Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
File:                     2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft (raw, json)
Hash identifier:          BAlJitz7rmh+KZNPgAcTAgeh7lSi9XAz0VVfghBwlD0=
Subject key identifier:   1D:B4:92:77:06:05:80:04:6D:F2:9A:1F:BC:1A:0C:6B:25:27:28:AC
Authority key identifier: D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF
Certificate issuer:       /CN=d87d8150d1182385c461b580d5638a570c2bc0bf
Certificate serial:       019A533FAEFE2EB380261C21D26B355D9865
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
Manifest number:          170B
Signing time:             Wed 05 Nov 2025 09:01:13 +0000
Manifest this update:     Wed 05 Nov 2025 09:01:13 +0000
Manifest next update:     Thu 06 Nov 2025 09:01:13 +0000
Files and hashes:         1: 2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl (hash: bSaDxpg8gsMb80GoB4JrBxlzxdj3054r/QefUBWwsnI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 09:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:53:3f:ae:fe:2e:b3:80:26:1c:21:d2:6b:35:5d:98:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87d8150d1182385c461b580d5638a570c2bc0bf
        Validity
            Not Before: Nov  5 09:01:13 2025 GMT
            Not After : Nov  6 09:01:13 2025 GMT
        Subject: CN=1db49277060580046df29a1fbc1a0c6b252728ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a6:ae:fe:8c:cf:0e:7d:96:87:f7:a2:40:ee:
                    33:fe:2d:80:df:23:5b:02:09:d2:a5:df:04:9b:c5:
                    4e:f2:67:a7:c5:97:2f:4d:72:fe:80:13:bb:2f:3b:
                    28:74:70:b1:f1:09:a8:8c:3c:47:d6:65:b3:ee:4f:
                    42:d0:c9:e1:27:d4:44:8e:f0:8b:68:1a:6f:1f:dd:
                    ba:97:9b:1d:63:87:c5:d7:a5:92:89:cf:d1:a0:3c:
                    30:23:04:3b:27:d5:61:c3:32:8d:2c:84:9e:8e:3e:
                    aa:a9:a7:18:8a:f6:77:c1:57:41:2f:ba:e4:ed:30:
                    c8:41:4f:bb:bb:fb:ce:23:89:3f:51:49:35:d3:a4:
                    f9:90:ef:66:dd:02:fc:ec:33:9e:98:64:ee:3a:10:
                    2f:63:58:f0:ff:66:cc:30:0b:b1:77:4c:3e:7e:b0:
                    13:b7:ba:b1:35:45:8a:97:9a:f7:6c:55:31:20:60:
                    10:9a:c9:29:e7:1e:1b:65:c6:4a:76:cd:f9:29:6f:
                    a4:0f:87:58:8b:de:16:64:0e:a0:30:65:40:7e:f8:
                    82:fd:f9:1a:f2:9f:29:b0:d3:35:8c:f2:cc:31:20:
                    2e:e9:63:8a:40:a5:64:67:e8:0b:93:68:0e:90:18:
                    b5:87:f1:17:5e:37:4e:b9:3b:41:97:51:7f:2d:da:
                    04:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:B4:92:77:06:05:80:04:6D:F2:9A:1F:BC:1A:0C:6B:25:27:28:AC
            X509v3 Authority Key Identifier:
                keyid:D8:7D:81:50:D1:18:23:85:C4:61:B5:80:D5:63:8A:57:0C:2B:C0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2H2BUNEYI4XEYbWA1WOKVwwrwL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/e1124d-7b34-439d-961d-867953a3b181/1/2H2BUNEYI4XEYbWA1WOKVwwrwL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:89:b0:b0:de:bf:8d:2a:9a:64:15:f9:c1:c7:b0:f1:6f:dd:
         c1:4b:9a:26:ee:a5:a3:68:e2:aa:a3:d7:f1:d9:22:b2:5a:8b:
         52:1c:3a:91:b6:85:c1:59:e7:d8:e8:18:ee:90:0c:5f:2a:92:
         f2:3a:51:28:7b:86:d8:bc:ae:d8:97:f5:ac:60:1e:69:9a:8d:
         9b:8f:8c:a8:46:cb:42:90:ed:0c:83:04:ca:a3:6f:87:64:c0:
         c1:a1:d0:6a:eb:42:2d:7d:62:79:43:94:fd:5e:3b:11:cf:18:
         6d:cb:ae:3b:85:76:1a:0a:27:c3:0c:e0:3c:17:15:d8:f0:3c:
         ed:f4:35:13:60:0a:09:52:76:19:22:79:be:5f:8b:9d:62:6b:
         55:89:50:13:1f:dd:78:5d:b4:87:aa:0a:20:fa:0b:99:f7:3b:
         b9:26:04:1c:42:b2:be:3b:a6:da:7e:3c:94:62:23:11:b7:57:
         81:11:39:60:92:83:80:38:80:47:bc:92:c3:62:0e:1c:d8:93:
         6e:4d:dc:02:07:91:47:d4:ae:55:e0:d3:97:cf:7d:fb:a4:1a:
         35:0f:ee:c2:be:ad:20:f9:7d:ec:39:e5:74:9e:63:bb:5a:12:
         69:fd:06:40:12:26:0e:fc:d5:b1:48:da:82:d5:27:06:55:14:
         92:08:30:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTP67+LrOAJhwh0ms1XZhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2Q4MTUwZDExODIzODVjNDYxYjU4MGQ1NjM4YTU3MGMy
YmMwYmYwHhcNMjUxMTA1MDkwMTEzWhcNMjUxMTA2MDkwMTEzWjAzMTEwLwYDVQQD
EygxZGI0OTI3NzA2MDU4MDA0NmRmMjlhMWZiYzFhMGM2YjI1MjcyOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaau/ozPDn2Wh/eiQO4z/i2A3yNb
AgnSpd8Em8VO8menxZcvTXL+gBO7LzsodHCx8QmojDxH1mWz7k9C0MnhJ9REjvCL
aBpvH926l5sdY4fF16WSic/RoDwwIwQ7J9VhwzKNLISejj6qqacYivZ3wVdBL7rk
7TDIQU+7u/vOI4k/UUk106T5kO9m3QL87DOemGTuOhAvY1jw/2bMMAuxd0w+frAT
t7qxNUWKl5r3bFUxIGAQmskp5x4bZcZKds35KW+kD4dYi94WZA6gMGVAfviC/fka
8p8psNM1jPLMMSAu6WOKQKVkZ+gLk2gOkBi1h/EXXjdOuTtBl1F/LdoEhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB20kncGBYAEbfKaH7waDGslJyisMB8GA1UdIwQY
MBaAFNh9gVDRGCOFxGG1gNVjilcMK8C/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQt
ODY3OTUzYTNiMTgxLzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9lMTEyNGQtN2IzNC00MzlkLTk2MWQtODY3OTUzYTNiMTgx
LzEvMkgyQlVORVlJNFhFWWJXQTFXT0tWd3dyd0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaImwsN6/
jSqaZBX5wcew8W/dwUuaJu6lo2jiqqPX8dkislqLUhw6kbaFwVnn2OgY7pAMXyqS
8jpRKHuG2Lyu2Jf1rGAeaZqNm4+MqEbLQpDtDIMEyqNvh2TAwaHQautCLX1ieUOU
/V47Ec8YbcuuO4V2GgonwwzgPBcV2PA87fQ1E2AKCVJ2GSJ5vl+LnWJrVYlQEx/d
eF20h6oKIPoLmfc7uSYEHEKyvjum2n48lGIjEbdXgRE5YJKDgDiAR7ySw2IOHNiT
bk3cAgeRR9SuVeDTl899+6QaNQ/uwr6tIPl97DnldJ5ju1oSaf0GQBImDvzVsUja
gtUnBlUUkggwCQ==
-----END CERTIFICATE-----