Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
File:                     2hvwCCS2KL9iY7t03ndK3fmZD8k.mft (raw, json)
Hash identifier:          bzE5rVNh0khoBaR4WpVy3StVkai05/PP4S0QbNNNKeI=
Subject key identifier:   84:9D:CF:95:54:E6:85:CE:F3:BE:C1:B4:78:2B:DE:E0:6D:AC:AA:52
Authority key identifier: DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9
Certificate issuer:       /CN=da1bf00824b628bf6263bb74de774addf9990fc9
Certificate serial:       0198D7A91E24D5E5EA09B57559FE913E2F2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
Manifest number:          13CE
Signing time:             Sat 23 Aug 2025 16:00:41 +0000
Manifest this update:     Sat 23 Aug 2025 16:00:41 +0000
Manifest next update:     Sun 24 Aug 2025 16:00:41 +0000
Files and hashes:         1: 2hvwCCS2KL9iY7t03ndK3fmZD8k.crl (hash: zFhybXP+vCTZT9bS7fJs1slEl5xYPSrd+mf5d/YaWQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 14:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:a9:1e:24:d5:e5:ea:09:b5:75:59:fe:91:3e:2f:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1bf00824b628bf6263bb74de774addf9990fc9
        Validity
            Not Before: Aug 23 16:00:41 2025 GMT
            Not After : Aug 24 16:00:41 2025 GMT
        Subject: CN=849dcf9554e685cef3bec1b4782bdee06dacaa52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ed:c6:dd:08:85:61:02:de:ea:18:e1:71:f2:
                    e3:08:c9:6b:94:67:70:3c:f4:5c:ac:31:37:b2:1a:
                    6e:28:77:13:16:43:02:5e:5f:88:8c:7c:3f:d1:7a:
                    b2:46:d0:7b:d6:4a:53:6a:f6:17:ab:d3:a5:9c:f0:
                    c6:66:d2:4a:18:b6:af:ec:5c:13:a5:58:66:8a:fc:
                    b6:ff:8a:9f:52:fa:bc:41:c0:1d:cd:a4:dd:a4:41:
                    96:31:b3:23:0f:fd:9b:32:f8:23:c2:4c:61:2f:b4:
                    b9:78:e4:ee:3e:9a:59:5b:06:c7:06:ec:ff:85:d4:
                    f0:db:78:d9:e7:11:a2:21:54:0d:b8:28:c5:99:41:
                    42:db:04:b2:e4:2e:c6:d4:f8:c1:28:96:46:90:6c:
                    70:11:bb:83:38:26:a2:34:b0:a1:64:b7:4f:51:26:
                    4d:d8:b2:e3:37:40:3e:3f:53:e1:a5:9f:2a:8f:55:
                    25:b0:e0:11:a0:db:32:db:c1:74:65:ec:c8:a7:16:
                    9a:56:50:0f:6b:2b:47:5c:ad:63:45:16:70:92:65:
                    b9:d2:20:98:51:d7:14:26:03:c3:a1:20:15:fe:99:
                    f8:cc:83:d1:9c:79:22:a8:1e:67:63:49:98:81:4e:
                    2a:3c:81:fa:bc:46:4a:7c:7b:d7:62:ff:b0:a9:bf:
                    a9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:9D:CF:95:54:E6:85:CE:F3:BE:C1:B4:78:2B:DE:E0:6D:AC:AA:52
            X509v3 Authority Key Identifier:
                keyid:DA:1B:F0:08:24:B6:28:BF:62:63:BB:74:DE:77:4A:DD:F9:99:0F:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2hvwCCS2KL9iY7t03ndK3fmZD8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/0248cc-c768-46c1-823c-d6c62142f7e3/1/2hvwCCS2KL9iY7t03ndK3fmZD8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:79:d5:35:a6:27:5d:2a:b5:3d:7d:45:1c:e9:bc:94:4b:8b:
         14:cb:73:70:cd:8b:ef:62:f9:15:43:39:8f:1b:b8:9d:c4:d7:
         6b:1d:4a:8c:4d:72:a9:75:ac:2e:5b:35:31:72:b7:bc:03:dc:
         ef:c7:42:56:95:de:21:f9:24:37:4e:a2:de:b7:22:b5:fe:84:
         cb:e1:b9:6b:7c:16:cb:bc:a2:07:89:6c:5d:fc:45:bd:3e:f2:
         4c:ce:e3:b3:f6:a9:3c:f2:6d:78:ad:b7:0c:df:6f:a5:e7:6f:
         9c:df:2e:76:d4:ec:01:db:77:aa:fe:bf:d0:2a:27:bb:7b:f1:
         9a:92:dc:bb:c6:60:c7:b1:10:b1:60:81:9b:3f:ad:1b:4f:18:
         8b:23:98:1b:2d:48:c1:fe:fb:04:f6:ac:99:5e:b9:bf:22:1c:
         68:0d:6c:39:92:05:11:49:95:3c:b1:2c:c7:3b:1a:cd:bd:f4:
         21:ef:26:b4:c0:25:5b:a4:1f:b3:d5:cd:1d:33:7a:81:3c:00:
         52:7f:ab:df:52:79:6b:f8:01:05:b5:3b:0c:d9:d7:e3:04:0a:
         8d:89:c8:83:b2:7f:84:4e:81:ad:07:d9:6d:53:8a:4a:9e:12:
         a2:f7:e4:f7:9a:b1:6e:5a:1e:75:7e:84:fe:fe:44:5d:13:f8:
         f8:0a:ff:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXqR4k1eXqCbV1Wf6RPi8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWJmMDA4MjRiNjI4YmY2MjYzYmI3NGRlNzc0YWRkZjk5
OTBmYzkwHhcNMjUwODIzMTYwMDQxWhcNMjUwODI0MTYwMDQxWjAzMTEwLwYDVQQD
Eyg4NDlkY2Y5NTU0ZTY4NWNlZjNiZWMxYjQ3ODJiZGVlMDZkYWNhYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiu3G3QiFYQLe6hjhcfLjCMlrlGdw
PPRcrDE3shpuKHcTFkMCXl+IjHw/0XqyRtB71kpTavYXq9OlnPDGZtJKGLav7FwT
pVhmivy2/4qfUvq8QcAdzaTdpEGWMbMjD/2bMvgjwkxhL7S5eOTuPppZWwbHBuz/
hdTw23jZ5xGiIVQNuCjFmUFC2wSy5C7G1PjBKJZGkGxwEbuDOCaiNLChZLdPUSZN
2LLjN0A+P1PhpZ8qj1UlsOARoNsy28F0ZezIpxaaVlAPaytHXK1jRRZwkmW50iCY
UdcUJgPDoSAV/pn4zIPRnHkiqB5nY0mYgU4qPIH6vEZKfHvXYv+wqb+pxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISdz5VU5oXO877BtHgr3uBtrKpSMB8GA1UdIwQY
MBaAFNob8Agktii/YmO7dN53St35mQ/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2Mt
ZDZjNjIxNDJmN2UzLzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8wMjQ4Y2MtYzc2OC00NmMxLTgyM2MtZDZjNjIxNDJmN2Uz
LzEvMmh2d0NDUzJLTDlpWTd0MDNuZEszZm1aRDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR3nVNaYn
XSq1PX1FHOm8lEuLFMtzcM2L72L5FUM5jxu4ncTXax1KjE1yqXWsLls1MXK3vAPc
78dCVpXeIfkkN06i3rcitf6Ey+G5a3wWy7yiB4lsXfxFvT7yTM7js/apPPJteK23
DN9vpedvnN8udtTsAdt3qv6/0Conu3vxmpLcu8Zgx7EQsWCBmz+tG08YiyOYGy1I
wf77BPasmV65vyIcaA1sOZIFEUmVPLEsxzsazb30Ie8mtMAlW6Qfs9XNHTN6gTwA
Un+r31J5a/gBBbU7DNnX4wQKjYnIg7J/hE6BrQfZbVOKSp4Sovfk95qxbloedX6E
/v5EXRP4+Ar/Ew==
-----END CERTIFICATE-----