Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
File:                     2_9h1cWObqbsXPfubPNTpmOxs6g.mft (raw, json)
Hash identifier:          laH2qMQVGI9q2m6bqeZXUgCI/v9oTGplYcljOI7aOzs=
Subject key identifier:   98:DE:38:C4:A8:4B:D5:18:51:98:A1:88:E1:60:AD:12:30:A0:75:EB
Authority key identifier: DB:FF:61:D5:C5:8E:6E:A6:EC:5C:F7:EE:6C:F3:53:A6:63:B1:B3:A8
Certificate issuer:       /CN=dbff61d5c58e6ea6ec5cf7ee6cf353a663b1b3a8
Certificate serial:       01988FC7017362E3037003722377477D552C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
Manifest number:          024B
Signing time:             Sat 09 Aug 2025 17:00:40 +0000
Manifest this update:     Sat 09 Aug 2025 17:00:40 +0000
Manifest next update:     Sun 10 Aug 2025 17:00:40 +0000
Files and hashes:         1: 2_9h1cWObqbsXPfubPNTpmOxs6g.crl (hash: CiFJuoWVlHT0vlFoLJ6PFPUwt3dmCxF5m4Dk553NMWM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 10 Aug 2025 14:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8f:c7:01:73:62:e3:03:70:03:72:23:77:47:7d:55:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbff61d5c58e6ea6ec5cf7ee6cf353a663b1b3a8
        Validity
            Not Before: Aug  9 17:00:40 2025 GMT
            Not After : Aug 10 17:00:40 2025 GMT
        Subject: CN=98de38c4a84bd5185198a188e160ad1230a075eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:10:61:ff:ac:91:f8:23:66:fb:d9:57:5b:19:
                    c6:de:d9:8a:14:fe:8a:56:9c:10:a5:aa:dc:ed:b3:
                    5d:94:dc:ef:80:5a:07:e3:c7:e0:e6:30:61:b1:b8:
                    3d:75:77:bc:81:c2:58:da:e7:9f:76:8e:30:ed:81:
                    42:cd:9f:64:c3:b0:57:c2:b3:9a:c2:87:fa:6f:f5:
                    42:47:dc:16:0d:28:da:7d:97:ad:db:72:e5:56:d6:
                    c2:bf:e7:75:79:e6:2e:5c:51:7a:55:fc:27:b7:25:
                    76:88:d1:a2:6d:19:cf:d6:1c:da:f4:55:51:ff:15:
                    49:23:ec:5f:39:d9:9c:d9:8f:99:0e:c9:a1:35:32:
                    4d:7f:23:53:12:ad:ce:f2:b8:31:7c:f4:04:a8:d0:
                    f0:2d:71:2a:48:c2:35:bd:79:27:85:6d:62:b0:8a:
                    fd:3e:1c:57:87:f5:c4:14:ed:c4:cd:75:4f:7e:c9:
                    4e:49:c3:77:79:44:99:44:ec:f1:0a:74:37:6e:5f:
                    2c:93:9c:99:fd:de:fe:a1:97:bf:fc:4c:82:f2:a7:
                    25:79:55:90:d3:77:ff:00:3a:c5:e2:a3:e3:e5:90:
                    39:48:a4:9a:f1:c4:bb:00:ec:34:f2:0f:3f:65:5c:
                    05:d5:6b:29:d4:ba:0e:b1:2e:5a:ac:eb:0b:d9:d1:
                    02:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:DE:38:C4:A8:4B:D5:18:51:98:A1:88:E1:60:AD:12:30:A0:75:EB
