Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
File:                     M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft (raw, json)
Hash identifier:          81iWWJg7vebVNAX6e5XCbeAR9EW5LGtsiFOi4Huyunw=
Subject key identifier:   A8:19:78:CB:1E:19:4C:4F:DD:AB:59:52:70:FF:C7:8F:9B:2F:7C:10
Authority key identifier: 33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99
Certificate issuer:       /CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
Certificate serial:       019A4EF51668A5F0BDC911D8C7BEDB48F33D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
Manifest number:          12F2
Signing time:             Tue 04 Nov 2025 13:01:16 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:16 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:16 +0000
Files and hashes:         1: M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl (hash: aBkEzwFpRc95ZxyupRCeldO4euVN+epGx03Wsgt07ko=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:16:68:a5:f0:bd:c9:11:d8:c7:be:db:48:f3:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3363d72cdd93ab02fe3f788d621d715d9efd7699
        Validity
            Not Before: Nov  4 13:01:16 2025 GMT
            Not After : Nov  5 13:01:16 2025 GMT
        Subject: CN=a81978cb1e194c4fddab595270ffc78f9b2f7c10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:d2:ea:24:d5:0d:ea:70:79:c1:39:f0:99:99:
                    48:a0:2b:f6:b2:70:00:8c:b1:a3:cf:54:2c:b7:1a:
                    dd:9f:38:ca:27:bd:6d:46:1b:cb:36:08:6a:62:d1:
                    47:8e:d3:8c:02:b7:8b:54:37:01:42:35:a5:c3:96:
                    01:dc:48:73:75:6a:7f:2e:08:3e:9b:2d:56:39:22:
                    e5:31:65:a7:c3:0d:0f:e7:b1:d3:88:4b:ef:31:2a:
                    25:63:90:c4:43:74:50:8a:da:bc:2b:f1:02:ee:3d:
                    0b:5e:d9:ce:85:95:f7:d9:6a:bf:02:b1:5b:6e:43:
                    5e:b9:04:cd:eb:cd:d2:98:50:94:5f:38:6c:85:72:
                    21:05:81:0b:0a:d0:ce:03:63:50:d3:4e:50:5c:7c:
                    96:62:a0:ac:29:b1:02:ac:44:40:14:4d:0a:a4:b7:
                    28:f8:18:3b:66:f7:2a:54:e5:b7:a0:2f:51:38:88:
                    22:5b:81:4d:04:78:6d:0c:fb:22:0f:71:2e:ba:aa:
                    4a:da:ae:46:0a:0a:65:d0:10:49:b8:76:96:dc:7d:
                    04:d9:a6:c7:37:63:e9:d5:ca:64:9a:49:2c:af:0e:
                    96:6e:87:3c:79:34:bc:d6:93:94:3c:0b:e9:2d:6e:
                    ff:d3:e9:7d:52:26:ad:35:c1:65:5c:fe:7b:7b:6a:
                    9c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:19:78:CB:1E:19:4C:4F:DD:AB:59:52:70:FF:C7:8F:9B:2F:7C:10
            X509v3 Authority Key Identifier:
