Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
File:                     2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft (raw, json)
Hash identifier:          N0wOfrWuNA031kkfPaC6Sat2ydxmGm86oLgHGVoG9XA=
Subject key identifier:   30:96:C9:1D:C7:C0:5D:19:1E:9F:7B:F5:F2:EC:2F:F0:A1:00:90:0E
Authority key identifier: D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4
Certificate issuer:       /CN=d9187c9ac10f205152b128ecdc2157c9024916a4
Certificate serial:       0199FFC85DB535DF20EE342BF9C0F6C2CC83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
Manifest number:          16E2
Signing time:             Mon 20 Oct 2025 04:02:25 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:25 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:25 +0000
Files and hashes:         1: 2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl (hash: 27pEj+V5QFzBLeEJjsJxfCBdMxPO/OMQkzctBV/4B/A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:5d:b5:35:df:20:ee:34:2b:f9:c0:f6:c2:cc:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9187c9ac10f205152b128ecdc2157c9024916a4
        Validity
            Not Before: Oct 20 04:02:25 2025 GMT
            Not After : Oct 21 04:02:25 2025 GMT
        Subject: CN=3096c91dc7c05d191e9f7bf5f2ec2ff0a100900e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:38:72:62:da:d8:54:4e:7b:11:4f:90:10:4f:
                    e5:81:ca:26:79:10:0f:c0:4b:08:f3:8a:00:aa:da:
                    7d:bf:66:12:18:fc:41:24:eb:62:f3:b7:11:90:9a:
                    bd:fd:61:7c:ae:a4:43:3f:66:50:04:34:e1:26:40:
                    71:f3:a0:61:eb:f5:bd:53:da:ce:b8:45:4e:5f:c3:
                    ae:19:0a:84:d2:41:c1:fc:56:fd:84:f8:04:df:51:
                    98:5b:56:a3:a5:26:4e:6b:a4:f3:da:e1:0f:c7:fd:
                    43:7f:91:1d:50:01:14:ac:8a:c7:9b:6f:8a:2d:22:
                    54:0d:ae:3a:d6:05:9a:d7:9a:b6:14:18:08:7a:70:
                    e9:d7:43:fa:b4:d0:3b:a7:bb:f6:41:9e:fa:14:9c:
                    0a:79:bc:59:85:4e:40:c0:c2:89:03:ff:86:6c:38:
                    88:ff:3a:bd:1f:bf:3f:fd:59:fe:c3:58:5d:d1:0e:
                    4c:cd:a7:ae:0d:c4:c4:c0:61:cc:19:f6:c4:8c:49:
                    89:02:60:60:8a:f0:f3:b3:bb:32:6a:69:7b:58:79:
                    3b:0e:85:03:5a:fc:b9:b9:4d:43:be:5a:22:b1:7e:
                    77:47:5a:b3:d8:0b:ec:b1:43:44:a6:ec:65:d9:5b:
                    7f:8c:eb:c9:a2:fc:e0:8c:34:1a:1f:c1:e7:f3:e3:
                    0e:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:96:C9:1D:C7:C0:5D:19:1E:9F:7B:F5:F2:EC:2F:F0:A1:00:90:0E
            X509v3 Authority Key Identifier:
