Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
File:                     2o2nRADHVVq6J8Eon7-5CzO3miI.mft (raw, json)
Hash identifier:          hiDBT8q0L2uWLQKGLcE8huVfq+C0cmzVW59a+bE+uCw=
Subject key identifier:   E4:7A:D3:C2:5A:89:61:12:AE:DA:6F:7E:BA:5B:87:0C:53:80:F0:28
Authority key identifier: DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22
Certificate issuer:       /CN=da8da74400c7555aba27c1289fbfb90b33b79a22
Certificate serial:       019A4D7444E2319A84AF61396942A772CF7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
Manifest number:          1599
Signing time:             Tue 04 Nov 2025 06:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 06:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 06:00:56 +0000
Files and hashes:         1: 2o2nRADHVVq6J8Eon7-5CzO3miI.crl (hash: VaruChAfqJROOux+6wFdWJf36sC3hvBZQlUOpVhiyQo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 06:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:74:44:e2:31:9a:84:af:61:39:69:42:a7:72:cf:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da8da74400c7555aba27c1289fbfb90b33b79a22
        Validity
            Not Before: Nov  4 06:00:56 2025 GMT
            Not After : Nov  5 06:00:56 2025 GMT
        Subject: CN=e47ad3c25a896112aeda6f7eba5b870c5380f028
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8a:a8:80:1b:8f:df:8d:f4:18:48:bd:15:db:
                    20:b8:a1:90:cb:f6:57:7f:a5:bd:86:c8:10:34:64:
                    c1:0f:b9:6e:2d:85:4f:ef:7c:f5:6f:06:1c:67:74:
                    8d:f6:9d:63:ad:4e:58:f5:0c:3b:ab:91:aa:2d:4f:
                    46:d8:d6:9b:fc:5f:f5:7f:07:e3:76:ef:ac:bc:5a:
                    cb:f5:2b:64:4d:61:63:a6:00:af:9c:b2:a6:f0:67:
                    64:bb:a8:ba:6a:c0:2b:c0:45:e2:8f:cf:db:a8:b9:
                    ce:d0:c9:35:9f:e9:8a:76:41:8c:be:1d:27:1b:58:
                    a5:82:4c:4f:98:cc:ba:04:03:6c:5d:4d:8f:d9:89:
                    2b:18:0f:eb:03:8a:1c:90:21:3c:4b:0a:c2:0f:08:
                    0e:6e:a5:36:cf:be:d5:2a:38:6e:80:65:6a:61:47:
                    50:b3:e1:a3:6e:43:59:e3:b7:33:5d:02:79:2a:60:
                    63:c6:73:dc:5b:af:f6:d9:87:27:a8:37:ba:e8:38:
                    30:e5:ab:28:cb:42:9b:03:31:ca:7b:3e:e1:1e:36:
                    23:f5:ae:11:01:96:59:b3:70:00:4e:8b:1a:75:36:
                    e6:28:e4:52:2f:98:3c:fd:17:b7:fc:67:bd:56:7d:
                    c2:4d:73:f1:88:96:78:00:8a:ba:29:96:e1:46:b7:
                    a8:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:7A:D3:C2:5A:89:61:12:AE:DA:6F:7E:BA:5B:87:0C:53:80:F0:28
            X509v3 Authority Key Identifier:
                keyid:DA:8D:A7:44:00:C7:55:5A:BA:27:C1:28:9F:BF:B9:0B:33:B7:9A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o2nRADHVVq6J8Eon7-5CzO3miI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/759ab4-eb40-418c-8f11-25a6824e3157/1/2o2nRADHVVq6J8Eon7-5CzO3miI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:8a:35:9e:0f:ef:4a:44:e6:f3:7f:c3:b9:23:39:21:fd:77:
         2c:5a:b4:95:97:dc:e9:02:e3:08:b8:ea:ba:13:e4:cb:6c:b9:
         39:5c:1c:1a:e5:f1:48:56:d6:67:f7:bc:43:de:2d:74:04:fc:
         d7:d4:25:e5:0f:95:74:fc:96:50:8b:b7:e3:b0:45:c2:a7:51:
         11:f8:8f:05:e1:58:f2:0d:70:74:11:99:d2:58:bf:f5:3f:66:
         a1:88:05:04:15:29:b3:bf:92:c6:01:c8:69:57:9b:e9:ba:d0:
         fe:12:3b:ff:09:ec:bc:87:bf:d7:bb:53:14:f0:ba:e0:54:90:
         18:1a:d0:49:48:6e:11:af:db:b1:8d:2c:b0:d7:ef:bc:24:3b:
         c0:b7:eb:61:8a:52:2c:53:a6:d9:24:23:e0:c5:e7:10:76:35:
         de:c1:e2:97:2d:cb:70:4e:b3:28:86:3c:bd:8c:0f:5f:6d:c7:
         0c:e3:8f:2c:e5:07:15:2c:d6:50:74:6e:23:7e:29:b2:b5:70:
         01:2c:36:ab:13:98:08:f8:5c:aa:b4:62:2b:a2:ba:4b:a4:3e:
         b2:4a:51:fd:65:77:f6:af:b3:3a:c0:06:8d:b2:a9:16:26:60:
         c3:a0:56:e2:a9:18:ec:e6:96:ea:83:ac:83:05:e4:ee:a1:c6:
         90:6f:9d:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdETiMZqEr2E5aUKncs97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGRhNzQ0MDBjNzU1NWFiYTI3YzEyODlmYmZiOTBiMzNi
NzlhMjIwHhcNMjUxMTA0MDYwMDU2WhcNMjUxMTA1MDYwMDU2WjAzMTEwLwYDVQQD
EyhlNDdhZDNjMjVhODk2MTEyYWVkYTZmN2ViYTViODcwYzUzODBmMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYqogBuP3430GEi9FdsguKGQy/ZX
f6W9hsgQNGTBD7luLYVP73z1bwYcZ3SN9p1jrU5Y9Qw7q5GqLU9G2Nab/F/1fwfj
du+svFrL9StkTWFjpgCvnLKm8Gdku6i6asArwEXij8/bqLnO0Mk1n+mKdkGMvh0n
G1ilgkxPmMy6BANsXU2P2YkrGA/rA4ockCE8SwrCDwgObqU2z77VKjhugGVqYUdQ
s+GjbkNZ47czXQJ5KmBjxnPcW6/22YcnqDe66Dgw5asoy0KbAzHKez7hHjYj9a4R
AZZZs3AATosadTbmKORSL5g8/Re3/Ge9Vn3CTXPxiJZ4AIq6KZbhRreoGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOR608JaiWESrtpvfrpbhwxTgPAoMB8GA1UdIwQY
MBaAFNqNp0QAx1VauifBKJ+/uQszt5oiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEt
MjVhNjgyNGUzMTU3LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83NTlhYjQtZWI0MC00MThjLThmMTEtMjVhNjgyNGUzMTU3
LzEvMm8yblJBREhWVnE2SjhFb243LTVDek8zbWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdYo1ng/v
SkTm83/DuSM5If13LFq0lZfc6QLjCLjquhPky2y5OVwcGuXxSFbWZ/e8Q94tdAT8
19Ql5Q+VdPyWUIu347BFwqdREfiPBeFY8g1wdBGZ0li/9T9moYgFBBUps7+SxgHI
aVeb6brQ/hI7/wnsvIe/17tTFPC64FSQGBrQSUhuEa/bsY0ssNfvvCQ7wLfrYYpS
LFOm2SQj4MXnEHY13sHily3LcE6zKIY8vYwPX23HDOOPLOUHFSzWUHRuI34psrVw
ASw2qxOYCPhcqrRiK6K6S6Q+skpR/WV39q+zOsAGjbKpFiZgw6BW4qkY7OaW6oOs
gwXk7qHGkG+d7w==
-----END CERTIFICATE-----