Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          5vfQDyZEiT37xQ+ShNsXJfKLVty6stIUjnB1JUFg24o=
Subject key identifier:   06:A7:75:FF:2D:55:80:FC:06:0F:29:D3:57:35:27:46:3B:3A:70:0A
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       019A4EF43DB581E8DC3211E4DD78885FFF10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          1608
Signing time:             Tue 04 Nov 2025 13:00:20 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:20 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:20 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: gdqPcnvQrk2FqdWzuw7RlBqGNjdJrwMUiVf3BjvdFEk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 13:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:3d:b5:81:e8:dc:32:11:e4:dd:78:88:5f:ff:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Nov  4 13:00:20 2025 GMT
            Not After : Nov  5 13:00:20 2025 GMT
        Subject: CN=06a775ff2d5580fc060f29d3573527463b3a700a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:01:de:76:6a:64:08:9b:d8:01:2e:ed:ee:81:
                    f1:2b:74:2d:7c:a0:96:5b:e3:d5:c1:16:1a:ef:8a:
                    45:03:77:79:61:44:95:73:4c:23:3c:08:b5:02:b4:
                    f6:68:fc:ec:11:a3:ca:d9:43:29:05:b7:fe:ae:b8:
                    d4:5d:dc:56:55:40:15:85:de:dc:5e:4a:05:18:54:
                    16:01:5a:03:b7:88:f4:b5:59:00:b8:56:21:5e:10:
                    69:ca:6a:2c:ac:34:a2:9c:ef:63:4f:da:26:e2:41:
                    f0:34:76:56:fb:1c:27:51:48:22:8b:7f:53:d1:ad:
                    79:91:c3:07:51:f8:48:12:dc:f7:30:9f:b3:b0:d0:
                    4b:c5:d5:1f:6a:f8:be:85:2a:16:26:60:08:11:c6:
                    7a:14:e8:12:18:1e:14:d1:c2:bd:1b:a1:d1:7c:be:
                    27:7e:fb:c8:73:56:42:58:fc:4f:4f:a4:da:3b:9f:
                    6e:82:3a:4b:2d:79:c3:39:14:fb:f6:1a:ad:28:07:
                    53:64:d6:ec:3c:7a:9b:2c:17:d0:23:13:01:c3:80:
                    c2:53:9e:8d:b8:2d:b1:4d:b2:09:46:7b:98:b1:63:
                    cf:54:e5:56:55:03:a6:1f:16:c0:73:fa:9c:87:c5:
                    c1:88:38:27:85:07:4d:2f:ca:de:90:48:0f:63:e7:
                    44:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:A7:75:FF:2D:55:80:FC:06:0F:29:D3:57:35:27:46:3B:3A:70:0A
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:57:41:6c:80:82:72:47:b5:e1:de:d5:89:db:bd:36:96:8e:
         03:37:88:24:8b:34:97:3e:2d:3d:70:99:cd:7f:cc:dd:ed:05:
         e0:6d:bd:db:31:49:93:da:25:7f:22:a1:66:03:f7:37:4e:c8:
         38:ec:85:ed:b2:68:b1:51:98:33:26:8b:7d:05:39:2a:22:b3:
         04:b4:02:e2:8a:e9:41:66:d3:8e:93:48:84:ee:82:f5:d4:52:
         4a:95:13:16:03:8d:02:c2:59:ca:f3:42:46:d3:28:b7:68:6d:
         8c:65:14:32:6b:3b:34:7c:11:40:07:ae:d1:2e:30:2c:98:8f:
         21:ec:08:f6:62:54:d0:bc:17:9e:b8:f3:c0:97:7c:6b:ea:4f:
         64:83:4f:88:fd:60:db:79:f0:38:02:be:98:0c:01:28:da:54:
         c4:72:dc:e1:fe:d1:c9:3b:5f:5b:2c:b7:3e:de:3b:3b:c3:e6:
         00:50:8e:e9:06:97:d0:e1:58:13:2b:8f:dd:f8:0b:5b:c1:c1:
         3d:66:62:7f:98:a9:68:97:e2:c1:f0:88:16:64:0a:6f:c6:dd:
         1f:a9:d9:4c:f4:38:d1:eb:ca:ff:91:20:71:8c:73:1f:25:00:
         49:b9:2b:bb:17:19:1c:d3:25:73:33:55:7e:1c:b9:02:fd:78:
         5c:ff:8b:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9D21gejcMhHk3XiIX/8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjUxMTA0MTMwMDIwWhcNMjUxMTA1MTMwMDIwWjAzMTEwLwYDVQQD
EygwNmE3NzVmZjJkNTU4MGZjMDYwZjI5ZDM1NzM1Mjc0NjNiM2E3MDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AHedmpkCJvYAS7t7oHxK3QtfKCW
W+PVwRYa74pFA3d5YUSVc0wjPAi1ArT2aPzsEaPK2UMpBbf+rrjUXdxWVUAVhd7c
XkoFGFQWAVoDt4j0tVkAuFYhXhBpymosrDSinO9jT9om4kHwNHZW+xwnUUgii39T
0a15kcMHUfhIEtz3MJ+zsNBLxdUfavi+hSoWJmAIEcZ6FOgSGB4U0cK9G6HRfL4n
fvvIc1ZCWPxPT6TaO59ugjpLLXnDORT79hqtKAdTZNbsPHqbLBfQIxMBw4DCU56N
uC2xTbIJRnuYsWPPVOVWVQOmHxbAc/qch8XBiDgnhQdNL8rekEgPY+dEZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAandf8tVYD8Bg8p01c1J0Y7OnAKMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATVdBbICC
cke14d7Vidu9NpaOAzeIJIs0lz4tPXCZzX/M3e0F4G292zFJk9olfyKhZgP3N07I
OOyF7bJosVGYMyaLfQU5KiKzBLQC4orpQWbTjpNIhO6C9dRSSpUTFgONAsJZyvNC
RtMot2htjGUUMms7NHwRQAeu0S4wLJiPIewI9mJU0LwXnrjzwJd8a+pPZINPiP1g
23nwOAK+mAwBKNpUxHLc4f7RyTtfWyy3Pt47O8PmAFCO6QaX0OFYEyuP3fgLW8HB
PWZif5ipaJfiwfCIFmQKb8bdH6nZTPQ40evK/5EgcYxzHyUASbkruxcZHNMlczNV
fhy5Av14XP+LWw==
-----END CERTIFICATE-----