Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          SnScjzuMuvQc5HQrMskoumDy81WT1puOiTrleyw8fVs=
Subject key identifier:   D8:67:E1:44:0F:89:0D:84:F3:2E:3D:E8:3D:8D:3B:AE:1B:CC:15:78
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019A4DE1F0D03B48A75D8F56E6330E716C75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0B19
Signing time:             Tue 04 Nov 2025 08:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:44 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: eEUKYfpnrvzgkzPqcbNEBcqD1hcgB16SIxztK8RB+vs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e1:f0:d0:3b:48:a7:5d:8f:56:e6:33:0e:71:6c:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Nov  4 08:00:44 2025 GMT
            Not After : Nov  5 08:00:44 2025 GMT
        Subject: CN=d867e1440f890d84f32e3de83d8d3bae1bcc1578
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:8d:bd:89:c4:c1:20:de:fd:f7:c8:1c:b2:b7:
                    fc:a3:ef:89:e6:3a:a5:d4:13:76:b3:a0:15:b5:9d:
                    36:6f:a5:bc:cc:cc:e1:3c:c0:4d:8f:53:a7:3a:67:
                    39:07:da:73:e4:88:ab:11:7b:d9:35:9b:a3:e2:0c:
                    bd:3b:b6:a3:93:ab:45:c3:66:ed:1a:c5:f6:79:53:
                    da:f0:b6:03:f3:20:cf:12:49:ec:02:f8:eb:00:cb:
                    ec:8e:4d:b2:33:68:69:e4:0a:a7:21:76:1b:9e:a1:
                    78:06:3c:1b:73:0b:6b:49:59:98:f5:bf:ad:de:be:
                    a5:06:39:56:fc:0a:dc:c5:84:a9:03:42:1f:95:48:
                    cb:49:88:f0:6e:b7:da:99:b3:b8:9e:93:25:8f:28:
                    1c:21:2f:38:dd:86:a6:0c:75:10:63:1a:89:12:80:
                    0d:80:aa:64:41:89:0f:45:26:8a:57:69:f7:5c:3f:
                    c9:91:7c:52:47:b6:a1:0d:7e:64:88:f8:34:0c:7d:
                    4a:24:19:49:0c:7a:b0:72:01:93:6b:42:14:1a:01:
                    b3:cf:06:9b:b9:ed:fe:4c:50:44:2d:cb:c8:53:1e:
                    aa:f2:7b:29:d3:57:31:93:0a:51:44:3c:87:b5:35:
                    54:59:47:a4:61:bd:e4:1e:e4:58:f7:fb:03:7f:94:
                    a2:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:67:E1:44:0F:89:0D:84:F3:2E:3D:E8:3D:8D:3B:AE:1B:CC:15:78
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:ff:95:4c:87:0f:94:c7:29:4b:98:ca:0b:5a:9e:cd:95:f8:
         52:26:71:57:3f:d0:c4:93:51:46:7a:ca:90:f0:2b:56:91:f2:
         6e:34:72:41:28:90:27:6f:97:d2:f0:09:74:02:df:be:2a:6f:
         cd:46:98:40:3d:ab:72:e3:49:e1:09:38:ef:b4:96:8e:8e:cf:
         9b:43:c8:3f:04:9a:eb:43:ec:11:d2:8e:c5:ec:8f:1c:a7:75:
         45:7e:dd:fa:73:0c:dd:36:48:36:00:15:b3:ad:da:8c:48:72:
         3d:5b:82:b4:8e:97:7c:fc:6c:52:06:ed:5b:2d:bc:d4:bd:d4:
         51:8a:8d:fe:54:7b:19:d1:56:52:cd:3f:1a:8c:fe:a8:ba:bd:
         1c:4c:90:d4:df:b9:ef:a1:2d:ba:44:a6:41:81:ad:96:d2:d8:
         e5:ee:33:3e:41:07:b8:32:4f:fb:26:51:81:03:8e:ba:b2:e8:
         f9:f2:48:71:07:59:3d:bb:2c:92:70:e9:52:9d:4e:ab:de:f3:
         75:e6:ca:70:25:0e:63:df:7f:8d:ba:85:4a:fb:e4:75:8d:b4:
         db:e7:50:fa:fc:16:dc:80:04:63:85:f9:85:2d:5b:68:dc:47:
         a3:9c:5f:1e:04:9b:ce:95:48:27:93:b3:b2:78:7a:e1:d8:5a:
         4f:82:e4:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4fDQO0inXY9W5jMOcWx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjUxMTA0MDgwMDQ0WhcNMjUxMTA1MDgwMDQ0WjAzMTEwLwYDVQQD
EyhkODY3ZTE0NDBmODkwZDg0ZjMyZTNkZTgzZDhkM2JhZTFiY2MxNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9o29icTBIN7998gcsrf8o++J5jql
1BN2s6AVtZ02b6W8zMzhPMBNj1OnOmc5B9pz5IirEXvZNZuj4gy9O7ajk6tFw2bt
GsX2eVPa8LYD8yDPEknsAvjrAMvsjk2yM2hp5AqnIXYbnqF4BjwbcwtrSVmY9b+t
3r6lBjlW/ArcxYSpA0IflUjLSYjwbrfambO4npMljygcIS843YamDHUQYxqJEoAN
gKpkQYkPRSaKV2n3XD/JkXxSR7ahDX5kiPg0DH1KJBlJDHqwcgGTa0IUGgGzzwab
ue3+TFBELcvIUx6q8nsp01cxkwpRRDyHtTVUWUekYb3kHuRY9/sDf5SiFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhn4UQPiQ2E8y496D2NO64bzBV4MB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi/+VTIcP
lMcpS5jKC1qezZX4UiZxVz/QxJNRRnrKkPArVpHybjRyQSiQJ2+X0vAJdALfvipv
zUaYQD2rcuNJ4Qk477SWjo7Pm0PIPwSa60PsEdKOxeyPHKd1RX7d+nMM3TZINgAV
s63ajEhyPVuCtI6XfPxsUgbtWy281L3UUYqN/lR7GdFWUs0/Goz+qLq9HEyQ1N+5
76EtukSmQYGtltLY5e4zPkEHuDJP+yZRgQOOurLo+fJIcQdZPbssknDpUp1Oq97z
debKcCUOY99/jbqFSvvkdY202+dQ+vwW3IAEY4X5hS1baNxHo5xfHgSbzpVIJ5Oz
snh64dhaT4Lk9Q==
-----END CERTIFICATE-----