Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
File:                     2ggpHPxyjQF2DsQngQlqxrTHSl0.mft (raw, json)
Hash identifier:          Qe+40i6v+oH3TB5ImnST3NTCmRky6PEYkVZt8bxvht8=
Subject key identifier:   DD:57:1D:7A:A8:92:BA:4B:92:EB:15:B9:C1:53:B1:9D:74:EE:F0:88
Authority key identifier: DA:08:29:1C:FC:72:8D:01:76:0E:C4:27:81:09:6A:C6:B4:C7:4A:5D
Certificate issuer:       /CN=da08291cfc728d01760ec42781096ac6b4c74a5d
Certificate serial:       019A4EF506E6877F4BC42E12584174DF7B0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
Manifest number:          170A
Signing time:             Tue 04 Nov 2025 13:01:12 +0000
Manifest this update:     Tue 04 Nov 2025 13:01:12 +0000
Manifest next update:     Wed 05 Nov 2025 13:01:12 +0000
Files and hashes:         1: 2ggpHPxyjQF2DsQngQlqxrTHSl0.crl (hash: JioR9MSVcO4wGTLsl3kO/aPpAUhqog3FbucO4IiUUSA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f5:06:e6:87:7f:4b:c4:2e:12:58:41:74:df:7b:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da08291cfc728d01760ec42781096ac6b4c74a5d
        Validity
            Not Before: Nov  4 13:01:12 2025 GMT
            Not After : Nov  5 13:01:12 2025 GMT
        Subject: CN=dd571d7aa892ba4b92eb15b9c153b19d74eef088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:0e:c5:33:01:ed:15:a4:84:fd:91:6f:8a:f4:
                    5b:09:7b:48:dc:f5:3f:f8:1c:78:d2:5c:16:12:38:
                    5a:2b:40:f4:90:00:03:b0:a0:77:02:38:14:05:69:
                    1d:69:ce:ef:f0:e9:11:5a:55:4d:51:f9:fd:aa:b3:
                    c2:7c:b5:d7:6c:40:34:7f:b9:4d:8a:64:1b:e7:e3:
                    27:e7:0d:fe:e5:cf:59:b8:14:7c:da:6f:0b:10:4e:
                    74:90:be:37:89:6a:93:e2:82:cb:61:ed:68:1c:39:
                    fa:96:cb:32:35:ec:ac:6c:20:34:b6:4c:67:ee:01:
                    ed:85:59:ca:da:b6:55:00:36:3a:fd:e2:ca:af:88:
                    a7:6f:bb:56:40:6c:a1:d7:49:9a:ad:f1:81:25:8c:
                    df:a6:cb:27:2b:c2:dd:6e:e2:79:a6:3d:14:f2:a8:
                    2d:ff:fb:79:65:16:43:56:c4:cb:1e:ed:cc:b7:82:
                    5a:10:65:92:6c:b9:e8:41:9a:ea:84:74:2f:81:7d:
                    51:9b:0a:6b:69:c4:09:a3:d6:c0:79:e1:e1:e9:50:
                    9e:1e:c4:9c:6f:12:f0:80:ff:65:42:15:ad:57:27:
                    f3:d9:03:55:1f:5e:22:b8:98:65:1e:21:ed:7a:96:
                    79:d4:c0:1e:dc:ff:50:f4:74:77:6c:e2:9a:66:5f:
                    3d:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:57:1D:7A:A8:92:BA:4B:92:EB:15:B9:C1:53:B1:9D:74:EE:F0:88
            X509v3 Authority Key Identifier:
