Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
File:                     MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft (raw, json)
Hash identifier:          1cq/FdpA7d9p37xJaxRBk+IaQ6Ci72hNgHouttL5Cv0=
Subject key identifier:   4C:A3:FD:7F:A4:6C:BB:1B:20:D9:FD:45:2A:C2:E5:3B:97:DD:8D:B0
Authority key identifier: 31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F
Certificate issuer:       /CN=313da19357cbc67da7d55fa35aab3695bc04d04f
Certificate serial:       019A71B7D0E502F50D53AB59F4204A342262
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
Manifest number:          0A8E
Signing time:             Tue 11 Nov 2025 07:01:03 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:03 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:03 +0000
Files and hashes:         1: MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl (hash: 9QmnL4EfX8j9cyhqPpHqSh7KvqrQUsKGLLhfML6/qNA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:d0:e5:02:f5:0d:53:ab:59:f4:20:4a:34:22:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313da19357cbc67da7d55fa35aab3695bc04d04f
        Validity
            Not Before: Nov 11 07:01:03 2025 GMT
            Not After : Nov 12 07:01:03 2025 GMT
        Subject: CN=4ca3fd7fa46cbb1b20d9fd452ac2e53b97dd8db0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:5e:49:19:55:b8:c5:71:d6:db:a2:f6:61:0f:
                    48:46:35:66:79:b5:72:3e:4b:f2:41:07:f5:27:75:
                    e5:35:7e:d1:3b:0e:a2:21:1f:3f:77:5f:7e:e7:4d:
                    cf:f2:4a:83:13:8c:c3:08:95:80:39:3e:bd:9e:dc:
                    ed:14:53:32:51:8e:b5:f9:a0:45:83:a0:58:53:1d:
                    01:6d:b3:bd:0b:75:4e:0b:74:c5:59:ea:fb:8f:4d:
                    e3:03:7a:00:04:77:94:e4:e3:fb:8b:1f:8d:96:d5:
                    a1:1c:58:10:93:d6:e5:78:64:51:22:2a:54:88:63:
                    eb:c4:8a:7a:58:53:40:f2:82:9d:45:8c:61:2b:a6:
                    89:1b:77:2a:fe:84:36:16:2b:fa:2a:a1:ba:6c:14:
                    de:58:29:56:ea:fe:d4:96:33:89:c1:df:de:41:b8:
                    4a:ed:0d:57:04:29:31:3f:3a:d3:4b:36:02:8e:8f:
                    10:ca:34:04:85:c0:8d:12:24:29:64:5c:b2:4f:8a:
                    89:70:f8:a5:11:2a:2f:51:21:d6:02:7b:be:3b:a3:
                    d4:71:a0:00:6b:df:1d:c7:e7:b5:26:6d:6d:f6:9f:
                    59:97:4e:e1:ab:bf:71:cb:af:21:ea:59:6b:7b:f0:
                    d3:6e:c4:15:2c:8d:f4:ba:11:53:88:4c:83:32:ed:
                    db:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:A3:FD:7F:A4:6C:BB:1B:20:D9:FD:45:2A:C2:E5:3B:97:DD:8D:B0
            X509v3 Authority Key Identifier:
                keyid:31:3D:A1:93:57:CB:C6:7D:A7:D5:5F:A3:5A:AB:36:95:BC:04:D0:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT2hk1fLxn2n1V-jWqs2lbwE0E8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/063bc3-8c76-475e-b9f1-f0bbbebbd6a9/1/MT2hk1fLxn2n1V-jWqs2lbwE0E8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:c4:e7:e4:a1:39:fb:37:d2:f8:bf:a4:70:de:29:b1:2e:2d:
         cd:f3:c5:a0:23:e1:cf:ba:a2:b2:45:ae:d4:2d:80:cc:e8:f2:
         24:f4:ad:00:aa:a8:a7:f3:71:27:74:64:a9:3b:bb:c3:41:e6:
         70:1f:12:04:4d:f0:11:d0:67:87:8d:94:6e:1e:84:73:21:d4:
         e6:40:6a:4d:cd:89:4b:a1:8f:96:83:70:07:d2:cf:1e:4c:94:
         a1:b1:42:6d:5e:0d:52:87:fb:24:de:3a:b7:e2:b0:a4:3d:4a:
         79:a0:97:c9:5c:0c:d7:f7:80:e7:15:a5:17:e7:54:56:85:11:
         fe:66:05:8f:59:2e:e0:db:17:f6:93:6a:cc:f9:55:23:82:4f:
         f4:dc:1b:5f:8a:47:87:27:9a:01:34:7b:4f:41:79:97:51:d3:
         b1:f7:7f:f6:b2:dd:f3:d6:b6:58:b6:ab:11:d1:54:6c:ad:51:
         9c:cf:f3:d0:fb:6d:15:72:a4:4f:e8:2c:57:44:0a:4f:ed:63:
         0f:a4:40:10:b1:53:51:7b:95:fd:73:7d:23:82:a8:13:8c:0a:
         1a:6f:26:74:f4:75:9e:3e:1f:10:93:a5:2c:d5:82:b7:4e:f5:
         b5:c7:e2:30:48:62:58:2a:c8:5d:b7:d1:d3:01:5c:bb:59:65:
         35:38:52:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9DlAvUNU6tZ9CBKNCJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RhMTkzNTdjYmM2N2RhN2Q1NWZhMzVhYWIzNjk1YmMw
NGQwNGYwHhcNMjUxMTExMDcwMTAzWhcNMjUxMTEyMDcwMTAzWjAzMTEwLwYDVQQD
Eyg0Y2EzZmQ3ZmE0NmNiYjFiMjBkOWZkNDUyYWMyZTUzYjk3ZGQ4ZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0l5JGVW4xXHW26L2YQ9IRjVmebVy
PkvyQQf1J3XlNX7ROw6iIR8/d19+503P8kqDE4zDCJWAOT69ntztFFMyUY61+aBF
g6BYUx0BbbO9C3VOC3TFWer7j03jA3oABHeU5OP7ix+NltWhHFgQk9bleGRRIipU
iGPrxIp6WFNA8oKdRYxhK6aJG3cq/oQ2Fiv6KqG6bBTeWClW6v7UljOJwd/eQbhK
7Q1XBCkxPzrTSzYCjo8QyjQEhcCNEiQpZFyyT4qJcPilESovUSHWAnu+O6PUcaAA
a98dx+e1Jm1t9p9Zl07hq79xy68h6llre/DTbsQVLI30uhFTiEyDMu3bNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyj/X+kbLsbINn9RSrC5TuX3Y2wMB8GA1UdIwQY
MBaAFDE9oZNXy8Z9p9Vfo1qrNpW8BNBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEt
ZjBiYmJlYmJkNmE5LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wNjNiYzMtOGM3Ni00NzVlLWI5ZjEtZjBiYmJlYmJkNmE5
LzEvTVQyaGsxZkx4bjJuMVYtaldxczJsYndFMEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKMTn5KE5
+zfS+L+kcN4psS4tzfPFoCPhz7qiskWu1C2AzOjyJPStAKqop/NxJ3RkqTu7w0Hm
cB8SBE3wEdBnh42Ubh6EcyHU5kBqTc2JS6GPloNwB9LPHkyUobFCbV4NUof7JN46
t+KwpD1KeaCXyVwM1/eA5xWlF+dUVoUR/mYFj1ku4NsX9pNqzPlVI4JP9NwbX4pH
hyeaATR7T0F5l1HTsfd/9rLd89a2WLarEdFUbK1RnM/z0PttFXKkT+gsV0QKT+1j
D6RAELFTUXuV/XN9I4KoE4wKGm8mdPR1nj4fEJOlLNWCt071tcfiMEhiWCrIXbfR
0wFcu1llNThSMQ==
-----END CERTIFICATE-----