Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File:                     2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier:          BzIgmYATZwQ5bfysRBNn/5Q4Nb05HIDFShWNaE7cSFY=
Subject key identifier:   97:C3:E0:D4:60:5B:C4:9A:2D:FF:D3:D3:37:34:00:1E:96:89:E1:15
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer:       /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial:       019A4EF4874F0BBADD85A7E22930325852E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number:          079E
Signing time:             Tue 04 Nov 2025 13:00:39 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:39 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:39 +0000
Files and hashes:         1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: M7Hn6IUaXjD6eNseDXo/J5mwnLGcgbhmaX/9UkHvW9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:87:4f:0b:ba:dd:85:a7:e2:29:30:32:58:52:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
        Validity
            Not Before: Nov  4 13:00:39 2025 GMT
            Not After : Nov  5 13:00:39 2025 GMT
        Subject: CN=97c3e0d4605bc49a2dffd3d33734001e9689e115
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:98:61:b0:e2:f7:c8:9e:c8:5e:3d:db:7d:11:
                    66:ab:f9:54:60:52:70:61:07:67:3f:ff:90:19:9f:
                    5b:b6:5b:7c:98:54:b3:43:c9:7b:d0:d0:57:80:a6:
                    2a:80:5c:7c:cb:a4:84:ea:8a:60:1a:2c:eb:e8:59:
                    bb:f9:40:42:4a:1c:b5:0f:e0:61:5a:52:7a:9a:2b:
                    8b:f7:4d:03:7f:0d:e8:fd:82:2b:61:7a:b0:ac:f6:
                    e1:09:13:9e:69:61:8d:53:00:86:34:a1:42:37:4b:
                    10:f0:5b:44:28:ac:35:29:a6:f2:db:ee:4f:52:67:
                    c0:c1:73:57:35:35:7f:78:b2:2a:33:33:61:b6:fc:
                    9d:a8:97:07:d1:ab:77:43:01:29:21:10:68:9a:bc:
                    c9:85:38:ac:76:01:66:91:4c:da:4b:04:e9:f9:00:
                    a2:be:29:a3:0d:19:e0:20:c6:7d:4d:34:4f:f6:0b:
                    b1:fd:eb:da:26:95:b4:6a:ed:66:bf:74:45:50:b5:
                    66:3b:32:1d:14:0b:bb:37:ca:8c:ce:db:3b:be:6e:
                    9f:49:9e:ed:7c:5b:f2:93:6c:4f:4d:8b:d0:e2:10:
                    47:94:50:fe:39:32:c5:5d:86:d4:5e:ed:db:62:1a:
                    81:ae:97:81:6c:75:48:e5:09:f4:53:e2:a2:d3:42:
                    f0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:C3:E0:D4:60:5B:C4:9A:2D:FF:D3:D3:37:34:00:1E:96:89:E1:15
            X509v3 Authority Key Identifier:
                keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:8a:6c:ee:85:39:9b:13:4a:d5:5a:fb:8f:9b:d1:e8:42:60:
         c0:ff:63:e5:3c:2b:ce:29:29:e5:2c:5d:f0:eb:b2:b3:13:ec:
         f3:2e:a7:da:44:15:df:25:3d:16:6d:1b:be:79:14:ae:74:f9:
         5d:51:de:9a:12:b9:41:f3:e4:6c:c7:ba:93:fc:d1:91:6a:59:
         43:3b:64:40:f2:67:53:29:2b:67:d6:3b:ab:bd:91:50:cc:dd:
         87:19:02:88:e3:a2:ce:3e:cc:35:f6:68:b7:76:0f:84:1b:e4:
         c9:85:c8:ce:ed:1b:bd:c6:44:59:8f:fd:0c:9c:b8:2e:b5:57:
         3c:29:04:af:5d:18:d8:91:92:98:d7:bf:ff:21:2e:f4:2d:50:
         8f:b3:ba:83:7e:62:6a:12:43:69:fa:f7:3e:95:7f:db:cd:36:
         c1:37:d3:48:09:33:7c:a5:be:4e:ff:8a:1e:37:2f:e3:d6:f2:
         ba:11:cf:3e:a0:35:1a:cd:89:cb:05:42:c3:db:9b:cb:77:18:
         ad:86:1f:12:f7:35:98:42:68:84:6c:80:d8:bd:a6:b6:19:ca:
         6e:b4:63:1e:2e:1a:b7:d1:84:af:e5:ff:e4:09:2a:96:8a:1e:
         44:dc:46:86:4c:7e:f4:16:52:d2:f7:76:33:f2:1d:f1:8f:b4:
         87:e7:f4:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9IdPC7rdhafiKTAyWFLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjUxMTA0MTMwMDM5WhcNMjUxMTA1MTMwMDM5WjAzMTEwLwYDVQQD
Eyg5N2MzZTBkNDYwNWJjNDlhMmRmZmQzZDMzNzM0MDAxZTk2ODllMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJhhsOL3yJ7IXj3bfRFmq/lUYFJw
YQdnP/+QGZ9btlt8mFSzQ8l70NBXgKYqgFx8y6SE6opgGizr6Fm7+UBCShy1D+Bh
WlJ6miuL900Dfw3o/YIrYXqwrPbhCROeaWGNUwCGNKFCN0sQ8FtEKKw1Kaby2+5P
UmfAwXNXNTV/eLIqMzNhtvydqJcH0at3QwEpIRBomrzJhTisdgFmkUzaSwTp+QCi
vimjDRngIMZ9TTRP9gux/evaJpW0au1mv3RFULVmOzIdFAu7N8qMzts7vm6fSZ7t
fFvyk2xPTYvQ4hBHlFD+OTLFXYbUXu3bYhqBrpeBbHVI5Qn0U+Ki00LwSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfD4NRgW8SaLf/T0zc0AB6WieEVMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4ps7oU5
mxNK1Vr7j5vR6EJgwP9j5Twrzikp5Sxd8OuysxPs8y6n2kQV3yU9Fm0bvnkUrnT5
XVHemhK5QfPkbMe6k/zRkWpZQztkQPJnUykrZ9Y7q72RUMzdhxkCiOOizj7MNfZo
t3YPhBvkyYXIzu0bvcZEWY/9DJy4LrVXPCkEr10Y2JGSmNe//yEu9C1Qj7O6g35i
ahJDafr3PpV/2802wTfTSAkzfKW+Tv+KHjcv49byuhHPPqA1Gs2JywVCw9uby3cY
rYYfEvc1mEJohGyA2L2mthnKbrRjHi4at9GEr+X/5AkqlooeRNxGhkx+9BZS0vd2
M/Id8Y+0h+f0Mw==
-----END CERTIFICATE-----