Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
File:                     7ix0WZPMS28UcK6rRhTwhdSuQKk.mft (raw, json)
Hash identifier:          8m+2kih3uvp08sY0CQCKY+2b9aA8LQFnvxKiP6D6pDc=
Subject key identifier:   E9:68:BF:1F:06:FF:A1:6D:73:96:39:E4:7A:D1:50:72:09:0B:7C:E1
Authority key identifier: EE:2C:74:59:93:CC:4B:6F:14:70:AE:AB:46:14:F0:85:D4:AE:40:A9
Certificate issuer:       /CN=ee2c745993cc4b6f1470aeab4614f085d4ae40a9
Certificate serial:       019A4FD09D9DEE9FB809599F5F8270099110
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
Manifest number:          13A0
Signing time:             Tue 04 Nov 2025 17:01:03 +0000
Manifest this update:     Tue 04 Nov 2025 17:01:03 +0000
Manifest next update:     Wed 05 Nov 2025 17:01:03 +0000
Files and hashes:         1: 7ix0WZPMS28UcK6rRhTwhdSuQKk.crl (hash: N2EHdX5voZeNQuhRvodfFbcsj21jY4RcoQomHJzLhNY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:d0:9d:9d:ee:9f:b8:09:59:9f:5f:82:70:09:91:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee2c745993cc4b6f1470aeab4614f085d4ae40a9
        Validity
            Not Before: Nov  4 17:01:03 2025 GMT
            Not After : Nov  5 17:01:03 2025 GMT
        Subject: CN=e968bf1f06ffa16d739639e47ad15072090b7ce1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8d:17:72:10:6a:7a:ea:bc:57:9b:f0:10:af:
                    79:e1:d4:de:f7:da:73:fb:b8:bd:58:72:34:53:f7:
                    34:13:53:bc:ed:69:95:ec:ae:e5:0d:66:a1:62:89:
                    44:57:61:aa:0d:98:35:ed:45:a0:82:e8:2f:b1:3b:
                    f0:50:1e:d9:1a:f5:36:47:99:cf:5f:84:a5:3a:81:
                    c8:64:d5:a3:5f:4b:5e:fc:cf:df:3f:95:05:ae:a9:
                    fb:70:35:3b:b4:f9:40:78:cc:c2:6c:69:ff:aa:27:
                    de:00:7b:09:09:02:b2:20:3b:04:9b:48:52:d7:b4:
                    90:bc:54:84:09:02:e4:8e:26:b3:27:a7:e9:03:c7:
                    b1:69:d3:d2:c3:a7:57:36:76:39:23:ac:0c:99:b1:
                    f6:e7:cc:9c:71:02:6e:80:86:23:de:a1:ab:8a:57:
                    a9:da:ab:22:a4:a1:94:6d:b4:c1:27:1e:1d:9a:f8:
                    ff:b6:cf:ec:aa:41:a4:8f:d0:af:54:81:e4:d1:94:
                    ba:a4:07:f7:ed:77:c6:7e:09:55:0e:75:68:22:69:
                    24:23:da:dd:c8:23:fa:b2:7e:b7:8e:6f:91:49:60:
                    36:36:6e:e0:c2:09:9e:39:1c:a8:8c:61:06:60:8c:
                    10:a7:1f:54:6f:c2:76:5c:ee:6c:18:09:d8:c3:84:
                    da:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:68:BF:1F:06:FF:A1:6D:73:96:39:E4:7A:D1:50:72:09:0B:7C:E1
            X509v3 Authority Key Identifier:
                keyid:EE:2C:74:59:93:CC:4B:6F:14:70:AE:AB:46:14:F0:85:D4:AE:40:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ix0WZPMS28UcK6rRhTwhdSuQKk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2db4d0-9882-4563-a578-772c9177d529/1/7ix0WZPMS28UcK6rRhTwhdSuQKk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:55:4c:12:41:c3:08:3e:e9:dd:f9:b3:b0:ba:5d:8c:70:43:
         d7:20:2a:b8:0a:11:2b:fe:7d:59:89:17:d6:06:f5:01:6a:56:
         b4:45:65:b0:1a:26:3b:b8:cb:6c:33:2e:d1:87:f4:1e:58:ed:
         c5:44:68:d9:95:a5:85:cf:79:b0:68:62:a8:6d:94:7c:dd:2e:
         08:3f:1a:53:78:9f:2c:2b:44:65:a7:82:fe:aa:d4:1a:92:d9:
         74:26:3c:88:11:3e:ff:3d:e3:90:5d:07:1b:db:30:21:b7:d0:
         47:7e:f0:3a:c9:65:fe:5c:09:43:3f:da:42:81:1d:51:0a:df:
         38:ec:e1:c0:87:bd:8b:53:c9:c0:21:d1:0e:f1:cf:81:aa:fb:
         40:0e:45:69:86:4a:b1:b0:b1:a5:1f:0e:35:39:9c:5b:f2:8a:
         aa:82:dd:5f:e2:0b:b9:5c:14:8f:a2:7c:f0:35:ac:05:81:2b:
         bf:b7:7d:6f:8d:4c:f0:4c:21:28:8f:cc:9e:a5:3d:85:54:da:
         0e:a6:8e:39:3d:57:29:66:cf:c3:83:e7:22:fe:33:93:a5:5a:
         e1:56:04:97:46:3d:98:80:e8:f5:5f:d5:dc:b2:eb:5c:44:b0:
         b2:60:15:aa:f3:39:e5:fd:eb:be:eb:07:cc:2d:5e:88:31:50:
         6b:10:35:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpP0J2d7p+4CVmfX4JwCZEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMmM3NDU5OTNjYzRiNmYxNDcwYWVhYjQ2MTRmMDg1ZDRh
ZTQwYTkwHhcNMjUxMTA0MTcwMTAzWhcNMjUxMTA1MTcwMTAzWjAzMTEwLwYDVQQD
EyhlOTY4YmYxZjA2ZmZhMTZkNzM5NjM5ZTQ3YWQxNTA3MjA5MGI3Y2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm40XchBqeuq8V5vwEK954dTe99pz
+7i9WHI0U/c0E1O87WmV7K7lDWahYolEV2GqDZg17UWggugvsTvwUB7ZGvU2R5nP
X4SlOoHIZNWjX0te/M/fP5UFrqn7cDU7tPlAeMzCbGn/qifeAHsJCQKyIDsEm0hS
17SQvFSECQLkjiazJ6fpA8exadPSw6dXNnY5I6wMmbH258yccQJugIYj3qGrilep
2qsipKGUbbTBJx4dmvj/ts/sqkGkj9CvVIHk0ZS6pAf37XfGfglVDnVoImkkI9rd
yCP6sn63jm+RSWA2Nm7gwgmeORyojGEGYIwQpx9Ub8J2XO5sGAnYw4TakwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOlovx8G/6Ftc5Y55HrRUHIJC3zhMB8GA1UdIwQY
MBaAFO4sdFmTzEtvFHCuq0YU8IXUrkCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yZGI0ZDAtOTg4Mi00NTYzLWE1Nzgt
NzcyYzkxNzdkNTI5LzEvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yZGI0ZDAtOTg4Mi00NTYzLWE1NzgtNzcyYzkxNzdkNTI5
LzEvN2l4MFdaUE1TMjhVY0s2clJoVHdoZFN1UUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVVMEkHD
CD7p3fmzsLpdjHBD1yAquAoRK/59WYkX1gb1AWpWtEVlsBomO7jLbDMu0Yf0Hljt
xURo2ZWlhc95sGhiqG2UfN0uCD8aU3ifLCtEZaeC/qrUGpLZdCY8iBE+/z3jkF0H
G9swIbfQR37wOsll/lwJQz/aQoEdUQrfOOzhwIe9i1PJwCHRDvHPgar7QA5FaYZK
sbCxpR8ONTmcW/KKqoLdX+ILuVwUj6J88DWsBYErv7d9b41M8EwhKI/MnqU9hVTa
DqaOOT1XKWbPw4PnIv4zk6Va4VYEl0Y9mIDo9V/V3LLrXESwsmAVqvM55f3rvusH
zC1eiDFQaxA1Tg==
-----END CERTIFICATE-----