Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          NQKxpw1ldA1wrFdk2/fvOcw7fi97folg3vxtFbj0PhU=
Subject key identifier:   15:C0:D4:23:DF:F5:B9:9F:7F:7B:5F:38:35:8A:80:57:E9:6A:C4:F1
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       0199FFC892312366A1F8078528F24F01EE40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          0768
Signing time:             Mon 20 Oct 2025 04:02:38 +0000
Manifest this update:     Mon 20 Oct 2025 04:02:38 +0000
Manifest next update:     Tue 21 Oct 2025 04:02:38 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: S3oL3ThWMsVUYDzmt/dTx6eb87ynsbSJBI4kANWneDA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:02:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c8:92:31:23:66:a1:f8:07:85:28:f2:4f:01:ee:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Oct 20 04:02:38 2025 GMT
            Not After : Oct 21 04:02:38 2025 GMT
        Subject: CN=15c0d423dff5b99f7f7b5f38358a8057e96ac4f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9c:1c:87:73:16:bb:66:64:d2:19:50:27:c7:
                    32:42:13:3b:88:61:69:ca:1f:11:57:b2:73:5d:be:
                    6a:e6:55:21:66:8b:16:f8:3e:05:a9:45:f9:86:9e:
                    17:f4:c3:37:d9:cd:32:ab:5d:9b:9b:90:3c:f0:78:
                    92:20:88:7a:20:c7:f1:44:e6:3b:95:86:62:05:ad:
                    24:60:46:56:82:f6:e2:ef:f3:16:d3:f0:95:fa:a2:
                    1d:6f:73:c2:b8:95:ca:31:02:d0:78:84:de:f5:e8:
                    fc:b2:cd:e0:1d:50:1e:94:10:1b:20:22:33:54:9b:
                    59:7e:34:61:3a:2d:2c:f0:77:4e:a6:4a:94:e9:d1:
                    9a:f4:46:b9:14:da:4f:88:f1:cf:c5:d9:fb:b5:ff:
                    77:b8:e3:21:87:82:e7:2a:36:bf:5e:c4:01:24:95:
                    8f:5b:07:4c:65:f6:de:44:6e:e0:74:1a:75:d7:56:
                    ec:56:d5:94:ae:c7:1b:f1:52:f2:71:67:49:a2:1e:
                    c0:54:51:41:b0:3a:d0:3b:41:50:f8:72:bd:4c:b2:
                    3d:68:3f:f2:db:13:32:c5:e6:ca:3b:a4:12:0d:6c:
                    3d:31:06:1f:7e:07:89:21:ca:9f:30:f4:21:1d:cd:
                    76:07:9c:e6:fe:dc:3a:79:4a:8d:18:99:be:e8:13:
                    f7:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:C0:D4:23:DF:F5:B9:9F:7F:7B:5F:38:35:8A:80:57:E9:6A:C4:F1
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:49:34:10:ca:7d:8c:1d:18:15:ee:3b:36:25:f0:30:27:b4:
         c1:f0:40:60:a7:07:ab:9d:64:53:28:24:8e:3d:05:e2:6b:ef:
         17:60:67:c8:8b:8e:78:16:4c:80:7a:4c:23:7c:86:c9:40:75:
         10:0a:97:b2:d4:6d:8a:6d:2d:26:f9:a5:3c:c8:43:25:a0:91:
         3b:a4:c8:ca:69:08:5b:88:d9:06:e3:9d:9d:53:f7:3e:d8:79:
         53:fa:6e:b3:93:09:e8:71:f9:cc:6a:29:f6:c4:b7:e4:3e:60:
         c5:4f:6d:c6:a7:11:88:d4:2e:53:b4:c0:c5:75:15:28:3a:1a:
         7d:42:05:04:28:11:73:f8:f9:27:9b:ce:82:7c:e9:3d:99:5e:
         88:d3:a8:65:db:05:e2:ac:62:ae:b6:9f:e2:98:ad:d4:08:db:
         88:28:38:31:c2:65:cd:13:d6:a8:e6:b1:f2:9a:5a:ce:ef:64:
         9a:e2:e4:49:1e:30:1e:7b:71:06:c5:f6:b2:33:c1:c9:f3:60:
         4c:5a:c2:64:07:b4:bf:97:a7:a7:48:95:5e:3f:71:83:5a:f5:
         f8:41:c2:58:74:ae:46:e6:68:6d:52:67:08:95:4d:88:55:ae:
         43:2d:b9:d4:53:f8:fb:39:fe:74:0b:ab:3c:19:c2:60:7f:48:
         9c:89:b1:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/yJIxI2ah+AeFKPJPAe5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjUxMDIwMDQwMjM4WhcNMjUxMDIxMDQwMjM4WjAzMTEwLwYDVQQD
EygxNWMwZDQyM2RmZjViOTlmN2Y3YjVmMzgzNThhODA1N2U5NmFjNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJwch3MWu2Zk0hlQJ8cyQhM7iGFp
yh8RV7JzXb5q5lUhZosW+D4FqUX5hp4X9MM32c0yq12bm5A88HiSIIh6IMfxROY7
lYZiBa0kYEZWgvbi7/MW0/CV+qIdb3PCuJXKMQLQeITe9ej8ss3gHVAelBAbICIz
VJtZfjRhOi0s8HdOpkqU6dGa9Ea5FNpPiPHPxdn7tf93uOMhh4LnKja/XsQBJJWP
WwdMZfbeRG7gdBp111bsVtWUrscb8VLycWdJoh7AVFFBsDrQO0FQ+HK9TLI9aD/y
2xMyxebKO6QSDWw9MQYffgeJIcqfMPQhHc12B5zm/tw6eUqNGJm+6BP3HwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBXA1CPf9bmff3tfODWKgFfpasTxMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOkk0EMp9
jB0YFe47NiXwMCe0wfBAYKcHq51kUygkjj0F4mvvF2BnyIuOeBZMgHpMI3yGyUB1
EAqXstRtim0tJvmlPMhDJaCRO6TIymkIW4jZBuOdnVP3Pth5U/pus5MJ6HH5zGop
9sS35D5gxU9txqcRiNQuU7TAxXUVKDoafUIFBCgRc/j5J5vOgnzpPZleiNOoZdsF
4qxirraf4pit1AjbiCg4McJlzRPWqOax8ppazu9kmuLkSR4wHntxBsX2sjPByfNg
TFrCZAe0v5enp0iVXj9xg1r1+EHCWHSuRuZobVJnCJVNiFWuQy251FP4+zn+dAur
PBnCYH9InImxxg==
-----END CERTIFICATE-----