Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          44of1Ak/mlEQE4ON4AVcYTw55QwznbHWRq2cGHr5RBY=
Subject key identifier:   0D:0D:7F:3F:ED:F7:86:13:67:E2:DA:5F:0F:2C:84:56:9D:93:4F:A0
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       0199FDD9F72BB1DF1DC566E2DD90C165752C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0DC4
Signing time:             Sun 19 Oct 2025 19:02:24 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:24 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:24 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: yFWVCmZbKPysqe1xwJCJPW2CPmFktw8Bbcejg/lgfn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:f7:2b:b1:df:1d:c5:66:e2:dd:90:c1:65:75:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Oct 19 19:02:24 2025 GMT
            Not After : Oct 20 19:02:24 2025 GMT
        Subject: CN=0d0d7f3fedf7861367e2da5f0f2c84569d934fa0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:4e:79:73:c4:15:86:1f:1f:00:25:13:a9:44:
                    65:b7:4f:28:5c:94:a0:e7:14:d9:e5:64:65:a3:07:
                    89:00:1a:0d:9d:f6:a6:de:9b:05:b9:4f:22:79:92:
                    04:29:9e:2c:f1:2d:a2:e3:a3:93:99:e7:0d:6a:74:
                    dc:19:2a:41:be:79:95:b6:ba:70:66:21:f8:32:1f:
                    dc:79:23:0c:b0:25:91:a2:a5:ef:5a:c2:ad:87:da:
                    5a:91:b7:b6:2e:67:58:81:75:1a:65:9a:bd:26:6f:
                    98:96:e7:c3:5e:79:48:19:46:98:21:7b:93:26:88:
                    eb:05:77:94:53:b1:14:86:16:01:0f:33:db:6f:c9:
                    dd:81:b8:bf:20:eb:2c:26:0f:1b:d9:ec:8b:c5:ff:
                    0e:fc:0c:c8:50:37:da:b6:fb:af:7b:eb:93:3f:97:
                    d5:a9:00:57:ec:33:3d:9c:08:b6:19:3c:a6:3a:73:
                    d2:8d:a9:b3:68:51:70:10:98:77:55:5f:63:3d:ff:
                    b6:85:0a:7c:68:5d:f1:78:16:56:bb:b1:28:db:cf:
                    7d:79:07:99:9e:8f:a8:43:48:a7:f7:10:27:53:86:
                    fb:b1:70:ed:ce:91:f5:40:9c:1e:98:58:61:0a:8d:
                    1d:18:43:9d:f2:8d:dd:21:c5:e2:c8:28:13:47:13:
                    65:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:0D:7F:3F:ED:F7:86:13:67:E2:DA:5F:0F:2C:84:56:9D:93:4F:A0
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:14:9c:84:48:9e:33:f5:99:a2:e9:f6:04:7d:2c:ae:93:b4:
         46:d4:65:79:dc:87:bb:78:87:75:c8:c4:90:68:b4:be:29:ce:
         49:76:27:c4:3d:1e:84:f6:8e:c5:53:57:b5:e3:8d:f4:41:c6:
         57:f9:4c:b7:ee:25:f9:11:12:7f:ca:67:65:82:51:9f:35:cc:
         69:18:f0:0b:5b:1a:2e:fd:50:f5:22:a2:85:b3:c1:66:11:f0:
         11:59:ec:4e:bc:60:f4:71:96:58:e0:0c:86:b7:1e:7e:ab:d5:
         23:cf:9c:20:56:55:2e:e2:27:3a:92:b8:26:8e:b9:22:96:f5:
         3d:d4:87:6d:dd:26:af:b2:30:68:a1:b6:37:95:36:6d:de:13:
         7e:f0:d7:5c:e6:03:95:9f:72:a7:c6:5b:b0:e6:83:35:0c:cd:
         86:2f:f8:78:93:e9:de:d2:49:c4:ce:fe:41:08:66:a4:f6:1e:
         77:43:cd:ee:25:94:0e:80:98:93:e6:48:01:f7:86:6b:61:07:
         4b:cd:8d:38:1f:19:42:d6:90:a3:04:5b:6c:06:b9:ce:8e:28:
         51:28:95:c6:bd:13:44:ad:89:c0:96:70:9a:f5:94:4d:07:e6:
         68:ae:79:f0:0e:e8:ad:98:e7:7c:0a:16:02:4d:b9:3f:4b:bb:
         3e:85:e4:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92fcrsd8dxWbi3ZDBZXUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjUxMDE5MTkwMjI0WhcNMjUxMDIwMTkwMjI0WjAzMTEwLwYDVQQD
EygwZDBkN2YzZmVkZjc4NjEzNjdlMmRhNWYwZjJjODQ1NjlkOTM0ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE55c8QVhh8fACUTqURlt08oXJSg
5xTZ5WRloweJABoNnfam3psFuU8ieZIEKZ4s8S2i46OTmecNanTcGSpBvnmVtrpw
ZiH4Mh/ceSMMsCWRoqXvWsKth9pakbe2LmdYgXUaZZq9Jm+YlufDXnlIGUaYIXuT
JojrBXeUU7EUhhYBDzPbb8ndgbi/IOssJg8b2eyLxf8O/AzIUDfatvuve+uTP5fV
qQBX7DM9nAi2GTymOnPSjamzaFFwEJh3VV9jPf+2hQp8aF3xeBZWu7Eo2899eQeZ
no+oQ0in9xAnU4b7sXDtzpH1QJwemFhhCo0dGEOd8o3dIcXiyCgTRxNlUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0Nfz/t94YTZ+LaXw8shFadk0+gMB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxSchEie
M/WZoun2BH0srpO0RtRledyHu3iHdcjEkGi0vinOSXYnxD0ehPaOxVNXteON9EHG
V/lMt+4l+RESf8pnZYJRnzXMaRjwC1saLv1Q9SKihbPBZhHwEVnsTrxg9HGWWOAM
hrcefqvVI8+cIFZVLuInOpK4Jo65Ipb1PdSHbd0mr7IwaKG2N5U2bd4TfvDXXOYD
lZ9yp8ZbsOaDNQzNhi/4eJPp3tJJxM7+QQhmpPYed0PN7iWUDoCYk+ZIAfeGa2EH
S82NOB8ZQtaQowRbbAa5zo4oUSiVxr0TRK2JwJZwmvWUTQfmaK558A7orZjnfAoW
Ak25P0u7PoXkHQ==
-----END CERTIFICATE-----