Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
File:                     2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft (raw, json)
Hash identifier:          uhqGyWawDMztkgT5pDoFz12Ap2rB4A4NtSbeZ2FCGqM=
Subject key identifier:   A1:28:FB:38:9B:D8:9F:D7:97:A4:38:30:EB:9E:4B:B6:84:94:C1:6B
Authority key identifier: DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34
Certificate issuer:       /CN=db211be3755559ca102520c13670d08580d70334
Certificate serial:       019A725CA6BB8671B0B0724E0108A90A01B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
Manifest number:          0C
Signing time:             Tue 11 Nov 2025 10:01:05 +0000
Manifest this update:     Tue 11 Nov 2025 10:01:05 +0000
Manifest next update:     Wed 12 Nov 2025 10:01:05 +0000
Files and hashes:         1: 2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl (hash: aN/dzOkInme4V6TMYkwTiSAtSNqIqYRlnUaaxokIC6A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:5c:a6:bb:86:71:b0:b0:72:4e:01:08:a9:0a:01:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db211be3755559ca102520c13670d08580d70334
        Validity
            Not Before: Nov 11 10:01:05 2025 GMT
            Not After : Nov 12 10:01:05 2025 GMT
        Subject: CN=a128fb389bd89fd797a43830eb9e4bb68494c16b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:f4:f0:24:a7:b5:d0:8b:42:1d:e0:c7:07:1d:
                    d4:e3:4a:6f:15:56:95:cf:6b:93:91:ac:0c:4f:42:
                    49:d2:ab:bc:d2:17:17:85:70:0b:01:70:ea:55:c2:
                    9c:3a:06:d3:e7:1e:4f:bb:e3:30:7e:95:27:5e:e6:
                    27:cd:82:be:2e:a9:f7:6d:45:68:d2:a0:60:c7:72:
                    20:85:b1:c8:46:ee:a1:e4:e1:62:16:4b:81:3c:12:
                    71:74:06:dd:2e:e1:28:d4:fb:29:5b:a3:69:7c:b2:
                    7e:c9:1e:55:6f:76:a0:bc:db:8d:73:29:bf:f1:a6:
                    c7:17:49:95:60:e8:f0:7e:5e:41:e3:6d:4e:28:3e:
                    48:00:3d:db:76:5e:38:a9:36:8c:c8:8d:cc:94:2e:
                    58:a6:87:0f:83:b5:be:f2:1d:c5:e4:0e:e2:38:95:
                    e4:ae:fe:88:06:ea:ef:5e:ab:f8:ce:f3:c9:bb:70:
                    a5:c4:f4:63:57:11:61:2d:29:90:05:e5:62:cd:d8:
                    59:0e:4c:bd:79:88:a9:82:3b:b3:fb:15:1d:15:6c:
                    0e:66:4e:d4:b9:21:ce:b0:6c:ac:eb:11:be:3f:3b:
                    e6:bd:70:dc:70:7b:c3:7d:5b:87:10:a7:02:0b:46:
                    f3:6c:45:83:7b:85:25:9b:1e:96:ef:94:56:a4:85:
                    13:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:28:FB:38:9B:D8:9F:D7:97:A4:38:30:EB:9E:4B:B6:84:94:C1:6B
            X509v3 Authority Key Identifier:
                keyid:DB:21:1B:E3:75:55:59:CA:10:25:20:C1:36:70:D0:85:80:D7:03:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yEb43VVWcoQJSDBNnDQhYDXAzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f17c9b-5767-4edd-907c-87a1941f1be3/1/2yEb43VVWcoQJSDBNnDQhYDXAzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:a8:5b:19:33:27:dc:62:4c:6a:fc:a2:99:37:18:34:f8:c2:
         04:eb:07:99:d0:3c:69:03:05:34:37:92:f7:b3:e9:45:a6:4f:
         d0:2d:79:fe:98:c4:0e:a4:20:59:93:4f:31:cf:6c:15:0e:23:
         ed:1b:01:db:a0:16:aa:9a:44:7a:90:d2:f0:49:64:24:e6:e8:
         85:37:34:89:95:77:08:25:1d:eb:a7:36:6d:b8:4c:66:74:62:
         6e:07:e3:6b:7c:bf:9b:c8:8b:9b:98:0e:0e:dd:67:b0:56:d5:
         db:6b:6f:cf:a0:5e:5c:b4:ee:17:61:0f:af:b7:ca:70:c3:d9:
         b3:db:56:5f:b6:c3:6d:7b:87:4b:59:72:a2:8d:4f:28:e5:0a:
         cc:c3:65:91:ce:3a:c0:19:1a:c0:43:9d:d4:e8:25:2d:28:c1:
         1e:15:92:bf:5a:d7:ea:8b:24:0f:72:9d:23:8b:5f:49:ee:38:
         45:d6:a0:8e:02:30:94:7a:f2:89:f7:c2:84:8f:e8:e0:8c:07:
         64:92:94:8a:fc:39:ac:7b:6c:10:5a:87:be:a7:98:c7:05:b8:
         89:aa:bd:5a:3c:dc:32:7d:f1:58:82:5e:e1:d2:30:99:7d:6a:
         1c:dd:e4:30:34:25:91:98:f2:46:de:91:df:a1:6d:a8:2b:d1:
         05:24:ff:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXKa7hnGwsHJOAQipCgG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjExYmUzNzU1NTU5Y2ExMDI1MjBjMTM2NzBkMDg1ODBk
NzAzMzQwHhcNMjUxMTExMTAwMTA1WhcNMjUxMTEyMTAwMTA1WjAzMTEwLwYDVQQD
EyhhMTI4ZmIzODliZDg5ZmQ3OTdhNDM4MzBlYjllNGJiNjg0OTRjMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fTwJKe10ItCHeDHBx3U40pvFVaV
z2uTkawMT0JJ0qu80hcXhXALAXDqVcKcOgbT5x5Pu+MwfpUnXuYnzYK+Lqn3bUVo
0qBgx3IghbHIRu6h5OFiFkuBPBJxdAbdLuEo1PspW6NpfLJ+yR5Vb3agvNuNcym/
8abHF0mVYOjwfl5B421OKD5IAD3bdl44qTaMyI3MlC5YpocPg7W+8h3F5A7iOJXk
rv6IBurvXqv4zvPJu3ClxPRjVxFhLSmQBeVizdhZDky9eYipgjuz+xUdFWwOZk7U
uSHOsGys6xG+PzvmvXDccHvDfVuHEKcCC0bzbEWDe4Ulmx6W75RWpIUT6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEo+zib2J/Xl6Q4MOueS7aElMFrMB8GA1UdIwQY
MBaAFNshG+N1VVnKECUgwTZw0IWA1wM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2Mt
ODdhMTk0MWYxYmUzLzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mMTdjOWItNTc2Ny00ZWRkLTkwN2MtODdhMTk0MWYxYmUz
LzEvMnlFYjQzVlZXY29RSlNEQk5uRFFoWURYQXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANqhbGTMn
3GJMavyimTcYNPjCBOsHmdA8aQMFNDeS97PpRaZP0C15/pjEDqQgWZNPMc9sFQ4j
7RsB26AWqppEepDS8ElkJObohTc0iZV3CCUd66c2bbhMZnRibgfja3y/m8iLm5gO
Dt1nsFbV22tvz6BeXLTuF2EPr7fKcMPZs9tWX7bDbXuHS1lyoo1PKOUKzMNlkc46
wBkawEOd1OglLSjBHhWSv1rX6oskD3KdI4tfSe44RdagjgIwlHryiffChI/o4IwH
ZJKUivw5rHtsEFqHvqeYxwW4iaq9WjzcMn3xWIJe4dIwmX1qHN3kMDQlkZjyRt6R
36FtqCvRBST/iQ==
-----END CERTIFICATE-----