Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          QCGUZpOHVgLh+R+Suv9UBwrN/UtDppfStNTbv7zf0po=
Subject key identifier:   05:9B:1D:07:47:35:A3:7A:BB:2A:1B:AB:FB:D5:FD:DC:4B:64:B9:EA
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       019A01B60D33582CE22E84AEEE25784E728D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          15E0
Signing time:             Mon 20 Oct 2025 13:01:39 +0000
Manifest this update:     Mon 20 Oct 2025 13:01:39 +0000
Manifest next update:     Tue 21 Oct 2025 13:01:39 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: 3c4FZu1IqRM7f9X1WWDp1KXfi7g/AG/N+mKbMyz9CTY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:b6:0d:33:58:2c:e2:2e:84:ae:ee:25:78:4e:72:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Oct 20 13:01:39 2025 GMT
            Not After : Oct 21 13:01:39 2025 GMT
        Subject: CN=059b1d074735a37abb2a1babfbd5fddc4b64b9ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:9d:52:7e:49:31:ef:81:19:a9:dd:45:49:40:
                    29:07:aa:d2:c3:66:17:4b:7d:2a:3d:4e:74:3c:4a:
                    be:43:04:18:fe:78:be:10:0d:43:02:7e:97:46:6c:
                    3c:70:3b:34:61:11:3c:fb:4d:0e:da:22:42:24:d0:
                    10:ae:db:0d:2f:de:33:b9:cf:f2:3c:7a:bb:f5:d6:
                    c5:fe:b7:72:57:0a:a1:41:49:69:9e:3d:93:ba:8c:
                    54:86:09:72:84:d4:9c:08:94:f8:0b:51:f6:ac:da:
                    16:ce:18:b3:88:43:bf:b3:3b:2f:99:0a:9d:b9:62:
                    0f:4a:bc:b5:29:48:31:4e:84:32:08:43:c7:8d:82:
                    4f:0c:c5:73:b7:69:3a:3c:f7:31:97:21:ad:f4:26:
                    6b:8d:bc:e0:5d:d1:93:0a:91:ba:c4:66:13:69:a2:
                    8c:55:51:a9:ba:14:98:c2:a5:76:33:be:7b:f9:32:
                    a9:fd:f0:a6:02:ea:e5:c7:2b:7a:10:ef:dd:75:50:
                    3c:a7:b1:a0:89:41:7f:ee:36:e6:a0:e4:f6:ee:f6:
                    2d:66:c4:b1:a4:f7:f0:e0:24:26:34:39:b4:26:a6:
                    4a:fe:1e:b8:cb:7a:da:4c:f1:75:df:ab:1e:4f:ed:
                    af:97:1c:fd:6c:cd:f1:81:f2:94:ae:5a:b9:0a:98:
                    e7:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:9B:1D:07:47:35:A3:7A:BB:2A:1B:AB:FB:D5:FD:DC:4B:64:B9:EA
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:18:ed:23:c3:65:72:68:88:b4:0b:1b:52:44:d9:52:4b:76:
         0e:43:94:70:09:09:40:8b:ef:5d:ce:7f:25:15:52:d1:65:0e:
         8d:12:0e:2a:de:01:d6:00:df:7f:d9:01:c0:98:f7:f3:64:e6:
         7b:13:1b:82:66:e1:cf:24:2a:7c:89:1b:2a:49:a9:53:d7:2c:
         d3:4b:1c:07:73:af:e2:fe:a7:27:2a:47:75:44:e1:f7:e9:ed:
         18:85:96:e5:dc:c7:c4:dc:b5:e3:fe:f9:15:5d:60:f4:31:48:
         55:ed:f0:88:84:7c:21:0e:65:cb:14:75:9f:d5:66:78:b7:80:
         2e:25:06:8c:b6:64:f4:3c:93:7e:38:1d:77:fe:7c:23:3a:a2:
         b9:03:ae:b6:73:3d:6c:98:ce:25:77:4a:98:2f:11:56:2d:71:
         29:09:bf:bd:f9:69:66:49:37:95:08:2a:29:dd:ad:bf:26:47:
         44:de:c6:bc:2a:fd:19:81:ea:92:2f:39:62:43:77:8f:af:cf:
         bb:c9:86:de:d9:92:9b:43:2a:77:dd:29:3b:f0:76:07:b4:ba:
         06:13:84:3d:27:fc:45:cd:14:4b:d9:d1:bb:90:11:4f:13:0e:
         7f:60:d5:c5:08:f0:43:99:2d:09:18:be:9e:6b:cb:6b:34:ff:
         5e:3c:5d:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtg0zWCziLoSu7iV4TnKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjUxMDIwMTMwMTM5WhcNMjUxMDIxMTMwMTM5WjAzMTEwLwYDVQQD
EygwNTliMWQwNzQ3MzVhMzdhYmIyYTFiYWJmYmQ1ZmRkYzRiNjRiOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA051Sfkkx74EZqd1FSUApB6rSw2YX
S30qPU50PEq+QwQY/ni+EA1DAn6XRmw8cDs0YRE8+00O2iJCJNAQrtsNL94zuc/y
PHq79dbF/rdyVwqhQUlpnj2TuoxUhglyhNScCJT4C1H2rNoWzhiziEO/szsvmQqd
uWIPSry1KUgxToQyCEPHjYJPDMVzt2k6PPcxlyGt9CZrjbzgXdGTCpG6xGYTaaKM
VVGpuhSYwqV2M757+TKp/fCmAurlxyt6EO/ddVA8p7GgiUF/7jbmoOT27vYtZsSx
pPfw4CQmNDm0JqZK/h64y3raTPF136seT+2vlxz9bM3xgfKUrlq5CpjnYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWbHQdHNaN6uyobq/vV/dxLZLnqMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApRjtI8Nl
cmiItAsbUkTZUkt2DkOUcAkJQIvvXc5/JRVS0WUOjRIOKt4B1gDff9kBwJj382Tm
exMbgmbhzyQqfIkbKkmpU9cs00scB3Ov4v6nJypHdUTh9+ntGIWW5dzHxNy14/75
FV1g9DFIVe3wiIR8IQ5lyxR1n9VmeLeALiUGjLZk9DyTfjgdd/58IzqiuQOutnM9
bJjOJXdKmC8RVi1xKQm/vflpZkk3lQgqKd2tvyZHRN7GvCr9GYHqki85YkN3j6/P
u8mG3tmSm0Mqd90pO/B2B7S6BhOEPSf8Rc0US9nRu5ARTxMOf2DVxQjwQ5ktCRi+
nmvLazT/XjxdGw==
-----END CERTIFICATE-----