                keyid:DA:08:29:1C:FC:72:8D:01:76:0E:C4:27:81:09:6A:C6:B4:C7:4A:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ggpHPxyjQF2DsQngQlqxrTHSl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/44dac0-167a-4993-b9a8-b05cffb187fa/1/2ggpHPxyjQF2DsQngQlqxrTHSl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:7b:55:39:9a:0f:a5:4e:f5:a4:6a:51:fc:b8:7d:77:7d:17:
         da:bf:ab:ff:dd:db:9b:1e:df:b6:56:9e:4b:69:c8:0e:a1:61:
         7b:5a:15:8c:d4:85:26:e9:3c:e0:29:97:1d:62:fe:bd:e0:6e:
         fc:36:f6:57:09:44:d1:c4:55:b5:82:0a:48:61:56:a8:90:98:
         27:21:38:8a:23:e3:6c:b4:eb:ee:70:1e:11:59:d8:bc:6d:75:
         1b:89:ac:8f:89:90:84:95:2a:ac:4b:78:70:b8:9a:96:84:ee:
         9a:42:8c:41:52:e8:f5:a2:64:9f:72:b6:ee:7a:3e:91:22:97:
         7f:68:cd:0a:9b:80:62:71:4d:23:43:10:ab:be:2d:27:c8:24:
         cc:8c:64:12:62:c0:4d:b5:df:64:75:e3:6d:b8:71:e7:8d:a0:
         07:25:d1:17:2b:fe:9c:70:10:00:24:a0:02:80:cb:2b:18:d6:
         1b:8d:eb:a4:6f:1a:97:2b:10:e2:2e:6b:f5:39:4b:06:12:fd:
         df:b5:d2:8f:be:06:ed:99:94:8f:02:88:41:9c:49:c5:16:28:
         45:a1:75:db:dc:80:fd:fa:65:a4:43:81:d0:b0:d7:7f:37:05:
         61:18:b5:4f:84:5e:fe:84:ce:29:a3:8b:46:df:12:fe:0a:b7:
         d3:16:83:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9Qbmh39LxC4SWEF033sMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDgyOTFjZmM3MjhkMDE3NjBlYzQyNzgxMDk2YWM2YjRj
NzRhNWQwHhcNMjUxMTA0MTMwMTEyWhcNMjUxMTA1MTMwMTEyWjAzMTEwLwYDVQQD
EyhkZDU3MWQ3YWE4OTJiYTRiOTJlYjE1YjljMTUzYjE5ZDc0ZWVmMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4g7FMwHtFaSE/ZFvivRbCXtI3PU/
+Bx40lwWEjhaK0D0kAADsKB3AjgUBWkdac7v8OkRWlVNUfn9qrPCfLXXbEA0f7lN
imQb5+Mn5w3+5c9ZuBR82m8LEE50kL43iWqT4oLLYe1oHDn6lssyNeysbCA0tkxn
7gHthVnK2rZVADY6/eLKr4inb7tWQGyh10marfGBJYzfpssnK8LdbuJ5pj0U8qgt
//t5ZRZDVsTLHu3Mt4JaEGWSbLnoQZrqhHQvgX1RmwpracQJo9bAeeHh6VCeHsSc
bxLwgP9lQhWtVyfz2QNVH14iuJhlHiHtepZ51MAe3P9Q9HR3bOKaZl89twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN1XHXqokrpLkusVucFTsZ107vCIMB8GA1UdIwQY
MBaAFNoIKRz8co0Bdg7EJ4EJasa0x0pdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80NGRhYzAtMTY3YS00OTkzLWI5YTgt
YjA1Y2ZmYjE4N2ZhLzEvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80NGRhYzAtMTY3YS00OTkzLWI5YTgtYjA1Y2ZmYjE4N2Zh
LzEvMmdncEhQeHlqUUYyRHNRbmdRbHF4clRIU2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQXtVOZoP
pU71pGpR/Lh9d30X2r+r/93bmx7ftlaeS2nIDqFhe1oVjNSFJuk84CmXHWL+veBu
/Db2VwlE0cRVtYIKSGFWqJCYJyE4iiPjbLTr7nAeEVnYvG11G4msj4mQhJUqrEt4
cLialoTumkKMQVLo9aJkn3K27no+kSKXf2jNCpuAYnFNI0MQq74tJ8gkzIxkEmLA
TbXfZHXjbbhx542gByXRFyv+nHAQACSgAoDLKxjWG43rpG8alysQ4i5r9TlLBhL9
37XSj74G7ZmUjwKIQZxJxRYoRaF129yA/fplpEOB0LDXfzcFYRi1T4Re/oTOKaOL
Rt8S/gq30xaD5w==
-----END CERTIFICATE-----