Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
File:                     2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft (raw, json)
Hash identifier:          xdm5BXWOOaX8+3FnEFACDW3r5tT2hdUtbWV+GOjp8BA=
Subject key identifier:   31:A6:E5:B5:F5:FC:B1:04:BE:7A:E8:2D:A6:26:C0:22:C2:9F:A6:48
Authority key identifier: D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7
Certificate issuer:       /CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
Certificate serial:       019A4EF5C806CBF98BDC068B429D81D3103B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
Manifest number:          0DEE
Signing time:             Tue 04 Nov 2025 13:02:01 +0000
Manifest this update:     Tue 04 Nov 2025 13:02:01 +0000
Manifest next update:     Wed 05 Nov 2025 13:02:01 +0000
Files and hashes:         1: 2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl (hash: NmNsTmqpGYxx4zHkvNOl3pWHO1RPKsnJz5ZRi0hzYaQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:c8:06:cb:f9:8b:dc:06:8b:42:9d:81:d3:10:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9936635d12d6ce232e1129c8f18cedb836ecdd7
        Validity
            Not Before: Nov  4 13:02:01 2025 GMT
            Not After : Nov  5 13:02:01 2025 GMT
        Subject: CN=31a6e5b5f5fcb104be7ae82da626c022c29fa648
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:b7:18:33:7b:98:69:64:13:40:16:d8:00:c2:
                    a1:05:40:78:55:37:55:34:6a:7d:61:60:6c:18:32:
                    4f:fa:87:49:ba:3d:82:bf:6b:7b:a5:3a:80:0d:fa:
                    c5:87:9a:62:0c:a1:15:9c:95:9d:f1:a6:46:b2:23:
                    93:b5:ec:e8:b7:72:5e:4b:87:b6:08:b4:fe:56:c1:
                    d6:bf:d8:76:2c:d0:55:24:d9:a3:33:30:e8:48:e6:
                    ac:ca:f4:1c:a8:fe:de:a1:26:50:4e:28:eb:22:4d:
                    28:c5:bf:76:18:26:5f:53:fb:90:0e:50:51:51:c6:
                    0a:b5:a9:ad:12:73:9e:0a:61:0f:d0:50:b6:2c:01:
                    7a:db:98:c4:58:8f:d6:41:21:2f:ec:5e:99:6c:91:
                    76:90:8a:4d:be:39:33:71:25:56:ae:04:93:36:9e:
                    28:c4:a2:47:01:26:75:1c:8d:71:b9:f9:78:ba:13:
                    67:5b:bc:8f:5a:26:a4:e8:86:60:9c:0d:f0:f8:a1:
                    c3:23:fc:6d:0d:5a:ea:ee:2c:f3:bd:ad:0a:3e:f1:
                    5d:5f:cf:a1:e9:19:66:41:b6:ed:7d:f2:de:7c:13:
                    15:01:fb:de:c7:0e:78:18:5a:2d:05:38:50:b4:19:
                    5f:ed:be:0a:d9:36:c6:76:90:07:88:17:06:9e:11:
                    73:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:A6:E5:B5:F5:FC:B1:04:BE:7A:E8:2D:A6:26:C0:22:C2:9F:A6:48
            X509v3 Authority Key Identifier:
