Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
File:                     2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft (raw, json)
Hash identifier:          0NNb6Z7UmzllhWZR9CprbRyrLQ7PcidMJWi4IZkCRjI=
Subject key identifier:   65:31:26:E6:A1:97:03:CB:1D:C5:27:57:B9:27:29:99:FC:B5:89:96
Authority key identifier: DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F
Certificate issuer:       /CN=dae57631f60adb13f0ae368671ce0f8742f5977f
Certificate serial:       019A5119C6B768FE3BDDA0C07171C5661E3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 23:00:34 +0000
Manifest this update:     Tue 04 Nov 2025 23:00:34 +0000
Manifest next update:     Wed 05 Nov 2025 23:00:34 +0000
Files and hashes:         1: 2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl (hash: CETfnZZoiGtZ5lRLe99UnRbesTFFVz2EDy5Gzf30k6A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:19:c6:b7:68:fe:3b:dd:a0:c0:71:71:c5:66:1e:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dae57631f60adb13f0ae368671ce0f8742f5977f
        Validity
            Not Before: Nov  4 23:00:34 2025 GMT
            Not After : Nov  5 23:00:34 2025 GMT
        Subject: CN=653126e6a19703cb1dc52757b9272999fcb58996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:fc:ce:76:b5:e9:13:51:60:b8:52:e3:c9:ba:
                    a9:90:7c:78:d1:13:16:b8:7e:9c:1f:89:29:d6:97:
                    6a:c5:f9:31:a4:16:d9:66:60:20:6c:ab:c7:2f:0d:
                    2b:f1:97:3d:40:29:e0:61:2e:c8:4d:80:10:3a:fb:
                    28:1c:7f:cc:59:53:c2:67:bf:81:9b:c8:2e:01:46:
                    fa:bd:61:d1:35:09:c6:24:8f:dd:04:26:8b:38:b1:
                    a3:46:b0:95:54:b5:12:d4:4e:01:94:2a:1e:b5:a1:
                    1c:95:c9:71:a9:a5:05:28:89:f3:e1:e6:8f:3a:76:
                    99:85:80:3e:59:12:d8:7a:24:bd:44:a1:90:b9:41:
                    d8:06:75:0c:3b:c0:0d:98:2e:ae:49:f6:85:61:00:
                    0f:51:c4:77:90:ac:21:d2:7c:89:14:3a:db:cd:63:
                    97:52:af:29:1e:1f:e2:1f:27:2d:9a:90:f1:58:6b:
                    80:ae:02:d3:32:b2:a1:39:37:3d:a7:ac:89:ea:8e:
                    ac:c3:ca:71:ac:0e:80:fb:4c:17:84:87:f2:0d:02:
                    25:4a:1a:93:01:1f:a1:54:80:32:0e:5d:a3:5d:b1:
                    2e:da:36:8e:fb:2a:60:32:0a:96:31:e8:59:d1:8d:
                    d1:ce:f6:49:31:17:3a:cd:17:3b:c2:e2:d3:c2:d3:
                    54:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:31:26:E6:A1:97:03:CB:1D:C5:27:57:B9:27:29:99:FC:B5:89:96
            X509v3 Authority Key Identifier:
