Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
File:                     2GkQtETemfqBw5NVDJfkoyC86BI.mft (raw, json)
Hash identifier:          4VRyKUiOnVGoZjaVLE4vsPtA5XEVeS40srCNR1UxKAE=
Subject key identifier:   D0:C9:27:9C:DE:37:97:64:F7:FD:3A:39:CF:FA:DB:8F:A5:CF:E3:CC
Authority key identifier: D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12
Certificate issuer:       /CN=d86910b444de99fa81c393550c97e4a320bce812
Certificate serial:       019A51199C35E7B8A423FC5C49B51A95314E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
Manifest number:          0E16
Signing time:             Tue 04 Nov 2025 23:00:24 +0000
Manifest this update:     Tue 04 Nov 2025 23:00:24 +0000
Manifest next update:     Wed 05 Nov 2025 23:00:24 +0000
Files and hashes:         1: 2GkQtETemfqBw5NVDJfkoyC86BI.crl (hash: UgOfmtuWvmhcQOeec65mlQgVrghfSlyuTR2SOkMCfaI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 22:37:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:19:9c:35:e7:b8:a4:23:fc:5c:49:b5:1a:95:31:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d86910b444de99fa81c393550c97e4a320bce812
        Validity
            Not Before: Nov  4 23:00:24 2025 GMT
            Not After : Nov  5 23:00:24 2025 GMT
        Subject: CN=d0c9279cde379764f7fd3a39cffadb8fa5cfe3cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:3e:75:60:19:e5:c4:7b:d9:cc:b0:86:68:f4:
                    1b:df:03:c8:a6:b5:5d:9d:98:d1:1a:2e:1b:87:6e:
                    de:0e:c9:e8:62:77:f8:60:f2:37:a0:76:0c:0c:7b:
                    97:ed:b8:0b:0b:53:77:4c:69:af:4e:36:13:60:d4:
                    c1:60:44:92:79:d7:ec:38:38:8d:3b:3a:76:06:0e:
                    8e:47:1f:79:25:5c:1d:66:cf:9c:ef:f2:63:81:27:
                    15:39:a5:08:d4:0c:06:5a:22:a7:66:a3:42:e8:77:
                    6e:e1:9c:83:39:66:79:b1:b0:fb:b9:d4:ea:f1:4b:
                    66:76:bb:f9:0c:85:19:43:87:7b:b5:87:f9:02:58:
                    bc:5b:b9:2b:7d:c4:83:c0:fc:e5:e3:a9:17:36:f3:
                    f6:05:da:b7:02:82:f9:1b:33:67:6f:aa:40:da:1c:
                    24:d8:c8:2a:46:7d:72:fe:b9:fd:91:33:47:f9:b2:
                    1c:1c:c2:8e:2e:5a:22:5b:bd:d1:ca:48:e6:8a:41:
                    c0:30:84:29:09:7f:3e:57:a1:58:35:fd:97:a9:ea:
                    f5:c0:09:16:3e:e1:6d:f2:f8:3c:9f:c3:65:ca:20:
                    7b:5c:b1:3a:38:fb:1c:a3:05:01:6c:e0:9b:df:4d:
                    a4:87:89:51:7f:b3:43:44:3f:a5:fa:02:b3:3c:7b:
                    63:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:C9:27:9C:DE:37:97:64:F7:FD:3A:39:CF:FA:DB:8F:A5:CF:E3:CC
            X509v3 Authority Key Identifier:
                keyid:D8:69:10:B4:44:DE:99:FA:81:C3:93:55:0C:97:E4:A3:20:BC:E8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GkQtETemfqBw5NVDJfkoyC86BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4f2563-2e82-478e-8f60-86931bfe3eea/1/2GkQtETemfqBw5NVDJfkoyC86BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:3e:4f:cc:9e:cc:ab:e2:f0:96:55:08:93:d6:7c:58:72:71:
         39:0f:4d:38:d1:7b:9f:61:d3:02:e2:d0:af:3d:18:9a:c7:06:
         b8:f9:a5:66:c4:06:6f:e2:d2:d2:44:2f:7e:6f:7d:21:14:4d:
         be:bf:7a:88:96:d2:03:6a:da:ee:2e:c8:60:e4:d7:02:94:bd:
         04:7f:cb:36:1e:69:e4:e8:83:9e:d8:1b:56:02:1e:20:44:f4:
         48:d7:f7:85:28:08:66:6e:ad:b6:ae:74:4e:b9:d4:1a:f9:f3:
         93:9b:f0:7f:f7:63:6b:c6:89:72:fd:d3:9a:aa:f9:a7:15:fd:
         aa:ea:ee:3f:4c:4e:f8:a9:bb:52:8e:00:0b:89:26:fe:b9:89:
         ec:18:01:77:b0:0e:69:70:2d:99:eb:bf:ca:bf:66:93:63:87:
         e0:cf:67:46:95:96:71:33:49:4f:eb:df:a7:93:f7:42:dd:be:
         10:fc:be:ef:c3:85:67:73:69:fd:12:40:62:a6:12:b9:c1:0d:
         e9:78:89:08:ba:f9:31:fc:a0:c0:2d:0e:d2:d9:8e:c4:98:4a:
         b9:0f:47:cf:71:9c:13:f3:7f:c1:12:5f:a5:c8:88:fa:0e:e8:
         83:4f:68:46:9e:62:13:0a:a1:15:22:6d:57:2f:fc:e6:39:11:
         62:32:76:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRGZw157ikI/xcSbUalTFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjkxMGI0NDRkZTk5ZmE4MWMzOTM1NTBjOTdlNGEzMjBi
Y2U4MTIwHhcNMjUxMTA0MjMwMDI0WhcNMjUxMTA1MjMwMDI0WjAzMTEwLwYDVQQD
EyhkMGM5Mjc5Y2RlMzc5NzY0ZjdmZDNhMzljZmZhZGI4ZmE1Y2ZlM2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5z51YBnlxHvZzLCGaPQb3wPIprVd
nZjRGi4bh27eDsnoYnf4YPI3oHYMDHuX7bgLC1N3TGmvTjYTYNTBYESSedfsODiN
Ozp2Bg6ORx95JVwdZs+c7/JjgScVOaUI1AwGWiKnZqNC6Hdu4ZyDOWZ5sbD7udTq
8Utmdrv5DIUZQ4d7tYf5Ali8W7krfcSDwPzl46kXNvP2Bdq3AoL5GzNnb6pA2hwk
2MgqRn1y/rn9kTNH+bIcHMKOLloiW73RykjmikHAMIQpCX8+V6FYNf2Xqer1wAkW
PuFt8vg8n8NlyiB7XLE6OPscowUBbOCb302kh4lRf7NDRD+l+gKzPHtjCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNDJJ5zeN5dk9/06Oc/624+lz+PMMB8GA1UdIwQY
MBaAFNhpELRE3pn6gcOTVQyX5KMgvOgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAt
ODY5MzFiZmUzZWVhLzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80ZjI1NjMtMmU4Mi00NzhlLThmNjAtODY5MzFiZmUzZWVh
LzEvMkdrUXRFVGVtZnFCdzVOVkRKZmtveUM4NkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAID5PzJ7M
q+LwllUIk9Z8WHJxOQ9NONF7n2HTAuLQrz0YmscGuPmlZsQGb+LS0kQvfm99IRRN
vr96iJbSA2ra7i7IYOTXApS9BH/LNh5p5OiDntgbVgIeIET0SNf3hSgIZm6ttq50
TrnUGvnzk5vwf/dja8aJcv3Tmqr5pxX9quruP0xO+Km7Uo4AC4km/rmJ7BgBd7AO
aXAtmeu/yr9mk2OH4M9nRpWWcTNJT+vfp5P3Qt2+EPy+78OFZ3Np/RJAYqYSucEN
6XiJCLr5MfygwC0O0tmOxJhKuQ9Hz3GcE/N/wRJfpciI+g7og09oRp5iEwqhFSJt
Vy/85jkRYjJ2gg==
-----END CERTIFICATE-----