Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          qHpu8NycXzwRe16ycsnoeh8wYxBhhOyaKXgE65KkKkU=
Subject key identifier:   D6:C2:10:8D:EB:FC:E2:16:FB:3F:4B:80:E7:F8:75:CE:29:53:6B:B8
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       019A4EF50FA34D14756B1BF2CA88303927FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          0936
Signing time:             Tue 04 Nov 2025 13:01:14 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:14 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:14 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: zIfQAiRKxsIYaNo6dyeJ3bns6uKI6FBXDGslGnCMuQE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:0f:a3:4d:14:75:6b:1b:f2:ca:88:30:39:27:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Nov  4 13:01:14 2025 GMT
            Not After : Nov  5 13:01:14 2025 GMT
        Subject: CN=d6c2108debfce216fb3f4b80e7f875ce29536bb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:a2:c7:66:b4:73:28:a3:06:39:43:ae:a8:bc:
                    df:59:b7:95:a8:b7:41:59:c1:5c:0f:d5:cc:79:2e:
                    05:43:34:b2:cd:6a:23:df:e0:e8:61:30:00:3d:36:
                    8f:c1:30:22:6b:f1:52:c6:ba:dc:d3:35:0a:3b:0e:
                    e8:30:03:13:69:46:f5:df:bf:13:5b:df:0d:9e:90:
                    81:2d:2c:29:42:66:94:ca:7b:4c:6d:85:4e:5a:19:
                    3a:f3:48:78:9e:3f:b3:63:59:b4:af:07:88:cc:0b:
                    c0:67:f9:d2:a7:66:12:e0:8e:1d:f1:c2:0d:87:3a:
                    71:b6:84:2a:86:10:7e:34:ff:25:b3:0a:ce:c1:9d:
                    10:37:ce:1c:29:ce:2d:d7:13:19:b4:b6:d5:4b:bb:
                    0d:c5:c7:42:76:65:4a:97:e6:65:ea:5e:d4:d5:b5:
                    11:0a:7b:e6:87:4f:53:98:8e:b9:a7:da:5b:56:7c:
                    91:63:e1:ed:9f:85:64:4e:6b:89:08:a3:36:11:fc:
                    e6:17:db:d4:ad:34:60:96:67:c8:56:24:d7:db:19:
                    7e:14:54:89:3a:33:de:f8:c9:3b:6f:80:8c:6f:4b:
                    95:f4:2a:3a:00:e5:2a:c7:b8:19:99:5f:8f:e7:0b:
                    d2:f5:b5:d4:3c:c9:f6:e7:13:43:36:bf:61:41:b0:
                    60:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:C2:10:8D:EB:FC:E2:16:FB:3F:4B:80:E7:F8:75:CE:29:53:6B:B8
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:3f:51:7b:1e:68:b7:18:f9:e4:dd:cb:5c:78:04:b2:25:40:
         ad:c5:12:d0:54:66:26:79:89:0d:c3:5c:36:c1:25:ee:71:16:
         6a:39:42:c4:4a:05:de:83:64:d3:d4:b3:9a:3f:57:4e:d5:86:
         29:b5:e9:4c:9d:2f:0e:6f:d1:90:f6:4f:ef:7d:95:db:49:5b:
         d7:21:25:0a:8d:48:1d:98:4d:bc:c3:7e:5f:a4:63:ae:4f:5c:
         57:45:0a:56:65:d5:9a:b2:f5:bf:9a:d5:31:f2:4c:ca:32:47:
         92:ff:3f:b8:43:9c:3c:af:6b:64:c6:ff:ef:63:a2:62:fb:55:
         b6:95:93:04:e2:86:48:32:4e:69:70:38:1a:ab:4d:dc:42:c8:
         f9:64:87:00:cc:7f:9e:00:85:e5:53:4a:a8:82:59:84:94:03:
         08:17:1a:df:0c:91:28:e5:96:a0:90:57:02:3a:94:ba:a4:0d:
         67:db:ac:b8:f6:89:6d:f9:0e:a0:63:22:5f:24:c4:68:27:7a:
         93:f0:41:2b:2b:73:24:1e:d5:a5:47:3f:f5:1b:09:65:52:b1:
         0c:b5:20:f6:65:f5:12:c3:b2:f6:74:ef:d9:b0:00:3b:ce:d6:
         74:1a:fe:8f:c8:28:c8:5c:db:f0:56:da:7d:83:0b:01:8f:fc:
         c6:88:a7:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Q+jTRR1axvyyogwOSf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjUxMTA0MTMwMTE0WhcNMjUxMTA1MTMwMTE0WjAzMTEwLwYDVQQD
EyhkNmMyMTA4ZGViZmNlMjE2ZmIzZjRiODBlN2Y4NzVjZTI5NTM2YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56LHZrRzKKMGOUOuqLzfWbeVqLdB
WcFcD9XMeS4FQzSyzWoj3+DoYTAAPTaPwTAia/FSxrrc0zUKOw7oMAMTaUb1378T
W98NnpCBLSwpQmaUyntMbYVOWhk680h4nj+zY1m0rweIzAvAZ/nSp2YS4I4d8cIN
hzpxtoQqhhB+NP8lswrOwZ0QN84cKc4t1xMZtLbVS7sNxcdCdmVKl+Zl6l7U1bUR
Cnvmh09TmI65p9pbVnyRY+Htn4VkTmuJCKM2EfzmF9vUrTRglmfIViTX2xl+FFSJ
OjPe+Mk7b4CMb0uV9Co6AOUqx7gZmV+P5wvS9bXUPMn25xNDNr9hQbBg4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbCEI3r/OIW+z9LgOf4dc4pU2u4MB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArj9Rex5o
txj55N3LXHgEsiVArcUS0FRmJnmJDcNcNsEl7nEWajlCxEoF3oNk09Szmj9XTtWG
KbXpTJ0vDm/RkPZP732V20lb1yElCo1IHZhNvMN+X6Rjrk9cV0UKVmXVmrL1v5rV
MfJMyjJHkv8/uEOcPK9rZMb/72OiYvtVtpWTBOKGSDJOaXA4GqtN3ELI+WSHAMx/
ngCF5VNKqIJZhJQDCBca3wyRKOWWoJBXAjqUuqQNZ9usuPaJbfkOoGMiXyTEaCd6
k/BBKytzJB7VpUc/9RsJZVKxDLUg9mX1EsOy9nTv2bAAO87WdBr+j8goyFzb8Fba
fYMLAY/8xoinEw==
-----END CERTIFICATE-----