Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
File:                     2TLsITGy__Du_D-3jLxbjTLvHGE.mft (raw, json)
Hash identifier:          bN4pr95AlSYiyQpbJHEaISkvU6x+0HwVNezPSERKWjA=
Subject key identifier:   7B:F7:E4:B7:6E:E7:32:77:5A:2A:80:C7:B9:A7:EE:69:02:F4:79:95
Authority key identifier: D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61
Certificate issuer:       /CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
Certificate serial:       0199FD344A3B2043976806E68DA3144968DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
Manifest number:          11AE
Signing time:             Sun 19 Oct 2025 16:01:26 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:26 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:26 +0000
Files and hashes:         1: 2TLsITGy__Du_D-3jLxbjTLvHGE.crl (hash: qzkWFHp1CyFZJPncxt2pgLrBDguevmlCXRHH0RN6gJM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:4a:3b:20:43:97:68:06:e6:8d:a3:14:49:68:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d932ec2131b2fff0eefc3fb78cbc5b8d32ef1c61
        Validity
            Not Before: Oct 19 16:01:26 2025 GMT
            Not After : Oct 20 16:01:26 2025 GMT
        Subject: CN=7bf7e4b76ee732775a2a80c7b9a7ee6902f47995
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0d:29:84:a7:34:a1:1b:b2:20:a5:75:88:34:
                    18:e8:43:59:d8:02:ff:50:ad:48:3f:79:26:04:26:
                    13:7d:e7:20:67:b8:c4:ef:9a:55:3b:35:51:d2:a7:
                    ad:c7:e0:4d:81:40:ed:f3:a3:55:e2:2a:83:cb:ed:
                    93:19:f5:ce:86:86:99:e3:cd:0d:f5:4c:7b:79:6f:
                    08:fa:d2:d7:5f:39:e2:c5:1b:18:44:c8:b3:ef:5c:
                    f1:55:e3:57:d3:aa:a0:8c:22:da:a5:fe:0c:b4:53:
                    a1:40:fc:2b:28:c1:a4:bf:57:b9:5a:99:73:1b:41:
                    ed:f2:ec:88:30:f6:2a:26:ec:a9:69:11:7d:8c:19:
                    a2:2b:a2:29:c1:de:3a:67:a4:3e:b1:c2:f4:f8:19:
                    97:ac:d9:90:66:fd:76:4f:d2:7d:9c:4a:38:a9:23:
                    d1:fa:b4:29:94:01:1d:9a:22:2e:80:78:b4:8c:6a:
                    d9:0e:2a:13:08:75:a3:48:4b:32:e3:22:ea:cf:12:
                    17:6d:da:91:1f:51:f5:f0:76:4c:25:92:d2:8e:ac:
                    71:60:b0:92:dc:ef:01:a6:2b:0f:ed:36:e5:96:61:
                    a9:30:1e:65:32:3d:db:67:0b:03:4d:a4:37:3a:a0:
                    21:71:1d:ba:4c:c0:7c:a4:ca:8c:de:28:7a:22:0e:
                    85:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:F7:E4:B7:6E:E7:32:77:5A:2A:80:C7:B9:A7:EE:69:02:F4:79:95
            X509v3 Authority Key Identifier:
