Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
File:                     2nVBcltyi1qJ87-vIPh2VWPC8_s.mft (raw, json)
Hash identifier:          XFsqlSR2ixltWgiU5wZP3E1GliV8id6xetPGAi0I42w=
Subject key identifier:   E6:3A:E0:61:73:CE:D6:F3:41:C5:6E:9F:66:25:44:DB:20:33:2F:A6
Authority key identifier: DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB
Certificate issuer:       /CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
Certificate serial:       019A4EF41E7A069500F945E695A1C77A8AFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 13:00:12 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:12 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:12 +0000
Files and hashes:         1: 2nVBcltyi1qJ87-vIPh2VWPC8_s.crl (hash: lSlNIwQl1GOK7lu2NvBrhOv75Bomcu/oKUIOBnR0ebs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:1e:7a:06:95:00:f9:45:e6:95:a1:c7:7a:8a:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da7541725b728b5a89f3bfaf20f8765563c2f3fb
        Validity
            Not Before: Nov  4 13:00:12 2025 GMT
            Not After : Nov  5 13:00:12 2025 GMT
        Subject: CN=e63ae06173ced6f341c56e9f662544db20332fa6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:7b:06:55:1e:53:32:52:68:49:5e:78:b9:1e:
                    23:fc:08:51:c9:b3:d0:63:c4:74:c8:7c:a7:d4:1b:
                    06:7e:4b:da:1c:65:8d:19:d9:d1:b3:31:0a:04:f4:
                    0a:07:a7:f5:29:7e:a2:d3:a2:f5:10:cc:e7:f1:5c:
                    a4:e4:a4:6d:9a:0b:88:03:47:0e:92:ba:1d:72:95:
                    61:39:8a:8c:22:9e:8b:17:6c:f0:64:73:dc:92:56:
                    0f:e3:a8:d2:6b:85:df:12:73:5c:e9:3f:7c:fe:55:
                    ca:fa:89:35:1f:2a:5a:51:fc:95:62:9d:b9:19:52:
                    10:83:4e:51:3d:3e:36:df:6a:5d:6e:1a:fe:ca:b6:
                    17:56:8e:97:b5:f0:44:8c:b9:d6:0b:2a:cf:f0:af:
                    9e:7b:c4:9b:c3:07:92:ce:f7:2a:0d:2d:da:c1:9a:
                    10:2c:89:3a:bf:63:c6:23:0c:d3:9f:b9:18:e4:30:
                    03:5a:64:57:ff:8e:5d:cb:70:56:94:71:6d:38:62:
                    78:da:d4:cb:4a:85:9d:20:c8:db:48:14:81:be:70:
                    64:9f:fc:4e:7d:f9:0f:fd:0d:e7:20:93:cc:55:c4:
                    56:90:97:30:4e:56:10:b6:67:91:9f:52:17:81:19:
                    49:0a:36:46:d1:85:eb:86:25:b0:d8:d8:8b:eb:3f:
                    5d:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:3A:E0:61:73:CE:D6:F3:41:C5:6E:9F:66:25:44:DB:20:33:2F:A6
            X509v3 Authority Key Identifier:
