Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
File:                     2lPr-vXBh42KIqk44XMqigdxTzU.mft (raw, json)
Hash identifier:          qb9GlK3m3nenDB+8o0KHQku9BteKVdWfuzdEKWLqD3c=
Subject key identifier:   78:CE:89:25:32:D8:DC:AE:46:55:33:0E:F3:D1:07:A1:36:FE:D9:A9
Authority key identifier: DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35
Certificate issuer:       /CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
Certificate serial:       0199FD34086A776E053966D6DE6B76CA1A4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
Manifest number:          16DF
Signing time:             Sun 19 Oct 2025 16:01:09 +0000
Manifest this update:     Sun 19 Oct 2025 16:01:09 +0000
Manifest next update:     Mon 20 Oct 2025 16:01:09 +0000
Files and hashes:         1: 2lPr-vXBh42KIqk44XMqigdxTzU.crl (hash: RG9LSdWCXYljRtWRj3irq96MzA/ZFvmCXIvjbjzP6Uw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:34:08:6a:77:6e:05:39:66:d6:de:6b:76:ca:1a:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da53ebfaf5c1878d8a22a938e1732a8a07714f35
        Validity
            Not Before: Oct 19 16:01:09 2025 GMT
            Not After : Oct 20 16:01:09 2025 GMT
        Subject: CN=78ce892532d8dcae4655330ef3d107a136fed9a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:40:1c:02:2b:5d:f4:2c:2c:de:5f:18:34:38:
                    93:5c:b8:7e:8b:62:cd:51:57:6c:23:14:c6:55:50:
                    ae:8f:5a:a9:ba:d3:61:5e:e7:8c:07:1b:ac:e5:e6:
                    0a:a3:0e:da:87:2f:4e:d5:ca:f4:91:12:d3:18:f8:
                    c8:29:36:c1:68:31:ec:0b:32:ef:57:7e:de:ab:ca:
                    54:58:17:86:6c:de:cc:de:f1:3f:f6:35:ba:42:45:
                    c2:fd:b1:b3:09:b4:76:d7:ff:28:67:85:8f:b6:c9:
                    e1:0b:cc:e9:19:1a:ec:c3:e0:fc:b3:e1:d0:d3:c7:
                    8e:ba:35:db:72:93:97:a7:a0:f0:1e:4f:9b:6d:01:
                    f7:71:d9:2f:63:9d:89:fa:d1:88:3a:47:ca:c0:06:
                    1d:33:5a:81:a9:14:4b:52:31:cc:6b:ff:ca:7f:2e:
                    b4:6b:7d:85:2d:4f:2f:da:5c:cc:72:86:7e:43:0e:
                    93:1a:26:1f:46:51:a4:97:fb:3d:35:a2:f1:28:97:
                    04:03:97:86:1f:bc:9a:f8:f9:fe:d2:bf:a3:cb:23:
                    80:6f:ae:50:05:d9:9b:53:0f:dc:96:b0:70:7d:7f:
                    74:e4:01:68:fb:0e:90:cb:c0:35:91:7f:ca:5e:03:
                    f4:69:22:59:6d:05:93:d7:49:e0:4e:f2:e8:25:42:
                    98:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:CE:89:25:32:D8:DC:AE:46:55:33:0E:F3:D1:07:A1:36:FE:D9:A9
            X509v3 Authority Key Identifier:
                keyid:DA:53:EB:FA:F5:C1:87:8D:8A:22:A9:38:E1:73:2A:8A:07:71:4F:35

