Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/2566c2-be52-4b42-a84c-cc3384ad81a1/1/0Tu8kqL6kKChEiuDMDRvmmFx2XY.mft
File:                     0Tu8kqL6kKChEiuDMDRvmmFx2XY.mft (raw, json)
Hash identifier:          bRbe9X4E9EuZbnribnnRoXTPV5KMyBH4jvAT1toAW1I=
Subject key identifier:   C2:29:15:AC:54:4A:D2:9F:DD:0F:5D:C2:05:8B:2C:58:5D:D9:65:AD
Authority key identifier: D1:3B:BC:92:A2:FA:90:A0:A1:12:2B:83:30:34:6F:9A:61:71:D9:76
Certificate issuer:       /CN=d13bbc92a2fa90a0a1122b8330346f9a6171d976
Certificate serial:       0199FFC78CFB443261F90D2774EE0CB03F07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Tu8kqL6kKChEiuDMDRvmmFx2XY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/2566c2-be52-4b42-a84c-cc3384ad81a1/1/0Tu8kqL6kKChEiuDMDRvmmFx2XY.mft
Manifest number:          11E2
Signing time:             Mon 20 Oct 2025 04:01:31 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:31 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:31 +0000
Files and hashes:         1: 0Tu8kqL6kKChEiuDMDRvmmFx2XY.crl (hash: eocy7WDWflk4qoYc30kzTuWQmK+Ce7WwiJhPZ/Y83dg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/2566c2-be52-4b42-a84c-cc3384ad81a1/1/0Tu8kqL6kKChEiuDMDRvmmFx2XY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/2566c2-be52-4b42-a84c-cc3384ad81a1/1/0Tu8kqL6kKChEiuDMDRvmmFx2XY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Tu8kqL6kKChEiuDMDRvmmFx2XY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:8c:fb:44:32:61:f9:0d:27:74:ee:0c:b0:3f:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d13bbc92a2fa90a0a1122b8330346f9a6171d976
        Validity
            Not Before: Oct 20 04:01:31 2025 GMT
            Not After : Oct 21 04:01:31 2025 GMT
        Subject: CN=c22915ac544ad29fdd0f5dc2058b2c585dd965ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:89:c6:87:e3:76:95:a1:63:c4:6d:81:8f:56:
                    59:9a:ac:72:37:60:30:0a:31:56:53:f0:71:c0:58:
                    03:1b:14:d7:48:5d:60:23:70:7e:d0:24:c5:d0:46:
                    37:fb:e6:3d:a6:af:bf:51:79:29:b7:27:04:97:d3:
                    c1:ce:a7:7d:21:39:de:fa:bc:cf:f3:a9:39:75:39:
                    03:0a:fc:40:a7:4b:1b:25:c1:0b:48:3e:85:8e:e6:
                    f8:de:9b:ff:0c:17:4e:3d:f9:44:c6:65:64:bb:6a:
                    86:fd:d0:54:96:8c:29:9f:1e:53:e4:12:33:ca:dd:
                    08:1f:72:9e:d1:c2:c0:2b:b1:41:b9:c3:0a:58:bd:
                    21:a8:37:0f:81:54:19:7b:9a:c8:ac:70:39:60:01:
                    c0:a3:18:a3:e0:9e:a0:16:77:8c:b5:e5:62:91:bf:
                    7b:94:e4:ec:1e:d2:f6:6a:f7:20:44:9e:ff:ec:37:
                    fa:e8:ab:24:94:7e:6f:b0:af:5c:db:a4:e8:b1:d1:
                    d8:1a:58:b9:6a:1d:14:a9:6b:49:17:7c:a4:44:01:
                    6f:66:a3:c4:56:44:01:04:db:58:d0:3c:0f:e5:89:
                    5c:47:04:f5:2e:75:28:26:0b:2e:e6:6a:2f:3d:98:
                    0f:eb:34:80:5d:48:51:34:a0:4c:5e:72:a6:82:16:
                    a9:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:29:15:AC:54:4A:D2:9F:DD:0F:5D:C2:05:8B:2C:58:5D:D9:65:AD