                keyid:D9:18:7C:9A:C1:0F:20:51:52:B1:28:EC:DC:21:57:C9:02:49:16:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/4ad454-0048-411a-b1ea-24b30606e219/1/2Rh8msEPIFFSsSjs3CFXyQJJFqQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:f2:f5:29:3b:6c:ff:07:24:1b:50:02:a2:3b:88:c1:34:6d:
         72:65:df:d5:c5:e3:00:8e:1d:63:c0:39:c1:85:c4:b0:a5:4a:
         ac:c5:70:e9:df:9a:3b:ba:a1:bb:2d:d9:a7:eb:92:b9:cb:19:
         de:53:ed:b8:fa:cd:f8:96:1f:87:11:3b:ef:25:05:56:97:f4:
         f1:74:e8:65:11:cd:bb:2a:fe:4b:9f:29:57:b3:57:92:90:29:
         0a:fb:58:fe:21:05:79:f0:74:c6:e6:63:ae:21:7e:2c:79:4b:
         e8:d6:28:77:eb:3e:9b:92:dd:b7:b8:ab:0f:1a:85:fc:ff:e6:
         87:6a:82:7f:38:df:01:c8:af:7b:4d:37:b0:a4:db:f9:d7:c1:
         32:8b:b1:f6:3d:9f:b4:1b:a8:74:4d:96:3e:58:62:8a:50:59:
         b8:4c:9d:b6:71:43:ba:d0:b2:e7:ce:e1:25:52:1f:3d:54:ab:
         8c:80:c3:20:34:28:ea:87:18:4b:9f:8e:6f:f5:6c:da:09:21:
         42:a9:f1:47:4e:fa:e0:b2:f0:fc:bf:5a:e6:db:e4:b4:9c:9e:
         f4:92:d3:bd:ed:4b:09:50:b0:83:55:93:15:e4:cb:57:22:3c:
         1a:42:07:9b:4d:46:af:af:85:f8:27:5b:3b:91:11:25:28:67:
         d3:7f:cd:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yF21Nd8g7jQr+cD2wsyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTg3YzlhYzEwZjIwNTE1MmIxMjhlY2RjMjE1N2M5MDI0
OTE2YTQwHhcNMjUxMDIwMDQwMjI1WhcNMjUxMDIxMDQwMjI1WjAzMTEwLwYDVQQD
EygzMDk2YzkxZGM3YzA1ZDE5MWU5ZjdiZjVmMmVjMmZmMGExMDA5MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzhyYtrYVE57EU+QEE/lgcomeRAP
wEsI84oAqtp9v2YSGPxBJOti87cRkJq9/WF8rqRDP2ZQBDThJkBx86Bh6/W9U9rO
uEVOX8OuGQqE0kHB/Fb9hPgE31GYW1ajpSZOa6Tz2uEPx/1Df5EdUAEUrIrHm2+K
LSJUDa461gWa15q2FBgIenDp10P6tNA7p7v2QZ76FJwKebxZhU5AwMKJA/+GbDiI
/zq9H78//Vn+w1hd0Q5MzaeuDcTEwGHMGfbEjEmJAmBgivDzs7syaml7WHk7DoUD
Wvy5uU1DvloisX53R1qz2AvssUNEpuxl2Vt/jOvJovzgjDQaH8Hn8+MOPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDCWyR3HwF0ZHp979fLsL/ChAJAOMB8GA1UdIwQY
MBaAFNkYfJrBDyBRUrEo7NwhV8kCSRakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80YWQ0NTQtMDA0OC00MTFhLWIxZWEt
MjRiMzA2MDZlMjE5LzEvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80YWQ0NTQtMDA0OC00MTFhLWIxZWEtMjRiMzA2MDZlMjE5
LzEvMlJoOG1zRVBJRkZTc1NqczNDRlh5UUpKRnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkPL1KTts
/wckG1ACojuIwTRtcmXf1cXjAI4dY8A5wYXEsKVKrMVw6d+aO7qhuy3Zp+uSucsZ
3lPtuPrN+JYfhxE77yUFVpf08XToZRHNuyr+S58pV7NXkpApCvtY/iEFefB0xuZj
riF+LHlL6NYod+s+m5Ldt7irDxqF/P/mh2qCfzjfAcive003sKTb+dfBMoux9j2f
tBuodE2WPlhiilBZuEydtnFDutCy587hJVIfPVSrjIDDIDQo6ocYS5+Ob/Vs2gkh
QqnxR0764LLw/L9a5tvktJye9JLTve1LCVCwg1WTFeTLVyI8GkIHm01Gr6+F+Cdb
O5ERJShn03/Nkw==
-----END CERTIFICATE-----