Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
File:                     2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft (raw, json)
Hash identifier:          ORovTKcmmLmP4yUIq4VTkqsiiko2QvtilCe7hJPxAgE=
Subject key identifier:   8E:20:06:30:1F:04:CB:B4:B4:86:D8:19:16:64:8B:F2:9E:0E:0F:60
Authority key identifier: DA:7D:CB:08:1C:73:80:2F:C1:89:5C:6E:B4:A2:72:66:6B:D4:27:9A
Certificate issuer:       /CN=da7dcb081c73802fc1895c6eb4a272666bd4279a
Certificate serial:       0199FBEB36C4379F2E586BB950FAF39CE5FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 10:02:00 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:00 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:00 +0000
Files and hashes:         1: 2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl (hash: Xs8/q1VQdJlS1trQzdH0qIhlK/ouPG3zdHU+vUE6CzU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:36:c4:37:9f:2e:58:6b:b9:50:fa:f3:9c:e5:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7dcb081c73802fc1895c6eb4a272666bd4279a
        Validity
            Not Before: Oct 19 10:02:00 2025 GMT
            Not After : Oct 20 10:02:00 2025 GMT
        Subject: CN=8e2006301f04cbb4b486d81916648bf29e0e0f60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:32:5a:37:c8:66:5e:72:02:68:40:f8:dd:da:
                    55:eb:b8:2f:e7:88:72:e2:fe:bd:58:0c:2d:64:a7:
                    c9:4b:3f:12:d1:c8:35:8d:b0:47:2e:9c:1d:19:ae:
                    95:6c:df:60:be:5f:45:89:c5:06:71:1f:72:39:ae:
                    e0:f9:39:90:2a:4f:af:c5:33:9b:c3:c2:d4:94:c4:
                    48:4f:fa:93:26:71:ad:90:e6:14:db:29:43:f9:cd:
                    d8:13:2a:60:a1:41:a3:10:5c:ed:65:5a:c4:97:da:
                    70:31:3a:97:f3:e6:54:36:84:0d:86:0a:25:8a:14:
                    e4:f0:4a:fe:3e:02:2b:5d:4f:93:4a:ce:2a:2d:f0:
                    e3:c8:ce:03:ef:65:26:9f:bc:3c:d2:f8:0a:30:18:
                    14:80:7e:fc:68:8b:26:11:a0:25:19:1d:a0:34:44:
                    7b:31:09:50:17:c6:e0:3c:82:34:3e:c0:56:bf:22:
                    f4:c3:66:eb:98:f0:64:9a:57:c7:d1:f5:49:0b:1d:
                    a5:a6:8f:e8:ad:3c:b5:54:43:74:4f:c7:f0:33:16:
                    58:a1:34:6e:30:5c:28:36:2c:c6:89:82:14:39:2f:
                    15:a7:12:74:f9:16:c8:92:f4:77:9d:1d:8c:85:a0:
                    89:00:b2:2a:92:52:3c:e5:cf:dd:08:3a:02:4b:88:
                    22:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:20:06:30:1F:04:CB:B4:B4:86:D8:19:16:64:8B:F2:9E:0E:0F:60
            X509v3 Authority Key Identifier:
                keyid:DA:7D:CB:08:1C:73:80:2F:C1:89:5C:6E:B4:A2:72:66:6B:D4:27:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2n3LCBxzgC_BiVxutKJyZmvUJ5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4abf12-45a6-4e2a-bc85-68b68e499b4b/1/2n3LCBxzgC_BiVxutKJyZmvUJ5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:2d:f2:2b:e0:35:f3:3a:26:9b:df:64:f2:6c:a0:3a:a6:ee:
         45:9d:63:ef:2f:3f:57:09:e3:a0:a9:e6:02:d0:44:05:2b:a7:
         cb:8f:b5:ad:2d:43:8d:62:a0:f1:ee:ae:9a:22:a6:83:04:1a:
         3e:2a:9e:25:e6:5e:96:f5:be:9e:60:ee:8a:83:01:53:0b:59:
         23:63:5c:62:84:fa:fc:65:3f:c3:dd:2c:a9:6f:fd:52:61:c0:
         7d:33:0d:3e:05:99:db:f3:2a:be:1b:83:05:16:fd:ef:58:23:
         1d:c5:00:ba:bb:35:bf:99:f4:f7:b8:d8:33:7a:27:fa:7e:0e:
         87:d2:5c:e1:eb:fd:24:97:a4:fb:85:7b:15:a1:5a:f9:65:d2:
         71:c5:b4:29:da:b7:e6:55:9a:e7:66:86:96:1c:67:a3:03:b5:
         10:6e:d7:99:9c:94:c4:da:1a:9a:7e:9a:0e:86:70:36:e8:16:
         4d:a1:6d:1d:ee:8e:d9:a4:7d:9d:97:d2:49:b0:71:6d:63:7d:
         e2:fd:c1:fa:ba:52:74:29:b1:27:f0:f6:32:15:54:5b:2d:7b:
         68:12:94:97:e7:b3:1f:49:b2:dc:c7:29:98:0b:d3:89:75:b3:
         17:24:33:c2:87:17:b1:4a:9a:e3:22:cd:a0:35:e5:2a:1e:52:
         52:17:30:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76zbEN58uWGu5UPrznOX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhN2RjYjA4MWM3MzgwMmZjMTg5NWM2ZWI0YTI3MjY2NmJk
NDI3OWEwHhcNMjUxMDE5MTAwMjAwWhcNMjUxMDIwMTAwMjAwWjAzMTEwLwYDVQQD
Eyg4ZTIwMDYzMDFmMDRjYmI0YjQ4NmQ4MTkxNjY0OGJmMjllMGUwZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjJaN8hmXnICaED43dpV67gv54hy
4v69WAwtZKfJSz8S0cg1jbBHLpwdGa6VbN9gvl9FicUGcR9yOa7g+TmQKk+vxTOb
w8LUlMRIT/qTJnGtkOYU2ylD+c3YEypgoUGjEFztZVrEl9pwMTqX8+ZUNoQNhgol
ihTk8Er+PgIrXU+TSs4qLfDjyM4D72Umn7w80vgKMBgUgH78aIsmEaAlGR2gNER7
MQlQF8bgPII0PsBWvyL0w2brmPBkmlfH0fVJCx2lpo/orTy1VEN0T8fwMxZYoTRu
MFwoNizGiYIUOS8VpxJ0+RbIkvR3nR2MhaCJALIqklI85c/dCDoCS4giJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI4gBjAfBMu0tIbYGRZki/KeDg9gMB8GA1UdIwQY
MBaAFNp9ywgcc4AvwYlcbrSicmZr1CeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80YWJmMTItNDVhNi00ZTJhLWJjODUt
NjhiNjhlNDk5YjRiLzEvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80YWJmMTItNDVhNi00ZTJhLWJjODUtNjhiNjhlNDk5YjRi
LzEvMm4zTENCeHpnQ19CaVZ4dXRLSnlabXZVSjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUC3yK+A1
8zomm99k8mygOqbuRZ1j7y8/VwnjoKnmAtBEBSuny4+1rS1DjWKg8e6umiKmgwQa
PiqeJeZelvW+nmDuioMBUwtZI2NcYoT6/GU/w90sqW/9UmHAfTMNPgWZ2/MqvhuD
BRb971gjHcUAurs1v5n097jYM3on+n4Oh9Jc4ev9JJek+4V7FaFa+WXSccW0Kdq3
5lWa52aGlhxnowO1EG7XmZyUxNoamn6aDoZwNugWTaFtHe6O2aR9nZfSSbBxbWN9
4v3B+rpSdCmxJ/D2MhVUWy17aBKUl+ezH0my3McpmAvTiXWzFyQzwocXsUqa4yLN
oDXlKh5SUhcw4Q==
-----END CERTIFICATE-----