Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
File:                     2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json)
Hash identifier:          O7QFWRd+jdvKxrAsPVfZeT0LY9ZBbZuGXCARKBZjWZs=
Subject key identifier:   F6:B1:02:C8:65:7B:C7:1E:1A:F5:32:28:9D:41:88:40:6A:9F:EC:E8
Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49
Certificate issuer:       /CN=d991d6890f91fb2cd77931b809bdb1eb05091349
Certificate serial:       0199FBEB5C6D8EC88A1188EF4C0F8C505A3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
Manifest number:          117D
Signing time:             Sun 19 Oct 2025 10:02:09 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:09 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:09 +0000
Files and hashes:         1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: muZd474MRyOkrzJ8UV5MHwtBbaeXBGUXePgPNZ7TDsc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:5c:6d:8e:c8:8a:11:88:ef:4c:0f:8c:50:5a:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349
        Validity
            Not Before: Oct 19 10:02:09 2025 GMT
            Not After : Oct 20 10:02:09 2025 GMT
        Subject: CN=f6b102c8657bc71e1af532289d4188406a9fece8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0a:8a:34:2c:17:96:de:53:61:26:ee:78:74:
                    23:a1:4b:72:6e:0b:51:63:00:cf:df:4a:17:ca:96:
                    98:21:47:f9:35:58:66:93:12:6d:4a:5c:32:19:d0:
                    28:5f:99:eb:90:46:bb:d9:f8:45:b1:0b:18:a0:13:
                    e3:e9:15:90:82:8c:3d:a4:18:f5:4a:32:03:ca:f6:
                    a6:47:3a:f7:0b:19:b4:2f:ce:e9:58:76:43:ab:46:
                    09:d7:07:3a:79:c3:75:84:e8:56:8d:72:72:24:3b:
                    ea:d1:2a:3c:02:15:ce:91:da:7f:ad:2c:ae:ca:5a:
                    9b:26:d9:6f:de:ad:90:d1:2b:d5:b2:df:0b:16:54:
                    85:d4:dc:c9:81:7b:c7:fa:74:48:31:57:ee:43:93:
                    33:a4:87:fa:33:97:91:9e:a0:ee:8a:a9:ef:5c:d1:
                    50:95:f8:a3:56:55:c1:93:90:4c:a0:4a:f7:65:c9:
                    af:ed:58:32:f8:76:61:e5:5c:f0:37:7a:99:7c:a3:
                    00:b7:47:c2:fd:af:24:df:59:ac:51:63:6c:07:a4:
                    6f:b6:58:a4:8c:49:8b:76:6d:1a:ac:ff:a0:fe:36:
                    76:4b:21:ee:44:55:52:77:bf:88:fe:5b:0e:a3:59:
                    bd:e4:93:e4:2e:e2:32:8d:6b:6b:ae:31:34:57:e4:
                    bd:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:B1:02:C8:65:7B:C7:1E:1A:F5:32:28:9D:41:88:40:6A:9F:EC:E8
            X509v3 Authority Key Identifier:
                keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:70:59:8b:10:a1:ef:06:e7:ea:7b:37:91:22:b0:54:f8:f4:
         96:19:a6:12:44:fb:50:62:30:f1:79:0e:99:12:5c:2b:12:d5:
         7d:df:ab:36:1e:18:27:0e:df:4d:cd:9d:f4:7f:83:96:a5:0d:
         3c:e2:91:f4:62:87:b7:e0:4d:3c:62:80:4d:a0:5f:c9:59:b7:
         14:49:88:15:b6:41:8b:4d:19:c3:ec:2a:2f:00:7c:7e:27:05:
         b2:63:d1:f3:c3:9f:2d:bd:d2:41:3c:98:ba:a0:02:15:a0:bb:
         b1:8d:9d:48:a5:87:ae:6e:4d:ad:11:dc:0d:04:11:f8:73:6a:
         b8:40:c0:1b:84:b8:d9:47:39:97:f9:91:6e:09:ae:0b:b8:9f:
         4e:97:39:e6:aa:25:84:9b:12:be:e2:7b:07:e9:ee:94:58:95:
         3d:74:81:53:1c:6a:24:0e:35:d4:85:48:56:65:50:54:dd:40:
         37:93:a2:3c:a9:dc:52:7c:4f:20:30:34:66:41:97:e2:ac:6e:
         b8:8d:aa:90:2e:5b:c8:87:02:23:76:ef:07:d8:e3:70:ef:cb:
         30:5e:f7:44:90:dc:79:c4:59:d2:37:27:5c:63:79:05:45:bb:
         77:b3:78:43:ac:24:78:7f:fe:d5:f2:2c:8e:8d:04:40:03:e7:
         23:6b:74:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn761xtjsiKEYjvTA+MUFo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw
OTEzNDkwHhcNMjUxMDE5MTAwMjA5WhcNMjUxMDIwMTAwMjA5WjAzMTEwLwYDVQQD
EyhmNmIxMDJjODY1N2JjNzFlMWFmNTMyMjg5ZDQxODg0MDZhOWZlY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAqKNCwXlt5TYSbueHQjoUtybgtR
YwDP30oXypaYIUf5NVhmkxJtSlwyGdAoX5nrkEa72fhFsQsYoBPj6RWQgow9pBj1
SjIDyvamRzr3Cxm0L87pWHZDq0YJ1wc6ecN1hOhWjXJyJDvq0So8AhXOkdp/rSyu
ylqbJtlv3q2Q0SvVst8LFlSF1NzJgXvH+nRIMVfuQ5MzpIf6M5eRnqDuiqnvXNFQ
lfijVlXBk5BMoEr3Zcmv7Vgy+HZh5VzwN3qZfKMAt0fC/a8k31msUWNsB6Rvtlik
jEmLdm0arP+g/jZ2SyHuRFVSd7+I/lsOo1m95JPkLuIyjWtrrjE0V+S97wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPaxAshle8ceGvUyKJ1BiEBqn+zoMB8GA1UdIwQY
MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt
YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx
LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArHBZixCh
7wbn6ns3kSKwVPj0lhmmEkT7UGIw8XkOmRJcKxLVfd+rNh4YJw7fTc2d9H+DlqUN
POKR9GKHt+BNPGKATaBfyVm3FEmIFbZBi00Zw+wqLwB8ficFsmPR88OfLb3SQTyY
uqACFaC7sY2dSKWHrm5NrRHcDQQR+HNquEDAG4S42Uc5l/mRbgmuC7ifTpc55qol
hJsSvuJ7B+nulFiVPXSBUxxqJA411IVIVmVQVN1AN5OiPKncUnxPIDA0ZkGX4qxu
uI2qkC5byIcCI3bvB9jjcO/LMF73RJDcecRZ0jcnXGN5BUW7d7N4Q6wkeH/+1fIs
jo0EQAPnI2t0iQ==
-----END CERTIFICATE-----