Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
File:                     2_9h1cWObqbsXPfubPNTpmOxs6g.mft (raw, json)
Hash identifier:          dAvr7Ag1IApUyq4UPkFA8gJ2ZoZbZ+ed53ikJXtoFBk=
Subject key identifier:   B2:D5:7C:64:4B:AE:F4:B8:80:81:95:7A:43:B4:76:CB:03:09:82:45
Authority key identifier: DB:FF:61:D5:C5:8E:6E:A6:EC:5C:F7:EE:6C:F3:53:A6:63:B1:B3:A8
Certificate issuer:       /CN=dbff61d5c58e6ea6ec5cf7ee6cf353a663b1b3a8
Certificate serial:       019A4DE203AD095BD731BBB646F0AD593F50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
Manifest number:          0332
Signing time:             Tue 04 Nov 2025 08:00:48 +0000
Manifest this update:     Tue 04 Nov 2025 08:00:48 +0000
Manifest next update:     Wed 05 Nov 2025 08:00:48 +0000
Files and hashes:         1: 2_9h1cWObqbsXPfubPNTpmOxs6g.crl (hash: jsxXaxqlYs4drVE7uyfDm2cqvQcbIXzk1G3FN8vUeIY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 08:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:e2:03:ad:09:5b:d7:31:bb:b6:46:f0:ad:59:3f:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbff61d5c58e6ea6ec5cf7ee6cf353a663b1b3a8
        Validity
            Not Before: Nov  4 08:00:48 2025 GMT
            Not After : Nov  5 08:00:48 2025 GMT
        Subject: CN=b2d57c644baef4b88081957a43b476cb03098245
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:75:0a:74:fc:52:c3:77:f0:30:93:a9:ad:db:
                    c9:d2:ad:aa:b3:45:d0:7e:ea:3f:fd:5e:50:f0:0d:
                    b4:31:da:ad:ce:37:f9:16:79:a9:38:48:6e:f2:5c:
                    a4:46:85:c2:90:74:ca:34:c3:cc:ca:b0:2b:1c:9a:
                    50:00:e7:10:13:81:1a:76:35:db:95:dc:5b:2e:f1:
                    cf:f1:1f:5d:88:d0:ff:96:90:4f:ab:c5:5c:0b:c1:
                    12:db:cc:17:53:97:6f:f2:38:44:ea:f9:7b:f4:af:
                    82:9f:3a:43:fa:64:56:86:35:f4:78:98:d2:13:30:
                    9a:42:d4:60:26:f4:82:5d:5d:d7:84:4c:a5:79:61:
                    3a:71:11:18:0d:eb:0a:1c:0d:14:8c:c8:68:c6:40:
                    ff:f5:79:24:8e:54:26:8f:f6:50:cb:5d:2a:e4:ee:
                    e2:ce:d5:51:82:30:86:f8:fe:d2:84:dc:3a:bd:6e:
                    b9:2b:6d:49:86:c4:9a:ff:45:fa:57:93:ad:df:4d:
                    26:99:cf:25:9e:f2:98:ac:fc:06:ca:c6:ff:f8:45:
                    bc:33:c1:28:ec:00:e0:c2:a6:5f:42:e5:20:a5:be:
                    94:f2:d9:14:20:38:d3:c9:a9:17:c4:12:a2:0e:51:
                    f6:f3:e1:21:5f:1e:62:64:eb:2b:79:71:7e:fc:57:
                    af:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:D5:7C:64:4B:AE:F4:B8:80:81:95:7A:43:B4:76:CB:03:09:82:45
