Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          BbooflfIrkReX6L2sAqz4eZogk9g4egW94ZTt63BCx0=
Subject key identifier:   0C:FD:F8:7B:E7:3C:EC:A1:B8:BD:75:6F:90:3E:D9:19:20:F3:57:81
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       0199FBEA7FC87E0E64952EC8C41BB6DA69A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          0773
Signing time:             Sun 19 Oct 2025 10:01:13 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:13 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:13 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: zxz5ospij3riucCxzRB0mE3QTjCGAlcispGQf8RBSAU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:ea:7f:c8:7e:0e:64:95:2e:c8:c4:1b:b6:da:69:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Oct 19 10:01:13 2025 GMT
            Not After : Oct 20 10:01:13 2025 GMT
        Subject: CN=0cfdf87be73ceca1b8bd756f903ed91920f35781
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:5e:ef:d0:94:4a:e6:d8:9c:f1:6e:37:8a:12:
                    e8:06:3f:f4:62:ee:98:2e:44:e4:a2:43:7e:00:32:
                    84:ee:87:c3:70:12:4f:fb:fa:6c:83:37:e5:1a:ec:
                    76:42:de:f3:0b:37:9d:8a:c0:79:ac:a1:50:a1:25:
                    b6:cf:09:06:a4:68:58:05:54:43:15:0c:9c:28:18:
                    49:a9:eb:b9:6a:28:f2:d4:11:3c:d1:38:fb:76:ea:
                    41:3c:a8:0c:63:b6:6a:e9:3b:b1:6a:48:70:f6:89:
                    e3:5b:c0:9f:b7:4e:1d:1d:3b:54:ab:44:7c:d0:f0:
                    e6:54:6f:4d:dd:ca:03:2e:7b:81:54:8f:f6:e8:2e:
                    33:dd:fc:5f:19:79:bd:e7:f0:1a:8e:a0:db:c1:bc:
                    d6:94:d3:6a:c5:27:77:4f:3d:01:dc:96:63:35:1d:
                    67:d5:f1:6c:00:58:a3:4b:b4:04:7c:52:1b:a0:18:
                    1e:3f:7d:52:25:fc:9b:fc:a2:ba:e2:ef:1d:74:4c:
                    06:b8:21:0e:a7:22:59:be:86:38:4c:09:40:63:b2:
                    cd:2f:0a:85:f0:05:4d:59:ee:f2:27:46:34:79:b6:
                    26:3b:1f:97:af:ed:38:c7:0d:bf:a1:d7:89:73:82:
                    54:4d:47:e7:c2:8a:04:c4:e5:ba:dc:e9:02:7e:58:
                    9e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:FD:F8:7B:E7:3C:EC:A1:B8:BD:75:6F:90:3E:D9:19:20:F3:57:81
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:be:58:d3:be:fa:fe:a7:38:db:bf:ed:b7:ce:61:c6:a3:c4:
         e6:71:f1:66:6d:3f:aa:00:76:69:0b:98:18:59:f5:9c:5a:e0:
         1b:43:48:13:90:c2:3b:38:28:1a:0e:08:86:c8:d3:be:84:97:
         45:8f:eb:fc:af:71:b5:79:42:49:78:42:39:76:2d:75:e5:1e:
         d4:61:9c:e2:46:cc:6a:bb:ac:8b:8b:57:e9:1c:ef:13:61:8d:
         48:55:5f:c0:b6:cc:e7:b7:51:4f:91:41:cb:93:a7:b3:56:17:
         f8:6e:53:5e:19:98:7c:ad:b0:b2:92:71:aa:d4:e1:69:d0:fe:
         18:1c:2e:7c:05:4c:f5:7b:e7:38:b5:7a:40:07:b9:98:cd:03:
         b5:5a:3f:fd:0c:a3:63:04:46:aa:6d:59:e3:3a:fb:b8:7e:f2:
         ca:8b:4b:de:35:18:6a:b7:c5:0b:d9:3d:55:da:ee:29:d2:f8:
         a9:87:fe:a0:fa:22:2c:05:44:fc:f7:93:68:cf:1f:20:05:b3:
         d9:c7:b0:b6:9e:b6:90:c8:a3:e4:88:5f:25:ff:a0:11:9f:aa:
         2f:b9:f7:57:a7:20:39:40:3f:41:be:91:8a:0a:72:e9:06:f4:
         22:2a:d1:56:7b:7a:90:ed:e6:68:5b:90:a9:16:b6:93:1f:7c:
         e8:39:96:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76n/Ifg5klS7IxBu22mmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjUxMDE5MTAwMTEzWhcNMjUxMDIwMTAwMTEzWjAzMTEwLwYDVQQD
EygwY2ZkZjg3YmU3M2NlY2ExYjhiZDc1NmY5MDNlZDkxOTIwZjM1NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA917v0JRK5tic8W43ihLoBj/0Yu6Y
LkTkokN+ADKE7ofDcBJP+/psgzflGux2Qt7zCzedisB5rKFQoSW2zwkGpGhYBVRD
FQycKBhJqeu5aijy1BE80Tj7dupBPKgMY7Zq6Tuxakhw9onjW8Cft04dHTtUq0R8
0PDmVG9N3coDLnuBVI/26C4z3fxfGXm95/AajqDbwbzWlNNqxSd3Tz0B3JZjNR1n
1fFsAFijS7QEfFIboBgeP31SJfyb/KK64u8ddEwGuCEOpyJZvoY4TAlAY7LNLwqF
8AVNWe7yJ0Y0ebYmOx+Xr+04xw2/odeJc4JUTUfnwooExOW63OkCflie3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAz9+HvnPOyhuL11b5A+2Rkg81eBMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaL5Y0776
/qc427/tt85hxqPE5nHxZm0/qgB2aQuYGFn1nFrgG0NIE5DCOzgoGg4IhsjTvoSX
RY/r/K9xtXlCSXhCOXYtdeUe1GGc4kbMarusi4tX6RzvE2GNSFVfwLbM57dRT5FB
y5Ons1YX+G5TXhmYfK2wspJxqtThadD+GBwufAVM9XvnOLV6QAe5mM0DtVo//Qyj
YwRGqm1Z4zr7uH7yyotL3jUYarfFC9k9VdruKdL4qYf+oPoiLAVE/PeTaM8fIAWz
2cewtp62kMij5IhfJf+gEZ+qL7n3V6cgOUA/Qb6Rigpy6Qb0IirRVnt6kO3maFuQ
qRa2kx986DmWbQ==
-----END CERTIFICATE-----