Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
File:                     P2LKnF7__TIKvS2Px-j4Nee70es.mft (raw, json)
Hash identifier:          nJet1dEQ+Q7bWuRiP8dR2qAKlBX4ZBUAbdED5KtoqZE=
Subject key identifier:   9B:E4:9A:FF:3D:9B:16:30:27:E0:FD:85:0D:C5:76:EB:05:24:E4:03
Authority key identifier: 3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB
Certificate issuer:       /CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
Certificate serial:       019A52D22F5F8FBBE9E2F61EF7FC9291A94B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
Manifest number:          0B08
Signing time:             Wed 05 Nov 2025 07:01:37 +0000
Manifest this update:     Wed 05 Nov 2025 07:01:37 +0000
Manifest next update:     Thu 06 Nov 2025 07:01:37 +0000
Files and hashes:         1: P2LKnF7__TIKvS2Px-j4Nee70es.crl (hash: dEk9uW/JoMiu0NUQ7CWKU8QEYA6U0nXvr46zdtI7tc4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 03:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:52:d2:2f:5f:8f:bb:e9:e2:f6:1e:f7:fc:92:91:a9:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f62ca9c5efffd320abd2d8fc7e8f835e7bbd1eb
        Validity
            Not Before: Nov  5 07:01:37 2025 GMT
            Not After : Nov  6 07:01:37 2025 GMT
        Subject: CN=9be49aff3d9b163027e0fd850dc576eb0524e403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:03:55:5c:2d:0e:ea:25:fe:2e:8f:f1:c7:03:
                    89:d4:94:34:fb:f9:53:e1:cf:bc:c3:c6:12:f9:00:
                    3e:b2:0b:cc:78:1b:52:ac:f1:3d:9b:b5:ca:6c:a7:
                    9f:90:6b:a4:c8:0d:6f:fb:c4:e7:07:2a:2f:bf:2b:
                    20:95:9c:10:40:77:3b:98:32:23:03:4b:d2:54:59:
                    6a:44:06:ad:7d:ca:96:f7:1d:c1:a2:d8:63:6a:5f:
                    4f:c9:12:71:45:78:60:52:54:f1:25:60:e9:3a:c3:
                    49:32:98:76:36:6d:04:a0:cc:9b:f6:b8:66:37:a2:
                    5f:79:45:35:ab:a3:32:80:d5:ca:d4:41:e7:48:3c:
                    5c:4b:9e:b9:4e:6e:72:7c:7e:b9:73:8c:e4:3f:63:
                    33:25:3f:b7:06:65:3e:0e:9e:45:36:b4:91:a2:4d:
                    29:8e:3e:f3:ca:31:99:1e:dc:e9:e7:1f:d2:b2:64:
                    7f:5a:96:d4:0c:cf:d4:72:cf:70:5a:7e:28:8d:d4:
                    a7:24:44:a2:fd:44:28:e7:db:f7:26:8c:b2:06:b9:
                    c4:16:49:33:52:aa:94:38:f6:9d:0f:3d:af:e5:fc:
                    f0:69:f3:32:4c:e1:3c:70:93:f0:f1:9a:f6:fb:b0:
                    8b:3e:3e:d4:58:a2:62:a9:71:46:f3:c2:94:28:d5:
                    98:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:E4:9A:FF:3D:9B:16:30:27:E0:FD:85:0D:C5:76:EB:05:24:E4:03
            X509v3 Authority Key Identifier:
                keyid:3F:62:CA:9C:5E:FF:FD:32:0A:BD:2D:8F:C7:E8:F8:35:E7:BB:D1:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P2LKnF7__TIKvS2Px-j4Nee70es.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a361cb-f8be-4b50-9869-009080e8dff5/1/P2LKnF7__TIKvS2Px-j4Nee70es.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:ac:4c:9c:38:d8:9e:e4:db:e7:87:cb:ea:f3:db:cf:4a:9a:
         01:c0:db:07:54:a4:0d:ef:46:63:8c:e8:41:fc:bc:0b:3d:d4:
         f4:c6:71:bb:a4:15:f5:1e:37:7b:40:6e:5e:92:7a:c6:b6:cd:
         65:19:64:c4:5e:82:c6:c2:98:bf:bb:31:e7:c1:c1:bb:31:92:
         d2:3f:7f:9a:e6:d4:3f:3c:af:d4:af:d1:98:1f:d6:d2:46:f8:
         cc:ec:8f:3b:61:eb:01:f6:bb:a1:fb:4b:1e:7e:5d:09:0c:a0:
         61:66:78:6e:f5:ae:a0:ff:8d:2e:3c:6d:73:6a:7d:79:ee:37:
         ec:e8:3f:30:c7:69:16:a7:cf:20:50:f8:c8:e4:ec:bb:e4:e4:
         df:46:2f:3e:cb:f0:af:09:7c:28:32:2c:39:fa:f1:33:69:42:
         a1:39:1f:c3:cc:d7:c1:65:11:cc:8b:d1:3f:e1:0d:73:b4:47:
         06:4f:da:91:b0:3e:f4:65:5a:f9:94:de:fa:10:a7:de:ac:30:
         80:73:82:23:c1:39:67:4e:ab:d8:ae:b0:f9:27:d4:23:ab:2e:
         2a:8d:78:cf:51:ff:2b:f6:ae:77:22:13:45:15:f0:c0:7a:58:
         44:6f:5e:34:79:78:28:92:50:b4:56:ba:bc:c3:e2:c0:04:7c:
         ab:c5:29:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0i9fj7vp4vYe9/ySkalLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmNjJjYTljNWVmZmZkMzIwYWJkMmQ4ZmM3ZThmODM1ZTdi
YmQxZWIwHhcNMjUxMTA1MDcwMTM3WhcNMjUxMTA2MDcwMTM3WjAzMTEwLwYDVQQD
Eyg5YmU0OWFmZjNkOWIxNjMwMjdlMGZkODUwZGM1NzZlYjA1MjRlNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsANVXC0O6iX+Lo/xxwOJ1JQ0+/lT
4c+8w8YS+QA+sgvMeBtSrPE9m7XKbKefkGukyA1v+8TnByovvysglZwQQHc7mDIj
A0vSVFlqRAatfcqW9x3Bothjal9PyRJxRXhgUlTxJWDpOsNJMph2Nm0EoMyb9rhm
N6JfeUU1q6MygNXK1EHnSDxcS565Tm5yfH65c4zkP2MzJT+3BmU+Dp5FNrSRok0p
jj7zyjGZHtzp5x/SsmR/WpbUDM/Ucs9wWn4ojdSnJESi/UQo59v3JoyyBrnEFkkz
UqqUOPadDz2v5fzwafMyTOE8cJPw8Zr2+7CLPj7UWKJiqXFG88KUKNWYmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJvkmv89mxYwJ+D9hQ3FdusFJOQDMB8GA1UdIwQY
MBaAFD9iypxe//0yCr0tj8fo+DXnu9HrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4Njkt
MDA5MDgwZThkZmY1LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hMzYxY2ItZjhiZS00YjUwLTk4NjktMDA5MDgwZThkZmY1
LzEvUDJMS25GN19fVElLdlMyUHgtajROZWU3MGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO6xMnDjY
nuTb54fL6vPbz0qaAcDbB1SkDe9GY4zoQfy8Cz3U9MZxu6QV9R43e0BuXpJ6xrbN
ZRlkxF6CxsKYv7sx58HBuzGS0j9/mubUPzyv1K/RmB/W0kb4zOyPO2HrAfa7oftL
Hn5dCQygYWZ4bvWuoP+NLjxtc2p9ee437Og/MMdpFqfPIFD4yOTsu+Tk30YvPsvw
rwl8KDIsOfrxM2lCoTkfw8zXwWURzIvRP+ENc7RHBk/akbA+9GVa+ZTe+hCn3qww
gHOCI8E5Z06r2K6w+SfUI6suKo14z1H/K/audyITRRXwwHpYRG9eNHl4KJJQtFa6
vMPiwAR8q8Upfg==
-----END CERTIFICATE-----