            X509v3 Authority Key Identifier:
                keyid:DB:FF:61:D5:C5:8E:6E:A6:EC:5C:F7:EE:6C:F3:53:A6:63:B1:B3:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:48:d6:da:73:4e:27:e0:0a:02:f0:7d:08:fa:fb:c3:b8:47:
         6f:26:36:3f:a6:24:ab:f7:92:f1:98:0b:6c:34:0c:79:8a:88:
         2c:77:16:cb:16:7e:9e:ec:66:6a:38:91:6f:c1:93:dc:58:e1:
         16:bb:59:e9:8b:a6:04:cc:4e:da:67:39:10:39:fb:e6:65:71:
         74:28:42:9c:5e:3b:4e:e4:3b:cc:2b:54:12:dd:ff:28:46:0a:
         86:ab:42:22:04:d4:20:1b:48:0e:b8:7b:ff:39:11:69:2d:fa:
         c7:4e:bf:c2:8c:12:3a:0f:61:db:c3:2a:28:61:7d:16:56:73:
         03:b5:62:57:46:e9:1c:5e:88:a7:8c:f8:69:97:9a:b4:c6:a5:
         31:d7:d9:b4:df:5f:f1:8a:2e:c9:d0:68:f8:df:cc:7b:5a:f9:
         14:9d:28:6b:9a:85:d6:11:b5:78:d3:ad:57:96:29:9c:22:b4:
         54:4e:6b:9c:e6:c4:ca:89:c1:e3:19:9a:e9:7c:c9:b6:4c:75:
         60:d1:8c:58:80:b3:92:e8:c7:aa:c6:c9:c9:51:f4:ed:d5:51:
         fb:c7:e6:e3:db:90:ba:98:67:be:d7:b8:c3:09:c3:45:4b:a8:
         2c:51:68:80:c3:3f:64:91:f9:0c:38:71:c2:8b:df:4f:fc:5f:
         b5:9a:c7:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gOtCVvXMbu2RvCtWT9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmY2MWQ1YzU4ZTZlYTZlYzVjZjdlZTZjZjM1M2E2NjNi
MWIzYTgwHhcNMjUxMTA0MDgwMDQ4WhcNMjUxMTA1MDgwMDQ4WjAzMTEwLwYDVQQD
EyhiMmQ1N2M2NDRiYWVmNGI4ODA4MTk1N2E0M2I0NzZjYjAzMDk4MjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunUKdPxSw3fwMJOprdvJ0q2qs0XQ
fuo//V5Q8A20Mdqtzjf5FnmpOEhu8lykRoXCkHTKNMPMyrArHJpQAOcQE4EadjXb
ldxbLvHP8R9diND/lpBPq8VcC8ES28wXU5dv8jhE6vl79K+CnzpD+mRWhjX0eJjS
EzCaQtRgJvSCXV3XhEyleWE6cREYDesKHA0UjMhoxkD/9XkkjlQmj/ZQy10q5O7i
ztVRgjCG+P7ShNw6vW65K21JhsSa/0X6V5Ot300mmc8lnvKYrPwGysb/+EW8M8Eo
7ADgwqZfQuUgpb6U8tkUIDjTyakXxBKiDlH28+EhXx5iZOsreXF+/FevXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLVfGRLrvS4gIGVekO0dssDCYJFMB8GA1UdIwQY
MBaAFNv/YdXFjm6m7Fz37mzzU6ZjsbOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9lZWQxZDYtNmE3Mi00ODI2LTgzOWMt
YjhiMzZmODk1NmI3LzEvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9lZWQxZDYtNmE3Mi00ODI2LTgzOWMtYjhiMzZmODk1NmI3
LzEvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQUjW2nNO
J+AKAvB9CPr7w7hHbyY2P6Ykq/eS8ZgLbDQMeYqILHcWyxZ+nuxmajiRb8GT3Fjh
FrtZ6YumBMxO2mc5EDn75mVxdChCnF47TuQ7zCtUEt3/KEYKhqtCIgTUIBtIDrh7
/zkRaS36x06/wowSOg9h28MqKGF9FlZzA7ViV0bpHF6Ip4z4aZeatMalMdfZtN9f
8YouydBo+N/Me1r5FJ0oa5qF1hG1eNOtV5YpnCK0VE5rnObEyonB4xma6XzJtkx1
YNGMWICzkujHqsbJyVH07dVR+8fm49uQuphnvte4wwnDRUuoLFFogMM/ZJH5DDhx
wovfT/xftZrHkA==
-----END CERTIFICATE-----