                keyid:DA:75:41:72:5B:72:8B:5A:89:F3:BF:AF:20:F8:76:55:63:C2:F3:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nVBcltyi1qJ87-vIPh2VWPC8_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4d39b1-fc9a-4476-a79c-db8fd507d1b6/1/2nVBcltyi1qJ87-vIPh2VWPC8_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:7d:10:7f:53:77:01:35:92:72:d3:0d:78:e8:ef:62:4c:7f:
         01:cd:a1:98:b1:27:3a:79:38:af:13:4a:3c:68:b1:7c:d4:0c:
         31:d1:b8:35:93:bc:c3:84:a8:2b:5f:25:3d:4a:31:46:b7:05:
         30:1d:bc:05:c3:51:ca:26:dd:20:18:d3:e4:53:77:9b:78:aa:
         d3:91:44:7d:0e:09:5b:c2:82:ad:7a:02:ff:96:a4:08:80:01:
         c6:3b:2d:2f:38:bc:eb:15:d0:ff:a5:f0:6f:10:98:1b:88:4f:
         2e:fa:aa:e4:af:26:3e:47:8e:ae:c0:83:b6:1e:98:e0:b9:18:
         be:c4:45:02:02:f9:a4:a2:5a:4d:a9:07:9f:6a:bb:6d:6d:e3:
         4b:2c:0d:b5:08:b6:39:69:f2:94:2a:26:a8:e5:07:86:07:57:
         66:7a:d7:ed:23:d5:09:2e:51:8e:ff:e9:bc:26:fa:d4:f9:0f:
         e2:1f:d2:4e:51:85:ae:ec:97:44:03:e1:72:f5:3e:72:ba:ef:
         cf:5d:b5:3a:33:74:f3:eb:98:35:74:ea:9f:1f:6b:df:75:a8:
         ce:ab:6f:33:91:a2:57:66:f3:75:63:62:38:68:12:7f:f4:22:
         92:6e:f6:63:7a:0e:3d:d9:54:ba:26:75:c3:9e:38:71:4d:73:
         1c:87:34:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9B56BpUA+UXmlaHHeor7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzU0MTcyNWI3MjhiNWE4OWYzYmZhZjIwZjg3NjU1NjNj
MmYzZmIwHhcNMjUxMTA0MTMwMDEyWhcNMjUxMTA1MTMwMDEyWjAzMTEwLwYDVQQD
EyhlNjNhZTA2MTczY2VkNmYzNDFjNTZlOWY2NjI1NDRkYjIwMzMyZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3sGVR5TMlJoSV54uR4j/AhRybPQ
Y8R0yHyn1BsGfkvaHGWNGdnRszEKBPQKB6f1KX6i06L1EMzn8Vyk5KRtmguIA0cO
krodcpVhOYqMIp6LF2zwZHPcklYP46jSa4XfEnNc6T98/lXK+ok1HypaUfyVYp25
GVIQg05RPT4232pdbhr+yrYXVo6XtfBEjLnWCyrP8K+ee8SbwweSzvcqDS3awZoQ
LIk6v2PGIwzTn7kY5DADWmRX/45dy3BWlHFtOGJ42tTLSoWdIMjbSBSBvnBkn/xO
ffkP/Q3nIJPMVcRWkJcwTlYQtmeRn1IXgRlJCjZG0YXrhiWw2NiL6z9dywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOY64GFzztbzQcVun2YlRNsgMy+mMB8GA1UdIwQY
MBaAFNp1QXJbcotaifO/ryD4dlVjwvP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMt
ZGI4ZmQ1MDdkMWI2LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80ZDM5YjEtZmM5YS00NDc2LWE3OWMtZGI4ZmQ1MDdkMWI2
LzEvMm5WQmNsdHlpMXFKODctdklQaDJWV1BDOF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdX0Qf1N3
ATWSctMNeOjvYkx/Ac2hmLEnOnk4rxNKPGixfNQMMdG4NZO8w4SoK18lPUoxRrcF
MB28BcNRyibdIBjT5FN3m3iq05FEfQ4JW8KCrXoC/5akCIABxjstLzi86xXQ/6Xw
bxCYG4hPLvqq5K8mPkeOrsCDth6Y4LkYvsRFAgL5pKJaTakHn2q7bW3jSywNtQi2
OWnylComqOUHhgdXZnrX7SPVCS5Rjv/pvCb61PkP4h/STlGFruyXRAPhcvU+crrv
z121OjN08+uYNXTqnx9r33WozqtvM5GiV2bzdWNiOGgSf/Qikm72Y3oOPdlUuiZ1
w544cU1zHIc0tQ==
-----END CERTIFICATE-----