Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
File:                     2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft (raw, json)
Hash identifier:          pGSzsvqvF0iMOMjtTjjIpNVnMwb07Wl3b2mo1qNJgVo=
Subject key identifier:   3D:B3:F1:4E:95:03:AD:6D:5B:11:8C:B9:25:E4:5E:7B:3E:67:85:53
Authority key identifier: DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD
Certificate issuer:       /CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
Certificate serial:       0199FBEB1FF86638B0E746EA8A257AEFF69F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
Manifest number:          09C3
Signing time:             Sun 19 Oct 2025 10:01:54 +0000
Manifest this update:     Sun 19 Oct 2025 10:01:54 +0000
Manifest next update:     Mon 20 Oct 2025 10:01:54 +0000
Files and hashes:         1: 2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl (hash: MtZSIax+lA3CkIFWD5g3JLLVSRFLIgD0oDHCWXGXL6g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:1f:f8:66:38:b0:e7:46:ea:8a:25:7a:ef:f6:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbfef0d0e3f3a11343bb917fcb7933f4e9dae4ad
        Validity
            Not Before: Oct 19 10:01:54 2025 GMT
            Not After : Oct 20 10:01:54 2025 GMT
        Subject: CN=3db3f14e9503ad6d5b118cb925e45e7b3e678553
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6f:a7:ed:4d:ca:ac:46:0f:e6:41:46:00:d0:
                    73:1f:8e:a5:bb:22:51:d6:a6:3e:34:bd:f9:0c:23:
                    80:fb:13:e6:f1:f3:0f:b3:66:d4:9d:bf:f2:66:37:
                    fd:25:90:34:8f:ef:69:29:64:11:24:fc:45:e1:90:
                    8d:38:bf:84:dd:cd:24:f2:c6:b4:a1:42:15:c9:5b:
                    36:7c:6d:3d:0d:c3:68:75:42:60:2c:74:a5:b0:1a:
                    7f:a6:86:08:39:5c:ce:f2:b8:84:55:88:11:34:9e:
                    fc:4c:93:1b:e3:ad:d3:97:80:8a:34:cc:da:7d:44:
                    36:68:2f:5e:83:fb:5c:f1:23:55:5e:84:de:29:74:
                    34:e9:24:e9:b5:a6:44:86:8f:66:4e:a1:d8:9c:98:
                    cf:a3:c4:da:c8:7c:a8:fd:06:25:70:25:b8:b7:fb:
                    67:53:fa:ed:33:d7:a5:af:b6:4c:c4:2c:68:71:24:
                    16:00:57:93:b0:59:99:85:ca:37:e5:5d:29:69:43:
                    90:e2:02:37:4f:65:fd:61:db:8e:4a:75:49:2c:82:
                    aa:ca:32:7e:c5:dc:b5:98:eb:c3:42:c5:62:b7:ba:
                    59:66:47:9c:c1:49:f8:8f:d4:6c:b4:68:d5:53:72:
                    49:f8:b3:b0:f2:f5:a5:2b:b4:03:06:9e:87:8e:b8:
                    df:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:B3:F1:4E:95:03:AD:6D:5B:11:8C:B9:25:E4:5E:7B:3E:67:85:53
            X509v3 Authority Key Identifier:
                keyid:DB:FE:F0:D0:E3:F3:A1:13:43:BB:91:7F:CB:79:33:F4:E9:DA:E4:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_7w0OPzoRNDu5F_y3kz9Ona5K0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a8e23-b631-4444-9629-e64c4ec3c919/1/2_7w0OPzoRNDu5F_y3kz9Ona5K0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:63:6c:c5:fc:a7:b3:2f:b2:83:81:7a:a0:c9:9d:6c:e3:1c:
         3a:d7:12:0c:d3:a7:b2:99:17:6f:73:0c:41:53:13:d8:51:2d:
         e3:77:89:64:e0:ca:f1:f5:94:03:e3:f1:1a:e5:80:0f:c2:3a:
         a4:41:c1:8d:36:d7:8a:93:ca:cd:6c:bd:a6:be:b3:50:c8:bd:
         51:32:a8:b4:c6:f0:b0:6b:fd:41:51:f1:62:9c:c5:43:7d:df:
         12:24:24:6a:6b:7f:64:12:93:21:6d:1b:e7:1a:41:e2:e7:d3:
         37:11:52:fd:6a:1c:27:49:00:15:bb:dd:7b:5e:47:bd:28:7c:
         9a:71:7c:10:f2:f2:ed:24:5a:8f:a0:99:0c:dc:0c:50:72:86:
         c1:5e:ac:4c:95:4e:f6:59:6b:7e:43:de:0e:96:fa:61:32:12:
         a7:01:58:bf:e0:be:81:8d:30:53:f0:64:47:c7:00:5c:45:27:
         5e:9d:c6:4b:a8:fe:9a:86:06:55:4d:06:06:29:72:4e:4a:5a:
         53:9a:f8:df:22:8f:7a:37:57:95:51:53:19:a6:0b:6d:14:80:
         97:eb:ed:c4:0c:d9:46:93:5a:55:0e:36:0c:52:75:97:5e:61:
         9a:ea:c8:51:e3:81:a5:0f:27:a7:cf:d7:08:8d:f9:af:7c:2e:
         6d:0d:fc:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76x/4Zjiw50bqiiV67/afMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmVmMGQwZTNmM2ExMTM0M2JiOTE3ZmNiNzkzM2Y0ZTlk
YWU0YWQwHhcNMjUxMDE5MTAwMTU0WhcNMjUxMDIwMTAwMTU0WjAzMTEwLwYDVQQD
EygzZGIzZjE0ZTk1MDNhZDZkNWIxMThjYjkyNWU0NWU3YjNlNjc4NTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW+n7U3KrEYP5kFGANBzH46luyJR
1qY+NL35DCOA+xPm8fMPs2bUnb/yZjf9JZA0j+9pKWQRJPxF4ZCNOL+E3c0k8sa0
oUIVyVs2fG09DcNodUJgLHSlsBp/poYIOVzO8riEVYgRNJ78TJMb463Tl4CKNMza
fUQ2aC9eg/tc8SNVXoTeKXQ06STptaZEho9mTqHYnJjPo8TayHyo/QYlcCW4t/tn
U/rtM9elr7ZMxCxocSQWAFeTsFmZhco35V0paUOQ4gI3T2X9YduOSnVJLIKqyjJ+
xdy1mOvDQsVit7pZZkecwUn4j9RstGjVU3JJ+LOw8vWlK7QDBp6HjrjfkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2z8U6VA61tWxGMuSXkXns+Z4VTMB8GA1UdIwQY
MBaAFNv+8NDj86ETQ7uRf8t5M/Tp2uStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2Mjkt
ZTY0YzRlYzNjOTE5LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYThlMjMtYjYzMS00NDQ0LTk2MjktZTY0YzRlYzNjOTE5
LzEvMl83dzBPUHpvUk5EdTVGX3kza3o5T25hNUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeWNsxfyn
sy+yg4F6oMmdbOMcOtcSDNOnspkXb3MMQVMT2FEt43eJZODK8fWUA+PxGuWAD8I6
pEHBjTbXipPKzWy9pr6zUMi9UTKotMbwsGv9QVHxYpzFQ33fEiQkamt/ZBKTIW0b
5xpB4ufTNxFS/WocJ0kAFbvde15HvSh8mnF8EPLy7SRaj6CZDNwMUHKGwV6sTJVO
9llrfkPeDpb6YTISpwFYv+C+gY0wU/BkR8cAXEUnXp3GS6j+moYGVU0GBilyTkpa
U5r43yKPejdXlVFTGaYLbRSAl+vtxAzZRpNaVQ42DFJ1l15hmurIUeOBpQ8np8/X
CI35r3wubQ38uw==
-----END CERTIFICATE-----