Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
File:                     aBHhJcs1cHby-jE4yT6aJoGxeJM.mft (raw, json)
Hash identifier:          i6p/h6HgQiGBVSxgGjXnCxTpR45MVU4PFOSygZZQ218=
Subject key identifier:   2B:7F:96:82:E0:01:25:D7:C7:EA:CF:06:C3:D3:58:45:DA:A9:84:D8
Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
Certificate issuer:       /CN=6811e125cb357076f2fa3138c93e9a2681b17893
Certificate serial:       0199FBEA9313D914D02753F3AF675544E86E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
Manifest number:          16E2
Signing time:             Sun 19 Oct 2025 10:01:18 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:18 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:18 +0000
Files and hashes:         1: aBHhJcs1cHby-jE4yT6aJoGxeJM.crl (hash: Pd+Qm2VS6qTGvgWj2KDmfLneWCHzvWHGkG2CZZSd2qQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:93:13:d9:14:d0:27:53:f3:af:67:55:44:e8:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893
        Validity
            Not Before: Oct 19 10:01:18 2025 GMT
            Not After : Oct 20 10:01:18 2025 GMT
        Subject: CN=2b7f9682e00125d7c7eacf06c3d35845daa984d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:92:37:6d:c6:b5:98:10:45:8d:24:8c:f5:fb:
                    ed:c6:8e:a9:31:1d:68:26:e4:ed:d1:4d:c6:35:b7:
                    0e:8d:af:2a:da:18:26:72:27:26:9a:c0:b0:a3:b7:
                    45:da:52:91:05:ae:0e:11:6d:20:00:3c:ef:63:91:
                    87:41:c7:a6:2e:3e:78:83:41:cd:c5:f9:72:2d:4a:
                    c3:65:df:a1:19:44:76:ec:2c:e3:46:f4:da:de:fc:
                    43:30:64:fd:df:e0:02:2b:42:b2:3a:55:6d:2c:8e:
                    8d:ac:75:b2:06:a0:52:08:0b:2c:fa:8c:e3:9a:33:
                    21:96:d8:53:06:95:72:ec:86:8a:1e:6f:93:0b:b7:
                    17:ad:05:a2:03:ee:dc:2c:61:fb:92:99:96:79:54:
                    da:bd:8a:da:22:6a:f0:6f:8c:6c:97:fe:91:46:f2:
                    24:12:d3:f5:a4:29:31:5a:d8:fc:19:4c:ae:eb:f4:
                    d6:b3:9e:af:ef:5c:71:d5:b1:39:3e:e4:8a:00:cd:
                    81:a5:c5:dd:23:ba:b8:8e:b5:18:a3:c3:39:37:15:
                    9d:44:a1:b2:bc:92:ff:94:8c:65:9e:56:ac:fd:f3:
                    fb:5e:68:b2:23:83:cc:a6:72:63:6b:39:0f:28:84:
                    1e:4c:77:ec:16:e0:22:ae:74:f9:2c:3b:c1:b0:e4:
                    f7:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:7F:96:82:E0:01:25:D7:C7:EA:CF:06:C3:D3:58:45:DA:A9:84:D8
            X509v3 Authority Key Identifier:
                keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:b2:f6:f8:94:98:47:5c:0d:b7:89:6b:87:52:f1:9d:99:ab:
         32:66:09:ca:f7:05:9e:0d:96:5d:79:3e:20:ee:fa:c0:f1:2a:
         f9:07:be:12:07:bf:98:2f:75:67:10:9e:1d:33:06:92:87:d6:
         e5:a8:b8:4e:8a:7b:51:c2:32:2b:ba:3e:b5:89:e2:26:9c:aa:
         93:87:29:83:89:a6:b0:a8:55:ba:40:37:b1:2b:65:c8:58:dd:
         45:3d:16:00:6a:f0:4b:e0:62:df:73:17:45:eb:6f:89:c6:ce:
         83:78:38:68:c2:8c:90:98:1c:28:77:a5:3c:33:a7:0a:b6:3b:
         d3:46:67:ae:00:f6:03:be:df:16:59:2a:c8:5a:1c:06:84:a2:
         36:76:bb:68:65:5d:36:b9:fb:6a:cc:7e:a6:6c:67:a1:6d:57:
         db:b8:04:d2:bc:d6:88:4f:ba:04:07:d4:12:7c:86:a6:96:a7:
         78:18:b9:88:5a:2b:c2:d4:28:b1:16:b3:f6:53:85:ad:b1:9b:
         27:5c:d9:e7:af:29:8d:e5:31:d2:d5:1a:e9:05:ab:c8:23:f4:
         36:4e:0c:25:eb:64:49:ef:1e:9c:4b:a8:5d:e9:4e:91:99:78:
         00:e0:99:86:4a:13:4a:32:83:08:fd:30:d6:a4:a0:fb:cb:24:
         2b:50:43:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76pMT2RTQJ1Pzr2dVROhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTFlMTI1Y2IzNTcwNzZmMmZhMzEzOGM5M2U5YTI2ODFi
MTc4OTMwHhcNMjUxMDE5MTAwMTE4WhcNMjUxMDIwMTAwMTE4WjAzMTEwLwYDVQQD
EygyYjdmOTY4MmUwMDEyNWQ3YzdlYWNmMDZjM2QzNTg0NWRhYTk4NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA95I3bca1mBBFjSSM9fvtxo6pMR1o
JuTt0U3GNbcOja8q2hgmcicmmsCwo7dF2lKRBa4OEW0gADzvY5GHQcemLj54g0HN
xflyLUrDZd+hGUR27CzjRvTa3vxDMGT93+ACK0KyOlVtLI6NrHWyBqBSCAss+ozj
mjMhlthTBpVy7IaKHm+TC7cXrQWiA+7cLGH7kpmWeVTavYraImrwb4xsl/6RRvIk
EtP1pCkxWtj8GUyu6/TWs56v71xx1bE5PuSKAM2BpcXdI7q4jrUYo8M5NxWdRKGy
vJL/lIxlnlas/fP7XmiyI4PMpnJjazkPKIQeTHfsFuAirnT5LDvBsOT3BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCt/loLgASXXx+rPBsPTWEXaqYTYMB8GA1UdIwQY
MBaAFGgR4SXLNXB28voxOMk+miaBsXiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2Et
Y2Q0Mzk0OTJiN2FlLzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2EtY2Q0Mzk0OTJiN2Fl
LzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVbL2+JSY
R1wNt4lrh1LxnZmrMmYJyvcFng2WXXk+IO76wPEq+Qe+Ege/mC91ZxCeHTMGkofW
5ai4Top7UcIyK7o+tYniJpyqk4cpg4mmsKhVukA3sStlyFjdRT0WAGrwS+Bi33MX
RetvicbOg3g4aMKMkJgcKHelPDOnCrY700ZnrgD2A77fFlkqyFocBoSiNna7aGVd
Nrn7asx+pmxnoW1X27gE0rzWiE+6BAfUEnyGppaneBi5iForwtQosRaz9lOFrbGb
J1zZ568pjeUx0tUa6QWryCP0Nk4MJetkSe8enEuoXelOkZl4AOCZhkoTSjKDCP0w
1qSg+8skK1BDIg==
-----END CERTIFICATE-----