Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          gAUKpddtwnyNjFLu22wcAZH3jr3lJvfeIanlxMnZAW8=
Subject key identifier:   64:FF:F7:A0:A6:D9:7F:55:E5:7D:BA:AF:35:AF:80:CA:85:52:D7:9F
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       019A50E42DDCDB09C721C7E76524FD4FE65C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 22:02:02 +0000
Manifest this update:     Tue 04 Nov 2025 22:02:02 +0000
Manifest next update:     Wed 05 Nov 2025 22:02:02 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: 9I8hfAZv05uo4OqZqCSf/vRlQrXzUsiUgg5csHOaJ0Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e4:2d:dc:db:09:c7:21:c7:e7:65:24:fd:4f:e6:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: Nov  4 22:02:02 2025 GMT
            Not After : Nov  5 22:02:02 2025 GMT
        Subject: CN=64fff7a0a6d97f55e57dbaaf35af80ca8552d79f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c7:94:be:b9:24:e2:38:98:a7:6a:b0:61:d9:
                    2b:9c:0c:88:c7:91:dd:9e:7f:62:97:a4:cb:29:d9:
                    cd:65:71:af:5a:fc:97:b6:6a:1b:33:c4:3f:75:4e:
                    39:05:17:14:bc:87:16:35:06:3e:6b:47:28:df:8c:
                    b7:56:dc:fb:b1:ba:3f:0f:3f:1b:47:4b:6a:47:de:
                    b0:19:8d:4f:6b:b5:8c:b9:0f:ea:56:02:a4:07:bf:
                    68:46:5d:b7:37:24:55:b4:6d:31:d7:ac:e1:37:60:
                    37:53:4c:a2:90:a8:d8:a1:e4:31:dd:6d:5a:47:2b:
                    04:b2:97:7b:09:ee:bf:64:37:c3:b8:f0:25:a1:80:
                    89:b6:c6:5e:ad:26:ff:ea:a9:fa:e9:ab:ab:32:de:
                    ff:52:93:be:b2:6c:9b:3d:11:18:55:e8:ec:64:59:
                    73:7a:02:0c:cd:0b:71:77:ab:42:a7:46:e5:33:28:
                    c7:7a:06:68:b7:bf:4b:09:5f:93:6c:bc:ba:cc:8a:
                    36:8e:1f:04:40:1d:aa:28:cd:b6:e6:f3:26:e9:20:
                    32:28:27:7c:cc:14:50:ec:be:3f:6f:53:1c:22:1e:
                    f0:4b:f6:4e:9d:f3:de:65:20:bb:31:35:09:8f:91:
                    78:a3:95:28:2d:74:8f:be:54:2b:5c:78:72:f7:7b:
                    cf:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:FF:F7:A0:A6:D9:7F:55:E5:7D:BA:AF:35:AF:80:CA:85:52:D7:9F
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:80:c9:40:b8:bb:c7:cc:77:7b:5b:9e:6d:77:89:35:99:fd:
         be:89:0c:19:b6:74:25:8f:d2:d1:e5:50:d6:42:32:eb:52:c9:
         5d:e7:25:25:17:a5:91:96:0e:7a:68:9d:4b:e1:ba:74:1d:ec:
         a0:ec:d5:8c:14:b8:54:73:93:19:40:c4:98:f3:c1:a2:f4:50:
         bc:b3:ef:38:4e:3e:6d:fb:a9:d9:02:8c:52:3a:83:6a:6c:20:
         a4:0a:69:dc:fc:db:a9:d8:34:db:5e:29:b4:50:a9:d9:f7:18:
         7a:73:4f:27:04:26:b1:92:f6:06:b4:5b:50:2e:82:31:f9:49:
         cf:a4:b0:af:5c:9d:c0:4f:bd:ea:78:46:91:bf:40:2d:e2:f7:
         50:bb:5e:08:b8:da:e4:3b:60:66:19:04:0b:6d:d7:7f:f1:11:
         a5:d6:f8:78:fd:20:75:c9:b8:05:97:33:2b:e3:d2:d4:c5:83:
         28:63:70:93:3a:6d:11:d1:ec:c6:90:3c:c4:b3:22:fc:f8:8e:
         7d:39:dd:7f:76:61:56:0b:d0:dc:95:74:76:8a:e3:92:b0:36:
         22:63:da:13:cf:75:6a:9c:a2:1b:b1:8e:42:b2:46:82:71:f0:
         2f:29:fb:7c:ff:54:d6:4f:46:f5:3d:ce:50:95:a1:4a:42:64:
         2f:6c:59:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ5C3c2wnHIcfnZST9T+ZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjUxMTA0MjIwMjAyWhcNMjUxMTA1MjIwMjAyWjAzMTEwLwYDVQQD
Eyg2NGZmZjdhMGE2ZDk3ZjU1ZTU3ZGJhYWYzNWFmODBjYTg1NTJkNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoseUvrkk4jiYp2qwYdkrnAyIx5Hd
nn9il6TLKdnNZXGvWvyXtmobM8Q/dU45BRcUvIcWNQY+a0co34y3Vtz7sbo/Dz8b
R0tqR96wGY1Pa7WMuQ/qVgKkB79oRl23NyRVtG0x16zhN2A3U0yikKjYoeQx3W1a
RysEspd7Ce6/ZDfDuPAloYCJtsZerSb/6qn66aurMt7/UpO+smybPREYVejsZFlz
egIMzQtxd6tCp0blMyjHegZot79LCV+TbLy6zIo2jh8EQB2qKM225vMm6SAyKCd8
zBRQ7L4/b1McIh7wS/ZOnfPeZSC7MTUJj5F4o5UoLXSPvlQrXHhy93vPpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGT/96Cm2X9V5X26rzWvgMqFUtefMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq4DJQLi7
x8x3e1uebXeJNZn9vokMGbZ0JY/S0eVQ1kIy61LJXeclJRelkZYOemidS+G6dB3s
oOzVjBS4VHOTGUDEmPPBovRQvLPvOE4+bfup2QKMUjqDamwgpApp3Pzbqdg0214p
tFCp2fcYenNPJwQmsZL2BrRbUC6CMflJz6Swr1ydwE+96nhGkb9ALeL3ULteCLja
5DtgZhkEC23Xf/ERpdb4eP0gdcm4BZczK+PS1MWDKGNwkzptEdHsxpA8xLMi/PiO
fTndf3ZhVgvQ3JV0dorjkrA2ImPaE891apyiG7GOQrJGgnHwLyn7fP9U1k9G9T3O
UJWhSkJkL2xZ/w==
-----END CERTIFICATE-----