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lPr-vXBh42KIqk44XMqigdxTzU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/1c7c0e-23a1-4142-bee8-93c9e6b093bc/1/2lPr-vXBh42KIqk44XMqigdxTzU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:02:c7:be:ce:18:75:cd:d8:3c:38:54:1a:39:28:e8:9a:3b:
         55:25:f5:97:2b:4e:99:9f:e6:2c:bf:f3:6d:e6:4f:23:e6:7a:
         07:30:db:e0:cc:ab:c6:90:1e:d0:b3:91:30:e5:f4:26:64:d5:
         ab:00:0b:d4:5d:fd:4c:7a:f4:e3:9e:e4:0e:b9:ee:4e:cf:61:
         b1:8d:44:92:3a:5a:a7:a8:a2:db:64:7c:81:5a:c2:1f:71:f3:
         ea:4e:a7:d7:7f:36:b1:fb:cc:45:8a:5b:a1:ea:03:71:d1:c4:
         8c:0b:9c:d9:1f:33:48:c1:de:e3:c8:c1:56:91:ab:e2:40:0b:
         df:1c:e4:ca:eb:4a:dd:60:e6:ed:f0:6a:6a:d1:88:49:fb:26:
         5e:9e:e3:52:fc:2c:fe:92:a1:b8:40:51:c5:22:7b:a1:4c:4c:
         37:33:f7:7a:14:5b:d2:82:32:46:70:ff:ec:3c:c1:92:38:79:
         1d:65:28:c1:a9:0a:d2:d6:e3:fb:f0:7e:64:2b:8a:89:33:49:
         c3:ff:99:4b:cc:fe:56:85:6a:7f:ca:ab:4e:7f:72:4a:b9:c7:
         a7:cb:62:4a:d2:32:ce:f4:9c:f9:6f:28:d6:fa:b7:ef:3d:25:
         2b:77:39:da:38:76:d7:43:14:fc:46:21:bf:66:8d:7e:25:d9:
         3b:79:22:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NAhqd24FOWbW3mt2yhpNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTNlYmZhZjVjMTg3OGQ4YTIyYTkzOGUxNzMyYThhMDc3
MTRmMzUwHhcNMjUxMDE5MTYwMTA5WhcNMjUxMDIwMTYwMTA5WjAzMTEwLwYDVQQD
Eyg3OGNlODkyNTMyZDhkY2FlNDY1NTMzMGVmM2QxMDdhMTM2ZmVkOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUAcAitd9Cws3l8YNDiTXLh+i2LN
UVdsIxTGVVCuj1qputNhXueMBxus5eYKow7ahy9O1cr0kRLTGPjIKTbBaDHsCzLv
V37eq8pUWBeGbN7M3vE/9jW6QkXC/bGzCbR21/8oZ4WPtsnhC8zpGRrsw+D8s+HQ
08eOujXbcpOXp6DwHk+bbQH3cdkvY52J+tGIOkfKwAYdM1qBqRRLUjHMa//Kfy60
a32FLU8v2lzMcoZ+Qw6TGiYfRlGkl/s9NaLxKJcEA5eGH7ya+Pn+0r+jyyOAb65Q
BdmbUw/clrBwfX905AFo+w6Qy8A1kX/KXgP0aSJZbQWT10ngTvLoJUKYIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjOiSUy2NyuRlUzDvPRB6E2/tmpMB8GA1UdIwQY
MBaAFNpT6/r1wYeNiiKpOOFzKooHcU81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgt
OTNjOWU2YjA5M2JjLzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8xYzdjMGUtMjNhMS00MTQyLWJlZTgtOTNjOWU2YjA5M2Jj
LzEvMmxQci12WEJoNDJLSXFrNDRYTXFpZ2R4VHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVgLHvs4Y
dc3YPDhUGjko6Jo7VSX1lytOmZ/mLL/zbeZPI+Z6BzDb4MyrxpAe0LORMOX0JmTV
qwAL1F39THr0457kDrnuTs9hsY1Ekjpap6ii22R8gVrCH3Hz6k6n1382sfvMRYpb
oeoDcdHEjAuc2R8zSMHe48jBVpGr4kAL3xzkyutK3WDm7fBqatGISfsmXp7jUvws
/pKhuEBRxSJ7oUxMNzP3ehRb0oIyRnD/7DzBkjh5HWUowakK0tbj+/B+ZCuKiTNJ
w/+ZS8z+VoVqf8qrTn9ySrnHp8tiStIyzvSc+W8o1vq37z0lK3c52jh210MU/EYh
v2aNfiXZO3kiew==
-----END CERTIFICATE-----