Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
File:                     02jCohY2GiT97Jfx838uHRIHEIc.mft (raw, json)
Hash identifier:          RIaqzwDm2PdoMweDRxZIy4lIvHzqrff3jddVVQEL+J8=
Subject key identifier:   02:E6:05:D5:D7:0F:B5:1C:D5:38:92:02:E7:6E:B2:7C:1C:51:B8:CD
Authority key identifier: D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87
Certificate issuer:       /CN=d368c2a216361a24fdec97f1f37f2e1d12071087
Certificate serial:       019A4E4F6820A953DE4D292709751BE57F48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 10:00:17 +0000
Manifest this update:     Tue 04 Nov 2025 10:00:17 +0000
Manifest next update:     Wed 05 Nov 2025 10:00:17 +0000
Files and hashes:         1: 02jCohY2GiT97Jfx838uHRIHEIc.crl (hash: VX6L/8HYVxDeA2ufWcXrvqw82a3o0aSF1A9Va5a4W+A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:4f:68:20:a9:53:de:4d:29:27:09:75:1b:e5:7f:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d368c2a216361a24fdec97f1f37f2e1d12071087
        Validity
            Not Before: Nov  4 10:00:17 2025 GMT
            Not After : Nov  5 10:00:17 2025 GMT
        Subject: CN=02e605d5d70fb51cd5389202e76eb27c1c51b8cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:c1:eb:be:91:79:ed:c7:fb:e6:23:00:3a:7f:
                    27:e4:dc:7a:82:83:eb:c8:ba:5a:02:bb:1d:ea:62:
                    b2:1b:6f:0a:ab:3e:02:e3:0c:d6:ea:ec:07:a3:07:
                    a7:ac:e7:d1:d9:67:af:42:0e:93:8f:32:7a:05:e9:
                    3b:fa:c0:22:a5:46:fa:b3:1f:55:71:06:9f:03:f9:
                    66:ca:dc:26:9e:0b:0b:7d:14:b6:85:68:6e:fd:3c:
                    df:c4:1f:73:5e:c1:f0:03:bd:dc:b5:a8:65:f0:95:
                    19:2e:52:96:b5:e7:3b:14:73:5d:69:7f:d3:c5:df:
                    a7:56:91:a2:d1:38:42:a3:84:5e:aa:b0:1e:6b:af:
                    e9:55:f7:1c:44:cd:9a:95:98:a2:bb:c0:96:24:d4:
                    90:ba:65:44:63:7e:42:b6:40:55:29:fc:e1:e4:0d:
                    68:6f:a7:6b:28:96:bd:50:8d:c0:96:32:b3:95:53:
                    05:fe:71:04:d1:ba:67:8a:64:99:bc:56:94:76:ed:
                    e7:37:64:e2:2b:51:04:3d:49:02:34:ea:f6:94:ab:
                    72:51:66:88:b5:fc:4c:6b:90:58:93:cd:51:59:f8:
                    90:fe:92:0c:b1:68:64:06:70:9c:28:e7:2e:f1:60:
                    e5:94:a5:e5:ee:c0:16:ae:04:90:9a:f4:e0:08:74:
                    15:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:E6:05:D5:D7:0F:B5:1C:D5:38:92:02:E7:6E:B2:7C:1C:51:B8:CD
            X509v3 Authority Key Identifier:
                keyid:D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:4e:a9:b2:f5:ba:15:32:c5:4e:c1:36:d0:ea:8d:e2:f9:3d:
         2a:c1:92:64:2f:4e:de:16:6f:ca:d6:73:ac:bf:85:29:da:fa:
         0f:cb:f8:91:99:08:98:07:59:11:b7:d4:ab:4d:e1:93:bb:94:
         61:90:cd:a7:ac:a2:5b:86:83:72:e0:72:74:5c:53:ef:fc:d1:
         10:53:b3:1b:1f:80:b7:7a:0a:47:d6:58:d9:0d:e0:6e:d3:22:
         94:7b:06:96:27:d3:5f:1b:f9:76:a5:2b:96:a7:bf:e7:3c:b7:
         b6:52:4e:34:b0:0e:5c:bd:5c:f5:00:52:dc:27:4a:be:16:ac:
         26:31:0a:c8:28:44:d6:31:76:5c:ea:52:b9:b6:fd:b2:54:1c:
         21:61:80:27:3b:cf:82:99:e3:8a:65:78:8e:39:d5:7b:08:98:
         fa:a5:3f:e6:4b:c8:c9:37:bc:d2:8d:70:c9:f4:d5:8a:54:95:
         27:43:be:88:b2:9c:75:67:5c:4c:e4:80:af:c7:0c:17:f0:fe:
         70:b5:f4:74:63:41:0a:44:d5:a6:63:d6:bb:ec:06:a5:a9:ad:
         54:ae:b0:ea:08:3f:22:aa:22:6c:01:61:c3:1d:9a:47:dc:0e:
         0b:91:e9:0a:47:89:51:b0:9b:f6:b1:fc:d2:34:18:91:30:ac:
         17:6c:c4:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT2ggqVPeTSknCXUb5X9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjhjMmEyMTYzNjFhMjRmZGVjOTdmMWYzN2YyZTFkMTIw
NzEwODcwHhcNMjUxMTA0MTAwMDE3WhcNMjUxMTA1MTAwMDE3WjAzMTEwLwYDVQQD
EygwMmU2MDVkNWQ3MGZiNTFjZDUzODkyMDJlNzZlYjI3YzFjNTFiOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28HrvpF57cf75iMAOn8n5Nx6goPr
yLpaArsd6mKyG28Kqz4C4wzW6uwHowenrOfR2WevQg6TjzJ6Bek7+sAipUb6sx9V
cQafA/lmytwmngsLfRS2hWhu/TzfxB9zXsHwA73ctahl8JUZLlKWtec7FHNdaX/T
xd+nVpGi0ThCo4ReqrAea6/pVfccRM2alZiiu8CWJNSQumVEY35CtkBVKfzh5A1o
b6drKJa9UI3AljKzlVMF/nEE0bpnimSZvFaUdu3nN2TiK1EEPUkCNOr2lKtyUWaI
tfxMa5BYk81RWfiQ/pIMsWhkBnCcKOcu8WDllKXl7sAWrgSQmvTgCHQVIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALmBdXXD7Uc1TiSAudusnwcUbjNMB8GA1UdIwQY
MBaAFNNowqIWNhok/eyX8fN/Lh0SBxCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQt
OTAyMDhlMWYzZGU2LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQtOTAyMDhlMWYzZGU2
LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd06psvW6
FTLFTsE20OqN4vk9KsGSZC9O3hZvytZzrL+FKdr6D8v4kZkImAdZEbfUq03hk7uU
YZDNp6yiW4aDcuBydFxT7/zREFOzGx+At3oKR9ZY2Q3gbtMilHsGlifTXxv5dqUr
lqe/5zy3tlJONLAOXL1c9QBS3CdKvhasJjEKyChE1jF2XOpSubb9slQcIWGAJzvP
gpnjimV4jjnVewiY+qU/5kvIyTe80o1wyfTVilSVJ0O+iLKcdWdcTOSAr8cMF/D+
cLX0dGNBCkTVpmPWu+wGpamtVK6w6gg/IqoibAFhwx2aR9wOC5HpCkeJUbCb9rH8
0jQYkTCsF2zErQ==
-----END CERTIFICATE-----