            X509v3 Authority Key Identifier:
                keyid:D1:3B:BC:92:A2:FA:90:A0:A1:12:2B:83:30:34:6F:9A:61:71:D9:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Tu8kqL6kKChEiuDMDRvmmFx2XY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/2566c2-be52-4b42-a84c-cc3384ad81a1/1/0Tu8kqL6kKChEiuDMDRvmmFx2XY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/2566c2-be52-4b42-a84c-cc3384ad81a1/1/0Tu8kqL6kKChEiuDMDRvmmFx2XY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:c3:b5:98:e7:05:94:ee:73:47:99:0d:ca:fe:89:b5:25:b2:
         dd:52:a5:08:71:07:10:2d:b6:d4:7a:c2:c8:0b:a5:47:dc:db:
         f1:8b:b2:ee:75:01:0d:02:6a:1f:b0:ff:38:67:19:93:5b:72:
         09:71:ab:c5:43:a0:a5:08:fd:9b:a6:bf:b7:ec:0d:27:3a:4c:
         b2:03:58:f7:a7:d4:b4:49:37:fe:9f:3f:e7:cb:62:da:41:c6:
         58:43:e0:81:4c:b9:cc:db:16:48:3d:b7:da:4e:68:25:67:1f:
         c8:f0:93:3f:6a:25:8a:e6:92:39:4c:c0:23:d6:be:f3:11:fe:
         0d:fc:2d:02:13:fd:54:83:25:b2:13:c7:f7:fe:4e:80:2a:74:
         d8:43:75:e8:ee:ff:7d:8e:75:9c:b8:7b:fc:26:ef:8c:20:b1:
         0a:79:0e:7e:e7:c0:74:9b:35:4b:63:28:20:33:9c:7e:09:50:
         9e:6d:d2:1e:9d:11:a2:cd:c8:a4:d4:45:60:37:b2:ab:0b:50:
         88:2b:2d:2e:28:57:31:4f:ec:44:bd:0b:18:5a:9f:2b:4b:c0:
         5b:d3:df:84:91:75:45:13:03:73:b2:99:cf:10:45:b8:39:44:
         58:3a:4a:24:f9:35:f2:84:d6:25:33:71:bc:21:e5:27:83:f5:
         ca:c5:f5:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x4z7RDJh+Q0ndO4MsD8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxM2JiYzkyYTJmYTkwYTBhMTEyMmI4MzMwMzQ2ZjlhNjE3
MWQ5NzYwHhcNMjUxMDIwMDQwMTMxWhcNMjUxMDIxMDQwMTMxWjAzMTEwLwYDVQQD
EyhjMjI5MTVhYzU0NGFkMjlmZGQwZjVkYzIwNThiMmM1ODVkZDk2NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqInGh+N2laFjxG2Bj1ZZmqxyN2Aw
CjFWU/BxwFgDGxTXSF1gI3B+0CTF0EY3++Y9pq+/UXkptycEl9PBzqd9ITne+rzP
86k5dTkDCvxAp0sbJcELSD6Fjub43pv/DBdOPflExmVku2qG/dBUlowpnx5T5BIz
yt0IH3Ke0cLAK7FBucMKWL0hqDcPgVQZe5rIrHA5YAHAoxij4J6gFneMteVikb97
lOTsHtL2avcgRJ7/7Df66KsklH5vsK9c26TosdHYGli5ah0UqWtJF3ykRAFvZqPE
VkQBBNtY0DwP5YlcRwT1LnUoJgsu5movPZgP6zSAXUhRNKBMXnKmghapvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIpFaxUStKf3Q9dwgWLLFhd2WWtMB8GA1UdIwQY
MBaAFNE7vJKi+pCgoRIrgzA0b5phcdl2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFR1OGtxTDZrS0NoRWl1RE1EUnZtbUZ4MlhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8yNTY2YzItYmU1Mi00YjQyLWE4NGMt
Y2MzMzg0YWQ4MWExLzEvMFR1OGtxTDZrS0NoRWl1RE1EUnZtbUZ4MlhZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8yNTY2YzItYmU1Mi00YjQyLWE4NGMtY2MzMzg0YWQ4MWEx
LzEvMFR1OGtxTDZrS0NoRWl1RE1EUnZtbUZ4MlhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcMO1mOcF
lO5zR5kNyv6JtSWy3VKlCHEHEC221HrCyAulR9zb8Yuy7nUBDQJqH7D/OGcZk1ty
CXGrxUOgpQj9m6a/t+wNJzpMsgNY96fUtEk3/p8/58ti2kHGWEPggUy5zNsWSD23
2k5oJWcfyPCTP2oliuaSOUzAI9a+8xH+DfwtAhP9VIMlshPH9/5OgCp02EN16O7/
fY51nLh7/CbvjCCxCnkOfufAdJs1S2MoIDOcfglQnm3SHp0Ros3IpNRFYDeyqwtQ
iCstLihXMU/sRL0LGFqfK0vAW9PfhJF1RRMDc7KZzxBFuDlEWDpKJPk18oTWJTNx
vCHlJ4P1ysX1Rw==
-----END CERTIFICATE-----