Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          JpGXteUq9SIosb0iOLLmud/hbCczNwci6NURtftmoOA=
Subject key identifier:   3B:25:3A:71:CB:2B:36:B2:56:1F:A4:44:36:22:0B:BA:DF:19:3C:84
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       0199FFC71D17CE845B259643A3E54706989E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          0AF2
Signing time:             Mon 20 Oct 2025 04:01:03 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:03 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:03 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: d1jXj00aAh3LXevBXyfGa3GNunufImlzEzixhplBw5M=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:1d:17:ce:84:5b:25:96:43:a3:e5:47:06:98:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Oct 20 04:01:03 2025 GMT
            Not After : Oct 21 04:01:03 2025 GMT
        Subject: CN=3b253a71cb2b36b2561fa44436220bbadf193c84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:1c:91:25:10:79:72:7c:88:b5:61:1d:fe:05:
                    47:0b:36:62:65:0d:7f:bc:3a:13:ee:e5:3a:33:02:
                    2c:90:35:c2:72:cb:71:47:fc:19:d1:8d:90:30:d6:
                    f2:21:5f:ca:2b:b2:b0:7c:d3:db:08:9e:51:da:49:
                    dd:42:81:27:78:39:1f:85:ad:2e:b5:cf:61:3c:89:
                    ea:88:81:d9:c9:64:fa:fa:0f:93:46:c6:1f:32:84:
                    c3:f2:a5:1a:9b:9b:d2:9d:2f:11:92:32:59:a3:34:
                    39:4a:5f:5f:a5:4c:38:e0:ac:93:40:bb:34:ce:7f:
                    d0:48:ca:de:9a:d4:bd:7c:2b:cd:fa:1a:9e:c1:05:
                    fa:c4:a8:2a:35:08:1e:af:52:ef:5a:e5:00:ff:f6:
                    10:04:a8:04:85:0b:63:b7:37:7b:43:d7:ef:a8:59:
                    d1:d8:57:30:09:67:b7:e2:8a:80:85:da:46:3f:71:
                    83:c4:71:db:d1:37:63:74:fc:07:1f:ac:75:c3:7c:
                    18:a6:1b:c2:0b:be:cf:8f:5a:11:d6:92:c4:1f:fc:
                    77:cc:7a:ae:2e:18:c1:0f:7a:f5:7c:be:a6:9d:12:
                    01:41:6d:92:90:b9:ec:cc:b7:69:f9:af:85:81:e4:
                    dc:4c:ba:f3:07:10:7a:d5:f4:0c:1f:2f:f8:8b:4f:
                    76:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:25:3A:71:CB:2B:36:B2:56:1F:A4:44:36:22:0B:BA:DF:19:3C:84
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:6f:51:44:9c:a0:51:6f:37:0a:5f:53:9e:5a:c2:77:85:c1:
         ac:33:5a:ac:30:f2:e7:28:54:8e:43:30:c6:08:f8:59:52:d5:
         61:13:5b:34:bc:a8:a7:aa:5d:ef:b5:cb:5d:58:ab:2c:0b:ac:
         ca:15:ef:bb:31:8b:da:8e:b1:66:ec:0a:37:b3:57:30:1a:42:
         ff:52:b5:3b:a2:3c:08:f1:f8:88:7e:02:06:ec:f2:b4:dd:dd:
         da:ad:74:54:6d:fc:94:de:99:35:05:46:45:46:0f:aa:94:3c:
         e3:2f:73:7c:db:73:d8:38:8b:6d:ac:14:c1:98:c7:77:8c:52:
         fb:f6:75:d7:30:f8:9d:77:c7:03:da:02:1e:d5:56:a0:16:3d:
         9e:bd:32:f3:d5:c8:55:97:f3:7d:c7:cc:16:ab:d4:28:52:5e:
         e7:03:8b:ff:47:64:56:54:31:34:ca:e3:1b:4d:e2:d2:9f:79:
         35:e3:7b:0c:48:c6:1d:59:dc:15:38:b3:d0:70:c0:21:da:60:
         23:93:fd:06:e2:0c:5c:83:f5:4f:78:3a:97:b4:70:28:9c:08:
         21:b7:1e:fa:58:a3:79:67:4d:6f:d0:85:f6:f9:6f:da:33:cb:
         aa:47:29:d5:e3:9e:1d:9b:69:03:4c:57:30:30:01:48:d3:bd:
         6e:be:94:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/xx0XzoRbJZZDo+VHBpieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjUxMDIwMDQwMTAzWhcNMjUxMDIxMDQwMTAzWjAzMTEwLwYDVQQD
EygzYjI1M2E3MWNiMmIzNmIyNTYxZmE0NDQzNjIyMGJiYWRmMTkzYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqByRJRB5cnyItWEd/gVHCzZiZQ1/
vDoT7uU6MwIskDXCcstxR/wZ0Y2QMNbyIV/KK7KwfNPbCJ5R2kndQoEneDkfha0u
tc9hPInqiIHZyWT6+g+TRsYfMoTD8qUam5vSnS8RkjJZozQ5Sl9fpUw44KyTQLs0
zn/QSMremtS9fCvN+hqewQX6xKgqNQger1LvWuUA//YQBKgEhQtjtzd7Q9fvqFnR
2FcwCWe34oqAhdpGP3GDxHHb0TdjdPwHH6x1w3wYphvCC77Pj1oR1pLEH/x3zHqu
LhjBD3r1fL6mnRIBQW2SkLnszLdp+a+FgeTcTLrzBxB61fQMHy/4i092WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDslOnHLKzayVh+kRDYiC7rfGTyEMB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEG9RRJyg
UW83Cl9TnlrCd4XBrDNarDDy5yhUjkMwxgj4WVLVYRNbNLyop6pd77XLXVirLAus
yhXvuzGL2o6xZuwKN7NXMBpC/1K1O6I8CPH4iH4CBuzytN3d2q10VG38lN6ZNQVG
RUYPqpQ84y9zfNtz2DiLbawUwZjHd4xS+/Z11zD4nXfHA9oCHtVWoBY9nr0y89XI
VZfzfcfMFqvUKFJe5wOL/0dkVlQxNMrjG03i0p95NeN7DEjGHVncFTiz0HDAIdpg
I5P9BuIMXIP1T3g6l7RwKJwIIbce+lijeWdNb9CF9vlv2jPLqkcp1eOeHZtpA0xX
MDABSNO9br6UtQ==
-----END CERTIFICATE-----