Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
File:                     2gKPaUMDSrdg84rkIJFU4iVciek.mft (raw, json)
Hash identifier:          aj27jOxcXL3o51Z0mNq2+cg3wBFlFAJzuZd9L4k2GF8=
Subject key identifier:   62:84:FB:56:47:0A:C0:F6:DF:67:B3:AF:6C:D4:A0:5E:24:B4:94:8B
Authority key identifier: DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9
Certificate issuer:       /CN=da028f6943034ab760f38ae4209154e2255c89e9
Certificate serial:       019A4E500039FED67D617A665E3585FC7C77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
Manifest number:          066D
Signing time:             Tue 04 Nov 2025 10:00:56 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:56 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:56 +0000
Files and hashes:         1: 2gKPaUMDSrdg84rkIJFU4iVciek.crl (hash: /fpaMmDTRxUcJPGBy7kqI+lYwjoF7edmZp4M2tuMUkQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:50:00:39:fe:d6:7d:61:7a:66:5e:35:85:fc:7c:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da028f6943034ab760f38ae4209154e2255c89e9
        Validity
            Not Before: Nov  4 10:00:56 2025 GMT
            Not After : Nov  5 10:00:56 2025 GMT
        Subject: CN=6284fb56470ac0f6df67b3af6cd4a05e24b4948b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:00:62:49:31:f6:b2:25:35:22:5a:fa:9c:2e:
                    0c:a8:57:99:54:22:8a:be:c6:3d:51:a8:bd:24:c9:
                    06:fa:ce:62:39:17:02:99:09:e4:34:a7:79:31:2e:
                    f7:d9:14:46:d6:c4:43:18:93:8f:d8:fa:89:31:40:
                    ab:7d:13:2a:cf:68:0e:e7:ad:4a:76:fc:12:c7:a3:
                    fe:b4:47:ba:cf:49:b1:0a:98:a5:0e:4d:d7:f1:27:
                    da:b4:b8:c3:12:83:d7:11:1d:d8:20:19:72:98:f5:
                    94:f2:a4:63:00:36:e9:4e:90:27:9f:88:b5:40:53:
                    78:23:b6:84:f9:e7:23:0b:3b:45:f2:da:fc:76:2b:
                    52:3d:67:a0:76:66:43:de:6b:01:55:2c:65:4c:8d:
                    35:a1:43:dc:cb:6a:ca:bf:fa:a5:7d:fd:78:bd:a6:
                    c3:4d:f5:3e:6e:2f:78:65:8e:00:a4:a7:f8:8d:4c:
                    7e:37:7b:08:b9:5e:6b:dc:d8:3a:4c:49:f2:0b:ad:
                    46:91:cb:32:8c:5b:0d:40:b8:eb:3f:9e:3e:6c:1f:
                    cd:ae:50:a0:11:82:b0:a4:1c:dc:e5:3a:96:4b:d6:
                    a3:6b:07:a6:c2:28:87:ab:a1:f5:95:bc:3a:8a:dc:
                    34:3a:c1:cd:60:b8:94:b0:92:67:dc:f2:01:3d:d6:
                    03:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:84:FB:56:47:0A:C0:F6:DF:67:B3:AF:6C:D4:A0:5E:24:B4:94:8B
            X509v3 Authority Key Identifier:
