Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft
File:                     2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft (raw, json)
Hash identifier:          8D1XO8NTV7og7yAwph3VXi8n5Qgj49ZtkdTL227NLBo=
Subject key identifier:   E1:25:B7:C5:08:D3:59:89:20:0D:D8:AE:3F:B6:0A:A5:A2:56:63:1C
Authority key identifier: D8:76:63:C5:E1:4F:13:74:6C:80:F6:0B:A3:63:49:3D:9A:49:34:CC
Certificate issuer:       /CN=d87663c5e14f13746c80f60ba363493d9a4934cc
Certificate serial:       0199FBB36BBC512ECA6902F3824FFF7A468A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2HZjxeFPE3RsgPYLo2NJPZpJNMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft
Manifest number:          077C
Signing time:             Sun 19 Oct 2025 09:01:03 +0000
Manifest this update:     Sun 19 Oct 2025 09:01:03 +0000
Manifest next update:     Mon 20 Oct 2025 09:01:03 +0000
Files and hashes:         1: 2HZjxeFPE3RsgPYLo2NJPZpJNMw.crl (hash: 2rUJXxNX6ES1HO0jJJjcIKCEzTcm8PgLqoOQ15fhzCU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2HZjxeFPE3RsgPYLo2NJPZpJNMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:b3:6b:bc:51:2e:ca:69:02:f3:82:4f:ff:7a:46:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87663c5e14f13746c80f60ba363493d9a4934cc
        Validity
            Not Before: Oct 19 09:01:03 2025 GMT
            Not After : Oct 20 09:01:03 2025 GMT
        Subject: CN=e125b7c508d35989200dd8ae3fb60aa5a256631c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4c:86:8a:bb:04:09:4a:34:8e:c3:12:61:76:
                    f3:75:70:65:5b:1f:92:85:d5:34:59:21:ff:8d:49:
                    7c:be:12:d4:1d:35:44:86:5a:e5:76:5e:a0:b4:d7:
                    73:20:b5:48:68:e7:ed:4d:cf:40:6f:8a:2d:27:33:
                    27:34:4a:8f:60:85:55:71:29:53:60:1c:47:7b:c9:
                    bb:34:b4:16:b1:df:66:00:31:a8:dc:27:ac:cf:a5:
                    2c:a3:b1:e4:b6:81:2f:b7:5e:6a:8a:54:48:70:09:
                    05:3e:e6:b1:8c:6e:31:5a:43:01:cf:31:aa:c3:21:
                    e0:57:db:b1:74:f9:85:5e:d7:cf:79:15:ed:62:76:
                    51:17:44:f2:f4:c6:39:44:08:d7:b0:9f:04:c9:46:
                    59:d4:5a:64:ca:dc:23:d5:f9:7d:c6:b9:6d:c2:63:
                    84:62:88:70:bf:b4:38:ac:20:90:98:d4:bd:a9:3b:
                    ad:f0:8b:ab:84:7e:54:94:f1:48:85:28:8b:c5:1d:
                    da:27:31:c2:f5:95:a0:2a:28:88:d5:2f:50:72:50:
                    b8:1c:70:3e:62:d1:be:20:14:f1:cc:c6:be:b2:42:
                    22:f0:ee:5b:d3:b9:ea:d7:24:55:e6:44:7e:5d:e0:
                    81:5c:fd:05:d8:12:56:82:e4:06:03:de:90:c7:12:
                    12:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:25:B7:C5:08:D3:59:89:20:0D:D8:AE:3F:B6:0A:A5:A2:56:63:1C
            X509v3 Authority Key Identifier:
                keyid:D8:76:63:C5:E1:4F:13:74:6C:80:F6:0B:A3:63:49:3D:9A:49:34:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HZjxeFPE3RsgPYLo2NJPZpJNMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/10ef17-e107-49da-8190-d99da970ffa2/1/2HZjxeFPE3RsgPYLo2NJPZpJNMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:a2:72:e9:c3:25:c3:f0:57:7c:24:4e:87:6e:80:ad:3b:1c:
         7d:13:c4:97:35:54:8f:29:ec:4f:06:e1:c6:7e:a7:2a:b8:9c:
         9e:17:f8:ef:af:1b:bd:96:ce:0b:76:3e:33:ce:8d:b6:a7:b0:
         62:ed:61:7e:b4:4f:c4:1c:cf:9a:ae:ef:f4:4e:db:2d:74:ce:
         8f:64:9d:bb:a8:69:1d:0e:4a:16:ad:4f:a9:8d:23:35:d8:95:
         ce:37:76:e5:c9:c2:88:18:42:c0:63:a3:ca:f8:39:28:9b:e6:
         e5:0a:85:11:dc:4b:b8:50:4c:73:da:ea:30:42:68:f9:d0:a0:
         48:f8:e7:04:8a:95:6f:a2:7d:be:c1:dc:26:5a:4e:c0:12:d7:
         eb:48:ff:af:c1:a9:cc:d2:57:bc:3c:d5:77:e6:a5:f9:3b:e9:
         15:31:27:72:84:f1:47:c1:d2:e5:63:f0:3c:f3:9b:12:0e:a8:
         41:67:78:9f:40:6a:c5:7d:84:50:11:6c:da:0c:4d:d4:8c:86:
         0d:f0:f4:a9:b0:03:d5:7b:68:80:d8:2d:96:70:59:b3:ea:85:
         15:19:75:3a:f4:c1:5f:65:a3:5c:2a:36:21:64:6a:6a:a5:aa:
         22:01:36:fb:20:53:cb:70:45:a2:17:cf:74:e7:88:77:99:10:
         e7:57:ca:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7s2u8US7KaQLzgk//ekaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzY2M2M1ZTE0ZjEzNzQ2YzgwZjYwYmEzNjM0OTNkOWE0
OTM0Y2MwHhcNMjUxMDE5MDkwMTAzWhcNMjUxMDIwMDkwMTAzWjAzMTEwLwYDVQQD
EyhlMTI1YjdjNTA4ZDM1OTg5MjAwZGQ4YWUzZmI2MGFhNWEyNTY2MzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEyGirsECUo0jsMSYXbzdXBlWx+S
hdU0WSH/jUl8vhLUHTVEhlrldl6gtNdzILVIaOftTc9Ab4otJzMnNEqPYIVVcSlT
YBxHe8m7NLQWsd9mADGo3Cesz6Uso7HktoEvt15qilRIcAkFPuaxjG4xWkMBzzGq
wyHgV9uxdPmFXtfPeRXtYnZRF0Ty9MY5RAjXsJ8EyUZZ1Fpkytwj1fl9xrltwmOE
Yohwv7Q4rCCQmNS9qTut8IurhH5UlPFIhSiLxR3aJzHC9ZWgKiiI1S9QclC4HHA+
YtG+IBTxzMa+skIi8O5b07nq1yRV5kR+XeCBXP0F2BJWguQGA96QxxIS5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOElt8UI01mJIA3Yrj+2CqWiVmMcMB8GA1UdIwQY
MBaAFNh2Y8XhTxN0bID2C6NjST2aSTTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhaanhlRlBFM1JzZ1BZTG8yTkpQWnBKTk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xMGVmMTctZTEwNy00OWRhLTgxOTAt
ZDk5ZGE5NzBmZmEyLzEvMkhaanhlRlBFM1JzZ1BZTG8yTkpQWnBKTk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8xMGVmMTctZTEwNy00OWRhLTgxOTAtZDk5ZGE5NzBmZmEy
LzEvMkhaanhlRlBFM1JzZ1BZTG8yTkpQWnBKTk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtKJy6cMl
w/BXfCROh26ArTscfRPElzVUjynsTwbhxn6nKricnhf4768bvZbOC3Y+M86Ntqew
Yu1hfrRPxBzPmq7v9E7bLXTOj2Sdu6hpHQ5KFq1PqY0jNdiVzjd25cnCiBhCwGOj
yvg5KJvm5QqFEdxLuFBMc9rqMEJo+dCgSPjnBIqVb6J9vsHcJlpOwBLX60j/r8Gp
zNJXvDzVd+al+TvpFTEncoTxR8HS5WPwPPObEg6oQWd4n0BqxX2EUBFs2gxN1IyG
DfD0qbAD1XtogNgtlnBZs+qFFRl1OvTBX2WjXCo2IWRqaqWqIgE2+yBTy3BFohfP
dOeId5kQ51fKWg==
-----END CERTIFICATE-----