Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
File:                     2Bytep8KCbPVTabNzedDEvrMbXc.mft (raw, json)
Hash identifier:          vnJ1r8JviiMU32xqofi18P9g/iXZhQnV7zNXAGoeqj4=
Subject key identifier:   32:90:B8:1D:DF:C4:DB:4E:F3:B1:A1:D3:0B:15:DE:B4:57:A0:AB:D2
Authority key identifier: D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77
Certificate issuer:       /CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77
Certificate serial:       019A00354FC07AC2C50B81199B203E178052
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
Manifest number:          094E
Signing time:             Mon 20 Oct 2025 06:01:25 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:25 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:25 +0000
Files and hashes:         1: 2Bytep8KCbPVTabNzedDEvrMbXc.crl (hash: poThVV3bGTct1FBhqlAyGCDGmAKV/zlYssKP7v5GpCQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 06:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:4f:c0:7a:c2:c5:0b:81:19:9b:20:3e:17:80:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d81cad7a9f0a09b3d54da6cdcde74312facc6d77
        Validity
            Not Before: Oct 20 06:01:25 2025 GMT
            Not After : Oct 21 06:01:25 2025 GMT
        Subject: CN=3290b81ddfc4db4ef3b1a1d30b15deb457a0abd2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c0:31:c8:18:d3:e7:32:96:a0:86:5f:93:bb:
                    0e:a9:ce:8e:f5:56:38:45:0c:98:e4:a1:3a:67:fc:
                    eb:7e:43:6f:df:24:00:5c:ec:5e:35:05:be:07:e7:
                    1e:a0:0b:6e:be:6d:7f:07:83:ff:18:2f:9d:a8:a8:
                    76:e4:c2:89:ca:e2:9a:84:81:46:8e:5a:84:60:db:
                    c1:cd:04:07:42:c8:60:54:e1:dd:8e:62:6f:62:98:
                    51:2b:bb:5b:aa:11:3b:4e:41:c0:6d:12:80:e8:f2:
                    7c:dc:10:92:f8:b9:12:44:73:74:dd:0d:79:be:43:
                    c9:81:d5:9c:5c:4c:2d:45:11:ca:65:54:6e:a1:bd:
                    f4:0d:44:4e:3d:43:0a:47:08:1c:f0:f5:5f:7d:86:
                    ae:cc:cf:41:4c:b7:c6:91:a7:37:c6:f4:1b:50:a9:
                    b3:2b:f2:ae:b7:af:7f:f3:aa:ee:b6:1d:60:b3:ad:
                    06:32:a8:66:f4:2e:b6:87:a5:33:83:cf:32:80:b9:
                    b8:69:ef:d8:a8:37:76:3f:88:1b:8e:7d:73:25:c0:
                    5a:a8:a4:ba:7d:48:66:aa:ff:d4:59:46:8d:0a:8d:
                    36:76:4a:47:cd:91:97:2b:1c:6c:7d:b0:23:92:78:
                    7d:21:6e:9d:93:d3:46:27:6b:1c:c7:28:e1:ce:0c:
                    a1:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:90:B8:1D:DF:C4:DB:4E:F3:B1:A1:D3:0B:15:DE:B4:57:A0:AB:D2
            X509v3 Authority Key Identifier:
                keyid:D8:1C:AD:7A:9F:0A:09:B3:D5:4D:A6:CD:CD:E7:43:12:FA:CC:6D:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Bytep8KCbPVTabNzedDEvrMbXc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6fef2f-a748-4796-96a0-d3ea707c8f18/1/2Bytep8KCbPVTabNzedDEvrMbXc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:57:b6:78:ff:5c:97:a7:de:af:ce:4b:0b:ea:07:6d:d5:1c:
         d6:b7:4c:e4:a4:15:25:61:4f:ee:54:18:7f:35:d4:59:8d:f8:
         6e:21:78:0e:73:1c:24:e0:6b:cf:40:73:89:21:da:2d:03:b0:
         1b:49:f4:50:c9:4e:b7:06:33:b1:0f:01:b7:ae:1d:22:68:b1:
         6b:be:5f:94:b8:68:e8:66:b9:dd:0c:e1:b8:ee:db:3c:c9:e7:
         b3:46:7f:f8:52:4b:87:78:17:08:83:f5:7e:e0:b2:7d:b1:b8:
         af:66:6c:64:4c:be:9d:be:9b:7e:bf:28:05:da:0f:bb:9a:34:
         2b:0f:8f:1f:5a:87:39:8b:94:e8:28:5f:8d:06:ab:fb:c2:a4:
         6d:78:3b:4d:b2:5d:8f:9d:cf:7e:ce:ab:84:8c:02:72:25:db:
         84:58:73:65:de:fd:2f:cf:41:77:1c:a2:14:ea:2d:ea:c1:0e:
         62:72:61:06:fa:bb:62:67:56:d9:d4:82:63:db:8f:09:22:04:
         2c:3a:2d:66:5f:ec:89:5a:8b:65:8d:ab:0d:ac:01:cd:59:27:
         05:60:68:b8:43:a8:af:39:ce:c2:cb:85:5e:ba:2b:f9:0a:d9:
         40:b2:0b:e8:3f:7b:4b:e8:e7:c4:2d:ac:dd:6c:db:a3:3b:aa:
         61:b9:64:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANU/AesLFC4EZmyA+F4BSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWNhZDdhOWYwYTA5YjNkNTRkYTZjZGNkZTc0MzEyZmFj
YzZkNzcwHhcNMjUxMDIwMDYwMTI1WhcNMjUxMDIxMDYwMTI1WjAzMTEwLwYDVQQD
EygzMjkwYjgxZGRmYzRkYjRlZjNiMWExZDMwYjE1ZGViNDU3YTBhYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMAxyBjT5zKWoIZfk7sOqc6O9VY4
RQyY5KE6Z/zrfkNv3yQAXOxeNQW+B+ceoAtuvm1/B4P/GC+dqKh25MKJyuKahIFG
jlqEYNvBzQQHQshgVOHdjmJvYphRK7tbqhE7TkHAbRKA6PJ83BCS+LkSRHN03Q15
vkPJgdWcXEwtRRHKZVRuob30DUROPUMKRwgc8PVffYauzM9BTLfGkac3xvQbUKmz
K/Kut69/86ruth1gs60GMqhm9C62h6Uzg88ygLm4ae/YqDd2P4gbjn1zJcBaqKS6
fUhmqv/UWUaNCo02dkpHzZGXKxxsfbAjknh9IW6dk9NGJ2scxyjhzgyhPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKQuB3fxNtO87Gh0wsV3rRXoKvSMB8GA1UdIwQY
MBaAFNgcrXqfCgmz1U2mzc3nQxL6zG13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAt
ZDNlYTcwN2M4ZjE4LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ZmVmMmYtYTc0OC00Nzk2LTk2YTAtZDNlYTcwN2M4ZjE4
LzEvMkJ5dGVwOEtDYlBWVGFiTnplZERFdnJNYlhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKFe2eP9c
l6fer85LC+oHbdUc1rdM5KQVJWFP7lQYfzXUWY34biF4DnMcJOBrz0BziSHaLQOw
G0n0UMlOtwYzsQ8Bt64dImixa75flLho6Ga53QzhuO7bPMnns0Z/+FJLh3gXCIP1
fuCyfbG4r2ZsZEy+nb6bfr8oBdoPu5o0Kw+PH1qHOYuU6ChfjQar+8KkbXg7TbJd
j53Pfs6rhIwCciXbhFhzZd79L89BdxyiFOot6sEOYnJhBvq7YmdW2dSCY9uPCSIE
LDotZl/siVqLZY2rDawBzVknBWBouEOorznOwsuFXror+QrZQLIL6D97S+jnxC2s
3WzbozuqYblkUA==
-----END CERTIFICATE-----