                keyid:DA:02:8F:69:43:03:4A:B7:60:F3:8A:E4:20:91:54:E2:25:5C:89:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gKPaUMDSrdg84rkIJFU4iVciek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/eafa61-7fe9-4b16-bc9b-f6f3c2579c60/1/2gKPaUMDSrdg84rkIJFU4iVciek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:a0:94:bb:a7:f3:6d:9b:6e:10:ea:9d:d1:19:7a:c6:9a:55:
         52:fc:87:d4:22:09:35:a4:88:ea:00:3f:de:24:77:f5:9b:d0:
         4a:f2:5c:d0:ee:d6:ce:22:60:f4:e9:ae:5d:66:98:a0:37:a2:
         6d:32:96:64:33:db:e8:2e:69:4c:e4:13:1a:0d:63:17:d4:70:
         21:62:88:7b:5d:0f:00:62:69:f6:b3:43:46:e6:4a:4c:66:92:
         36:11:8c:e2:5e:13:99:1b:12:20:bc:4d:67:31:ef:0e:97:71:
         1f:c8:98:84:74:45:db:fd:a3:10:a5:44:b3:d0:53:39:85:cd:
         5b:47:d0:a1:31:d2:bf:b3:9a:67:02:a9:79:f4:70:3d:1d:f3:
         d9:b3:a9:ec:b9:b2:ff:21:91:a7:d7:60:ff:e3:4a:f7:2a:de:
         d2:8f:cd:b1:90:c1:c3:23:c2:c9:54:d0:39:63:20:7b:e1:d3:
         6c:96:98:92:d6:6f:63:40:00:4e:27:df:3d:77:11:d8:3e:b6:
         4e:78:8f:4d:42:9b:39:06:89:a6:c8:37:d4:d7:9b:73:cf:5c:
         25:a6:84:ea:b4:9b:02:66:fe:10:12:16:dc:89:24:23:30:79:
         74:03:24:1b:fb:ae:3c:4e:34:55:00:85:06:5b:32:b5:f5:eb:
         09:b3:44:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOUAA5/tZ9YXpmXjWF/Hx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI4ZjY5NDMwMzRhYjc2MGYzOGFlNDIwOTE1NGUyMjU1
Yzg5ZTkwHhcNMjUxMTA0MTAwMDU2WhcNMjUxMTA1MTAwMDU2WjAzMTEwLwYDVQQD
Eyg2Mjg0ZmI1NjQ3MGFjMGY2ZGY2N2IzYWY2Y2Q0YTA1ZTI0YjQ5NDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgBiSTH2siU1Ilr6nC4MqFeZVCKK
vsY9Uai9JMkG+s5iORcCmQnkNKd5MS732RRG1sRDGJOP2PqJMUCrfRMqz2gO561K
dvwSx6P+tEe6z0mxCpilDk3X8SfatLjDEoPXER3YIBlymPWU8qRjADbpTpAnn4i1
QFN4I7aE+ecjCztF8tr8ditSPWegdmZD3msBVSxlTI01oUPcy2rKv/qlff14vabD
TfU+bi94ZY4ApKf4jUx+N3sIuV5r3Ng6TEnyC61GkcsyjFsNQLjrP54+bB/NrlCg
EYKwpBzc5TqWS9ajawemwiiHq6H1lbw6itw0OsHNYLiUsJJn3PIBPdYDvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGKE+1ZHCsD232ezr2zUoF4ktJSLMB8GA1UdIwQY
MBaAFNoCj2lDA0q3YPOK5CCRVOIlXInpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWIt
ZjZmM2MyNTc5YzYwLzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9lYWZhNjEtN2ZlOS00YjE2LWJjOWItZjZmM2MyNTc5YzYw
LzEvMmdLUGFVTURTcmRnODRya0lKRlU0aVZjaWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGKCUu6fz
bZtuEOqd0Rl6xppVUvyH1CIJNaSI6gA/3iR39ZvQSvJc0O7WziJg9OmuXWaYoDei
bTKWZDPb6C5pTOQTGg1jF9RwIWKIe10PAGJp9rNDRuZKTGaSNhGM4l4TmRsSILxN
ZzHvDpdxH8iYhHRF2/2jEKVEs9BTOYXNW0fQoTHSv7OaZwKpefRwPR3z2bOp7Lmy
/yGRp9dg/+NK9yre0o/NsZDBwyPCyVTQOWMge+HTbJaYktZvY0AATiffPXcR2D62
TniPTUKbOQaJpsg31Nebc89cJaaE6rSbAmb+EBIW3IkkIzB5dAMkG/uuPE40VQCF
BlsytfXrCbNETw==
-----END CERTIFICATE-----