keyid:D9:FE:0C:C3:14:3F:99:C5:E5:58:36:A3:FF:6C:0B:66:FC:20:C4:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c40db5-8c7b-40b2-b140-26319496d7de/1/2f4MwxQ_mcXlWDaj_2wLZvwgxNU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:1d:ad:a7:22:56:23:02:2c:ca:29:6b:06:87:67:cd:c8:04:
         df:51:57:80:1f:b3:98:d4:33:18:8e:5c:ec:d4:30:2f:4b:3f:
         c5:a6:f0:f0:69:df:6a:47:cd:53:e5:70:4a:a3:c6:97:ce:e2:
         35:b0:1f:a7:f2:03:41:66:4f:d0:14:f3:f8:45:4e:66:b9:90:
         59:3c:b3:20:74:90:f2:55:a5:fa:f1:b2:ff:88:74:0b:67:aa:
         dc:9a:e6:12:36:04:84:a6:fc:45:0c:0c:84:b1:92:4a:70:1d:
         e7:0b:5d:ee:71:f1:42:20:a2:47:d5:be:f2:b5:da:5b:42:ff:
         78:22:3d:23:60:47:bb:89:43:4e:8b:b3:1a:83:df:e7:bd:11:
         0e:c1:e8:3e:17:4a:bf:ee:a6:de:e3:38:f1:af:86:f6:5f:be:
         30:f1:cb:46:97:f5:cf:fa:cd:0c:89:de:73:b8:d4:58:d8:e4:
         7f:27:80:81:2f:ed:a7:36:7e:1e:63:48:1b:1a:b3:98:61:46:
         5d:f0:04:73:65:ea:65:a2:e7:f8:c1:24:44:43:95:43:84:6d:
         45:a6:36:79:09:d6:09:08:79:3f:8c:3d:af:e0:f4:b1:aa:fb:
         a9:74:a6:1e:15:4b:a4:29:57:75:a9:c0:ad:ac:f3:56:d0:3b:
         c6:f3:f8:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnrYv2XJWHizfe8Jqoe/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmUwY2MzMTQzZjk5YzVlNTU4MzZhM2ZmNmMwYjY2ZmMy
MGM0ZDUwHhcNMjUwOTA3MTAwMDI3WhcNMjUwOTA4MTAwMDI3WjAzMTEwLwYDVQQD
EygwYWJmNzdhMDgwZTU2MDJlZjg5MWU1OTkxMDU4MGYyNWExYjUwNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudNC0nLlC1/K4NtyyCTDS3QEwn9k
i2VVA5KbhDlsVofFpMl/NbnXGc65GrZ26KG1iVfHgSaH5bW1b2Rze9+8ZcXRrA1x
ufhmgwbDD1OoDmKUDVio5D43vJr88THTTEaB2xELiBPVaHzV2BwIMU+E702StMV2
VXUqiJlKYU3rfwn2IjYWFk+xrm0Em4RpnnI3HUI9oY0UQ1J2vJ7nGy1tXeqP+TKE
DTaycRtgDIaYOTRaikAN/QGMOIc9IPbV/TW2IxCvzMwNd4fBrLLjwIuXqX4oAXfi
DAa/K6OSLpoZR+T9PrguqJRvm/uIpnXRdv27wtgfhB5dRq8ij4noc3FV+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAq/d6CA5WAu+JHlmRBYDyWhtQSUMB8GA1UdIwQY
MBaAFNn+DMMUP5nF5Vg2o/9sC2b8IMTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAt
MjYzMTk0OTZkN2RlLzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNDBkYjUtOGM3Yi00MGIyLWIxNDAtMjYzMTk0OTZkN2Rl
LzEvMmY0TXd4UV9tY1hsV0Rhal8yd0xadndneE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAR2tpyJW
IwIsyilrBodnzcgE31FXgB+zmNQzGI5c7NQwL0s/xabw8GnfakfNU+VwSqPGl87i
NbAfp/IDQWZP0BTz+EVOZrmQWTyzIHSQ8lWl+vGy/4h0C2eq3JrmEjYEhKb8RQwM
hLGSSnAd5wtd7nHxQiCiR9W+8rXaW0L/eCI9I2BHu4lDTouzGoPf570RDsHoPhdK
v+6m3uM48a+G9l++MPHLRpf1z/rNDInec7jUWNjkfyeAgS/tpzZ+HmNIGxqzmGFG
XfAEc2XqZaLn+MEkREOVQ4RtRaY2eQnWCQh5P4w9r+D0sar7qXSmHhVLpClXdanA
razzVtA7xvP4Gg==
-----END CERTIFICATE-----