                keyid:DA:E5:76:31:F6:0A:DB:13:F0:AE:36:86:71:CE:0F:87:42:F5:97:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2uV2MfYK2xPwrjaGcc4Ph0L1l38.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/0e825a-5bb6-4327-9a0a-439f36e1653a/1/2uV2MfYK2xPwrjaGcc4Ph0L1l38.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:83:75:f2:3f:fb:7a:91:70:e0:94:99:46:14:da:47:40:93:
         cd:19:be:d3:6e:6f:b8:fc:c4:2c:2a:00:dc:83:f2:b3:da:50:
         2e:6b:8d:0f:e3:20:7c:42:66:05:36:c4:06:8b:bd:1d:81:ac:
         a6:17:5e:42:ed:5b:72:9d:5f:32:7c:2b:5d:f1:e9:28:43:6f:
         14:49:0a:17:0e:d6:73:34:57:8f:e0:24:55:98:58:92:54:28:
         41:56:44:87:51:b8:07:44:09:d5:22:48:7e:9f:44:dc:53:25:
         f8:d4:58:30:eb:1b:c6:6d:2a:fd:89:fc:c0:ca:5e:7e:c9:2d:
         f3:39:2b:c8:e7:fa:72:ee:20:f3:10:f9:36:16:9b:d7:1b:17:
         9b:56:76:ea:7f:5c:99:fa:8d:e9:97:b9:2f:26:16:fc:da:6b:
         30:98:12:ef:7b:f1:db:c5:b0:98:98:c1:25:0c:95:11:a8:e5:
         88:88:83:6f:c4:16:1c:29:c8:8f:b2:9c:69:1f:35:3c:72:fd:
         bd:da:a5:50:89:8b:e4:b7:b2:48:a8:41:dd:d0:22:d4:23:f9:
         6e:73:69:26:00:d6:e2:78:09:d6:05:c3:6d:c4:65:b4:0d:38:
         63:73:56:2b:9f:88:b6:d0:35:1b:d5:81:25:dc:84:95:6a:04:
         64:1e:30:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRGca3aP473aDAcXHFZh4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTU3NjMxZjYwYWRiMTNmMGFlMzY4NjcxY2UwZjg3NDJm
NTk3N2YwHhcNMjUxMTA0MjMwMDM0WhcNMjUxMTA1MjMwMDM0WjAzMTEwLwYDVQQD
Eyg2NTMxMjZlNmExOTcwM2NiMWRjNTI3NTdiOTI3Mjk5OWZjYjU4OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPzOdrXpE1FguFLjybqpkHx40RMW
uH6cH4kp1pdqxfkxpBbZZmAgbKvHLw0r8Zc9QCngYS7ITYAQOvsoHH/MWVPCZ7+B
m8guAUb6vWHRNQnGJI/dBCaLOLGjRrCVVLUS1E4BlCoetaEclclxqaUFKInz4eaP
OnaZhYA+WRLYeiS9RKGQuUHYBnUMO8ANmC6uSfaFYQAPUcR3kKwh0nyJFDrbzWOX
Uq8pHh/iHyctmpDxWGuArgLTMrKhOTc9p6yJ6o6sw8pxrA6A+0wXhIfyDQIlShqT
AR+hVIAyDl2jXbEu2jaO+ypgMgqWMehZ0Y3RzvZJMRc6zRc7wuLTwtNUlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUxJuahlwPLHcUnV7knKZn8tYmWMB8GA1UdIwQY
MBaAFNrldjH2CtsT8K42hnHOD4dC9Zd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEt
NDM5ZjM2ZTE2NTNhLzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8wZTgyNWEtNWJiNi00MzI3LTlhMGEtNDM5ZjM2ZTE2NTNh
LzEvMnVWMk1mWUsyeFB3cmphR2NjNFBoMEwxbDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGoN18j/7
epFw4JSZRhTaR0CTzRm+025vuPzELCoA3IPys9pQLmuND+MgfEJmBTbEBou9HYGs
phdeQu1bcp1fMnwrXfHpKENvFEkKFw7WczRXj+AkVZhYklQoQVZEh1G4B0QJ1SJI
fp9E3FMl+NRYMOsbxm0q/Yn8wMpefskt8zkryOf6cu4g8xD5Nhab1xsXm1Z26n9c
mfqN6Ze5LyYW/NprMJgS73vx28WwmJjBJQyVEajliIiDb8QWHCnIj7KcaR81PHL9
vdqlUImL5LeySKhB3dAi1CP5bnNpJgDW4ngJ1gXDbcRltA04Y3NWK5+IttA1G9WB
JdyElWoEZB4wkw==
-----END CERTIFICATE-----