                keyid:D9:32:EC:21:31:B2:FF:F0:EE:FC:3F:B7:8C:BC:5B:8D:32:EF:1C:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TLsITGy__Du_D-3jLxbjTLvHGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97940f-907b-46c2-b2c2-f22980e5ca92/1/2TLsITGy__Du_D-3jLxbjTLvHGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:cb:5d:d7:1c:09:c5:11:37:96:a7:84:2e:b8:33:23:58:a8:
         62:54:81:da:4a:f8:fc:76:30:48:c4:2f:d1:c4:4b:9c:01:e9:
         5e:ab:58:3f:62:da:33:b9:56:93:50:08:5e:00:64:07:82:78:
         15:e0:85:78:e7:c6:57:c3:12:cf:7b:3f:89:33:db:dc:33:1c:
         8f:b1:9a:4c:e3:0e:b1:1e:05:3c:c1:6d:45:71:3e:03:e8:37:
         1b:59:31:c0:96:3f:d3:cd:22:9a:51:c1:e5:8e:4d:70:16:dd:
         10:75:a1:92:9f:a2:cb:f4:12:40:85:ce:66:2a:e6:55:77:74:
         7e:40:32:5b:7c:5c:90:09:ae:c5:44:b8:f4:71:8f:9d:8c:59:
         e7:0d:7c:33:af:84:41:f6:3c:72:75:12:75:1c:ce:9f:4d:78:
         5d:0b:68:e8:21:c9:6d:79:33:7e:df:0d:9e:69:f7:df:84:73:
         82:1d:ec:fc:30:f7:bc:75:ac:4a:90:94:16:cc:e3:e0:65:b0:
         c3:51:93:f9:51:5f:4a:5b:29:ba:e6:cb:c5:9d:d1:42:78:8f:
         9f:8f:54:75:98:7f:cb:05:20:82:1c:1b:49:1d:07:d5:33:84:
         b4:3e:05:e0:e6:bf:8d:90:6b:20:f4:31:1e:2c:2d:82:2d:9a:
         e6:25:58:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NEo7IEOXaAbmjaMUSWjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MzJlYzIxMzFiMmZmZjBlZWZjM2ZiNzhjYmM1YjhkMzJl
ZjFjNjEwHhcNMjUxMDE5MTYwMTI2WhcNMjUxMDIwMTYwMTI2WjAzMTEwLwYDVQQD
Eyg3YmY3ZTRiNzZlZTczMjc3NWEyYTgwYzdiOWE3ZWU2OTAyZjQ3OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ0phKc0oRuyIKV1iDQY6ENZ2AL/
UK1IP3kmBCYTfecgZ7jE75pVOzVR0qetx+BNgUDt86NV4iqDy+2TGfXOhoaZ480N
9Ux7eW8I+tLXXznixRsYRMiz71zxVeNX06qgjCLapf4MtFOhQPwrKMGkv1e5Wplz
G0Ht8uyIMPYqJuypaRF9jBmiK6Ipwd46Z6Q+scL0+BmXrNmQZv12T9J9nEo4qSPR
+rQplAEdmiIugHi0jGrZDioTCHWjSEsy4yLqzxIXbdqRH1H18HZMJZLSjqxxYLCS
3O8BpisP7TbllmGpMB5lMj3bZwsDTaQ3OqAhcR26TMB8pMqM3ih6Ig6FiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHv35Ldu5zJ3WiqAx7mn7mkC9HmVMB8GA1UdIwQY
MBaAFNky7CExsv/w7vw/t4y8W40y7xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzIt
ZjIyOTgwZTVjYTkyLzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85Nzk0MGYtOTA3Yi00NmMyLWIyYzItZjIyOTgwZTVjYTky
LzEvMlRMc0lUR3lfX0R1X0QtM2pMeGJqVEx2SEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANstd1xwJ
xRE3lqeELrgzI1ioYlSB2kr4/HYwSMQv0cRLnAHpXqtYP2LaM7lWk1AIXgBkB4J4
FeCFeOfGV8MSz3s/iTPb3DMcj7GaTOMOsR4FPMFtRXE+A+g3G1kxwJY/080imlHB
5Y5NcBbdEHWhkp+iy/QSQIXOZirmVXd0fkAyW3xckAmuxUS49HGPnYxZ5w18M6+E
QfY8cnUSdRzOn014XQto6CHJbXkzft8Nnmn334Rzgh3s/DD3vHWsSpCUFszj4GWw
w1GT+VFfSlspuubLxZ3RQniPn49UdZh/ywUgghwbSR0H1TOEtD4F4Oa/jZBrIPQx
Hiwtgi2a5iVY4g==
-----END CERTIFICATE-----