                keyid:D9:93:66:35:D1:2D:6C:E2:32:E1:12:9C:8F:18:CE:DB:83:6E:CD:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/50b5eb-6dd1-4078-a55f-488ec23dc804/1/2ZNmNdEtbOIy4RKcjxjO24Nuzdc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:ec:e8:2b:ca:1a:3b:5d:df:5e:92:d1:40:b6:7d:ef:40:bd:
         8e:74:42:a8:c3:ca:19:3b:fb:08:28:5b:68:9f:6e:97:6f:4c:
         c3:23:3f:dd:5d:73:a9:b9:e2:d6:47:92:b3:73:79:1b:d6:de:
         1a:f4:cb:dc:5b:dc:8a:93:97:29:c5:ff:a4:7e:78:1d:54:6f:
         62:4e:a3:8e:75:d7:1f:06:2a:42:9f:83:f1:4f:69:36:c2:53:
         0a:e7:f2:f5:c6:6d:b5:47:47:a2:22:05:ab:18:55:d5:66:ce:
         69:8a:10:56:8b:c9:f1:95:b6:7d:70:7f:48:aa:d9:6f:2f:20:
         e8:9b:af:c6:be:25:fc:2e:05:1d:31:2f:40:bf:70:73:cd:53:
         13:e4:ae:0e:59:44:2b:59:92:ae:66:93:e3:e1:e9:8d:82:c6:
         66:e6:5e:40:ff:f8:98:e7:47:2f:82:5d:b8:b9:e5:9a:c3:ae:
         08:e1:80:11:df:8f:8f:e6:fd:cf:bd:74:0e:75:34:c0:16:7d:
         ff:69:f4:80:ff:94:ab:e5:e1:fc:58:52:13:01:32:13:64:ad:
         57:cf:48:27:74:62:d3:3e:c3:27:44:4f:c1:91:fe:8b:c0:5b:
         81:df:0b:c7:08:d7:84:6e:c9:b8:ca:62:7f:41:8b:82:0e:df:
         6c:90:c2:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9cgGy/mL3AaLQp2B0xA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTM2NjM1ZDEyZDZjZTIzMmUxMTI5YzhmMThjZWRiODM2
ZWNkZDcwHhcNMjUxMTA0MTMwMjAxWhcNMjUxMTA1MTMwMjAxWjAzMTEwLwYDVQQD
EygzMWE2ZTViNWY1ZmNiMTA0YmU3YWU4MmRhNjI2YzAyMmMyOWZhNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bcYM3uYaWQTQBbYAMKhBUB4VTdV
NGp9YWBsGDJP+odJuj2Cv2t7pTqADfrFh5piDKEVnJWd8aZGsiOTtezot3JeS4e2
CLT+VsHWv9h2LNBVJNmjMzDoSOasyvQcqP7eoSZQTijrIk0oxb92GCZfU/uQDlBR
UcYKtamtEnOeCmEP0FC2LAF625jEWI/WQSEv7F6ZbJF2kIpNvjkzcSVWrgSTNp4o
xKJHASZ1HI1xufl4uhNnW7yPWiak6IZgnA3w+KHDI/xtDVrq7izzva0KPvFdX8+h
6RlmQbbtffLefBMVAfvexw54GFotBThQtBlf7b4K2TbGdpAHiBcGnhFzeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGm5bX1/LEEvnroLaYmwCLCn6ZIMB8GA1UdIwQY
MBaAFNmTZjXRLWziMuESnI8YztuDbs3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYt
NDg4ZWMyM2RjODA0LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81MGI1ZWItNmRkMS00MDc4LWE1NWYtNDg4ZWMyM2RjODA0
LzEvMlpObU5kRXRiT0l5NFJLY2p4ak8yNE51emRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXuzoK8oa
O13fXpLRQLZ970C9jnRCqMPKGTv7CChbaJ9ul29MwyM/3V1zqbni1keSs3N5G9be
GvTL3FvcipOXKcX/pH54HVRvYk6jjnXXHwYqQp+D8U9pNsJTCufy9cZttUdHoiIF
qxhV1WbOaYoQVovJ8ZW2fXB/SKrZby8g6Juvxr4l/C4FHTEvQL9wc81TE+SuDllE
K1mSrmaT4+HpjYLGZuZeQP/4mOdHL4JduLnlmsOuCOGAEd+Pj+b9z710DnU0wBZ9
/2n0gP+Uq+Xh/FhSEwEyE2StV89IJ3Ri0z7DJ0RPwZH+i8Bbgd8LxwjXhG7JuMpi
f0GLgg7fbJDCXA==
-----END CERTIFICATE-----