                keyid:33:63:D7:2C:DD:93:AB:02:FE:3F:78:8D:62:1D:71:5D:9E:FD:76:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2PXLN2TqwL-P3iNYh1xXZ79dpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c9c0d8-7013-46c3-9c28-434f9e0d750c/1/M2PXLN2TqwL-P3iNYh1xXZ79dpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:54:5c:be:02:d3:58:25:48:32:cd:21:98:ec:7e:99:c0:1e:
         f9:2d:0a:e3:51:49:d4:25:6b:05:0e:37:7e:e8:d2:bc:48:76:
         44:66:c8:af:f2:11:6d:41:81:92:7e:5f:3d:91:5f:00:65:9f:
         80:8f:32:90:20:75:a7:d9:67:83:b0:43:af:a9:8d:8f:69:75:
         da:df:fd:c2:a9:99:6e:1d:ec:39:73:a0:c4:10:7c:be:cc:48:
         a9:8b:87:7f:61:49:6c:1b:4d:f6:ec:c2:22:e5:5f:02:ca:32:
         df:f4:48:62:6e:a1:3b:7c:d7:13:49:fb:cc:25:41:39:80:28:
         b8:0a:d8:2d:29:35:17:db:9d:2f:1f:d3:b7:59:f7:75:f5:66:
         fa:49:c5:fc:52:77:22:81:a4:3e:2a:d8:17:1c:25:48:5c:23:
         b9:3b:e7:be:d6:19:98:86:10:39:d8:79:1d:c4:b7:6d:6b:a1:
         45:5f:7c:8c:49:b3:0e:bc:9e:75:67:ff:95:fe:77:d6:b2:2a:
         aa:06:10:b3:0e:1e:ad:d6:91:e7:7d:25:cc:dc:e0:1b:5f:14:
         b4:77:78:07:af:00:bf:7a:a7:9a:40:77:3b:3e:96:5f:a4:50:
         26:ca:e1:5c:84:48:ee:d2:19:18:2d:5c:9d:a6:e1:e4:d1:8b:
         fd:5a:f7:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9RZopfC9yRHYx77bSPM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjNkNzJjZGQ5M2FiMDJmZTNmNzg4ZDYyMWQ3MTVkOWVm
ZDc2OTkwHhcNMjUxMTA0MTMwMTE2WhcNMjUxMTA1MTMwMTE2WjAzMTEwLwYDVQQD
EyhhODE5NzhjYjFlMTk0YzRmZGRhYjU5NTI3MGZmYzc4ZjliMmY3YzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdLqJNUN6nB5wTnwmZlIoCv2snAA
jLGjz1QstxrdnzjKJ71tRhvLNghqYtFHjtOMAreLVDcBQjWlw5YB3EhzdWp/Lgg+
my1WOSLlMWWnww0P57HTiEvvMSolY5DEQ3RQitq8K/EC7j0LXtnOhZX32Wq/ArFb
bkNeuQTN683SmFCUXzhshXIhBYELCtDOA2NQ005QXHyWYqCsKbECrERAFE0KpLco
+Bg7ZvcqVOW3oC9ROIgiW4FNBHhtDPsiD3EuuqpK2q5GCgpl0BBJuHaW3H0E2abH
N2Pp1cpkmkksrw6Wboc8eTS81pOUPAvpLW7/0+l9UiatNcFlXP57e2qcfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgZeMseGUxP3atZUnD/x4+bL3wQMB8GA1UdIwQY
MBaAFDNj1yzdk6sC/j94jWIdcV2e/XaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgt
NDM0ZjllMGQ3NTBjLzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jOWMwZDgtNzAxMy00NmMzLTljMjgtNDM0ZjllMGQ3NTBj
LzEvTTJQWExOMlRxd0wtUDNpTlloMXhYWjc5ZHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhlRcvgLT
WCVIMs0hmOx+mcAe+S0K41FJ1CVrBQ43fujSvEh2RGbIr/IRbUGBkn5fPZFfAGWf
gI8ykCB1p9lng7BDr6mNj2l12t/9wqmZbh3sOXOgxBB8vsxIqYuHf2FJbBtN9uzC
IuVfAsoy3/RIYm6hO3zXE0n7zCVBOYAouArYLSk1F9udLx/Tt1n3dfVm+knF/FJ3
IoGkPirYFxwlSFwjuTvnvtYZmIYQOdh5HcS3bWuhRV98jEmzDryedWf/lf531rIq
qgYQsw4erdaR530lzNzgG18UtHd4B68Av3qnmkB3Oz6WX6RQJsrhXIRI7tIZGC1c
nabh5NGL/Vr3Og==
-----END CERTIFICATE-----