Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          WrrfHiqCabSYN0RpeNG82IPi/1a7bYJvznwIcE2je7M=
Subject key identifier:   9D:0A:31:4C:D0:DC:A5:1B:37:86:CB:04:AC:32:C2:72:80:32:72:AE
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       0199FCC67FB96F89870418BAF91C0723E40D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0AEF
Signing time:             Sun 19 Oct 2025 14:01:31 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:31 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:31 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: MO/nMj4Ee2DRhyAgFNVrQz7P2zETlMggg2+sUU87JUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:7f:b9:6f:89:87:04:18:ba:f9:1c:07:23:e4:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Oct 19 14:01:31 2025 GMT
            Not After : Oct 20 14:01:31 2025 GMT
        Subject: CN=9d0a314cd0dca51b3786cb04ac32c272803272ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:cd:a3:12:d2:6b:fa:09:ba:31:38:16:b3:95:
                    af:e0:ae:3e:b4:55:76:73:d1:a3:eb:b7:99:ec:cc:
                    13:fd:82:06:cb:02:fb:6d:54:0f:f2:82:1b:7d:89:
                    dd:08:1b:9e:f5:b6:19:54:af:b0:23:d0:84:bf:75:
                    b7:eb:ae:b2:30:a4:07:83:9a:46:0d:c1:c8:a2:56:
                    49:1c:27:32:6f:10:47:ad:ed:3b:8a:cc:00:1a:bb:
                    70:88:5f:ad:9a:30:af:fb:a6:47:0a:26:c8:6f:c9:
                    65:fa:ac:bb:bf:c6:90:fe:81:90:37:f0:3e:2f:49:
                    9f:a5:11:82:89:81:a5:c5:7f:23:25:13:30:d0:99:
                    93:c6:71:6a:39:71:53:c6:04:cc:38:58:12:dc:63:
                    02:12:9a:80:45:45:4a:e4:10:7d:57:74:b7:c0:18:
                    55:e3:5f:18:d6:b0:99:24:be:91:39:76:8a:09:99:
                    e9:c8:fd:e0:bc:fa:0f:d7:3b:d8:27:12:1b:19:0d:
                    bb:70:44:70:88:3f:62:88:18:7f:2e:74:a8:0a:3f:
                    f9:8e:f6:5a:1b:cd:13:9a:43:f3:27:c7:90:ef:09:
                    05:4d:7e:d7:d2:c0:28:bf:a5:74:a3:64:90:c4:fa:
                    22:ed:f2:19:23:b7:7c:3b:d0:3a:61:8b:54:09:cb:
                    25:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:0A:31:4C:D0:DC:A5:1B:37:86:CB:04:AC:32:C2:72:80:32:72:AE
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:28:c7:d4:5a:89:d3:23:3d:a9:11:74:b3:ae:78:8d:c3:04:
         86:a1:4a:7c:f3:8c:62:0d:ee:9b:ff:1a:7a:d9:02:53:6a:9a:
         8a:f1:8e:cf:9f:bf:5a:d7:b8:7d:fa:fa:d0:44:95:18:af:91:
         5e:2b:4f:a5:07:72:e4:cc:6d:a4:6e:46:96:fe:6e:5c:a6:6d:
         d4:5d:f0:e7:c4:6a:62:81:38:75:fd:c8:ae:4a:d4:c5:f9:d9:
         ae:75:05:2b:33:d6:13:53:b5:67:fa:47:c8:f3:c6:d6:8c:87:
         75:eb:70:0c:6f:78:6e:82:e2:e4:cb:55:19:68:72:c0:e0:fa:
         7e:af:e6:a7:58:d7:7e:d6:aa:44:7d:00:e4:4e:a6:f0:7d:14:
         57:53:25:df:f4:4a:8d:ca:e9:0a:43:93:3d:55:69:e9:fe:71:
         28:57:f5:94:d6:a4:9e:96:84:63:36:06:10:27:f4:d4:3d:5f:
         87:13:5c:67:1a:51:c2:28:63:15:21:c8:39:02:79:80:df:d4:
         cf:2a:80:41:96:af:58:49:96:d0:50:3b:15:1a:2c:94:d2:99:
         55:86:49:d2:96:0e:a8:60:8a:7a:e0:c0:79:a1:f0:9b:a9:3f:
         a7:63:02:6f:91:14:f5:7c:97:27:75:97:f4:bb:84:b6:e8:74:
         c1:b8:b8:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xn+5b4mHBBi6+RwHI+QNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjUxMDE5MTQwMTMxWhcNMjUxMDIwMTQwMTMxWjAzMTEwLwYDVQQD
Eyg5ZDBhMzE0Y2QwZGNhNTFiMzc4NmNiMDRhYzMyYzI3MjgwMzI3MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM2jEtJr+gm6MTgWs5Wv4K4+tFV2
c9Gj67eZ7MwT/YIGywL7bVQP8oIbfYndCBue9bYZVK+wI9CEv3W3666yMKQHg5pG
DcHIolZJHCcybxBHre07iswAGrtwiF+tmjCv+6ZHCibIb8ll+qy7v8aQ/oGQN/A+
L0mfpRGCiYGlxX8jJRMw0JmTxnFqOXFTxgTMOFgS3GMCEpqARUVK5BB9V3S3wBhV
418Y1rCZJL6ROXaKCZnpyP3gvPoP1zvYJxIbGQ27cERwiD9iiBh/LnSoCj/5jvZa
G80TmkPzJ8eQ7wkFTX7X0sAov6V0o2SQxPoi7fIZI7d8O9A6YYtUCcslJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ0KMUzQ3KUbN4bLBKwywnKAMnKuMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARijH1FqJ
0yM9qRF0s654jcMEhqFKfPOMYg3um/8aetkCU2qaivGOz5+/Wte4ffr60ESVGK+R
XitPpQdy5MxtpG5Glv5uXKZt1F3w58RqYoE4df3IrkrUxfnZrnUFKzPWE1O1Z/pH
yPPG1oyHdetwDG94boLi5MtVGWhywOD6fq/mp1jXftaqRH0A5E6m8H0UV1Ml3/RK
jcrpCkOTPVVp6f5xKFf1lNaknpaEYzYGECf01D1fhxNcZxpRwihjFSHIOQJ5gN/U
zyqAQZavWEmW0FA7FRoslNKZVYZJ0pYOqGCKeuDAeaHwm6k/p2MCb5EU9XyXJ3WX
9LuEtuh0wbi4XQ==
-----END CERTIFICATE-----