            X509v3 Authority Key Identifier:
                keyid:DB:FF:61:D5:C5:8E:6E:A6:EC:5C:F7:EE:6C:F3:53:A6:63:B1:B3:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2_9h1cWObqbsXPfubPNTpmOxs6g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/eed1d6-6a72-4826-839c-b8b36f8956b7/1/2_9h1cWObqbsXPfubPNTpmOxs6g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:8b:83:c0:56:3e:22:c9:f8:57:a1:68:8e:34:7c:cf:08:e0:
         3b:6b:c4:4d:11:00:04:61:fe:98:19:c9:e2:96:10:94:88:95:
         45:37:03:5c:01:4a:11:46:dd:7c:0b:c9:bc:88:e2:69:9b:d4:
         a4:70:e1:8b:19:3b:90:2b:fa:db:07:20:16:e0:c4:a5:58:53:
         f1:92:d8:ac:a7:49:77:7f:4f:96:d7:d0:71:67:d3:30:11:96:
         0a:80:08:58:a8:4c:1e:67:0b:04:df:8c:ed:17:98:cd:ab:3c:
         3a:53:c1:94:2e:41:76:c9:6b:59:9d:6e:18:fb:a1:5e:ca:d7:
         d5:f9:6b:80:fd:3b:55:0e:14:66:76:5e:bc:16:65:0a:6d:41:
         07:21:7c:ab:f4:7c:a7:5f:58:04:79:b7:b6:da:d1:08:89:eb:
         41:df:c9:c7:3c:44:5d:51:af:68:fd:c2:ab:76:6f:eb:ba:ae:
         c6:4a:0f:9e:8e:6a:98:84:75:4c:94:aa:f2:a4:cc:68:7d:ee:
         d2:a6:89:35:93:15:5c:93:ca:90:d0:a9:21:c8:49:e1:43:53:
         c5:42:82:d6:1b:b4:cc:cb:a0:de:77:57:3a:6d:70:0e:55:5f:
         4f:ce:d4:91:aa:0b:a6:c6:61:b5:b6:b6:5e:ef:cc:16:e0:f7:
         2c:f3:eb:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiPxwFzYuMDcANyI3dHfVUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZmY2MWQ1YzU4ZTZlYTZlYzVjZjdlZTZjZjM1M2E2NjNi
MWIzYTgwHhcNMjUwODA5MTcwMDQwWhcNMjUwODEwMTcwMDQwWjAzMTEwLwYDVQQD
Eyg5OGRlMzhjNGE4NGJkNTE4NTE5OGExODhlMTYwYWQxMjMwYTA3NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8BBh/6yR+CNm+9lXWxnG3tmKFP6K
VpwQparc7bNdlNzvgFoH48fg5jBhsbg9dXe8gcJY2uefdo4w7YFCzZ9kw7BXwrOa
wof6b/VCR9wWDSjafZet23LlVtbCv+d1eeYuXFF6VfwntyV2iNGibRnP1hza9FVR
/xVJI+xfOdmc2Y+ZDsmhNTJNfyNTEq3O8rgxfPQEqNDwLXEqSMI1vXknhW1isIr9
PhxXh/XEFO3EzXVPfslOScN3eUSZROzxCnQ3bl8sk5yZ/d7+oZe//EyC8qcleVWQ
03f/ADrF4qPj5ZA5SKSa8cS7AOw08g8/ZVwF1Wsp1LoOsS5arOsL2dEC7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjeOMSoS9UYUZihiOFgrRIwoHXrMB8GA1UdIwQY
MBaAFNv/YdXFjm6m7Fz37mzzU6ZjsbOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9lZWQxZDYtNmE3Mi00ODI2LTgzOWMt
YjhiMzZmODk1NmI3LzEvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9lZWQxZDYtNmE3Mi00ODI2LTgzOWMtYjhiMzZmODk1NmI3
LzEvMl85aDFjV09icWJzWFBmdWJQTlRwbU94czZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVouDwFY+
Isn4V6FojjR8zwjgO2vETREABGH+mBnJ4pYQlIiVRTcDXAFKEUbdfAvJvIjiaZvU
pHDhixk7kCv62wcgFuDEpVhT8ZLYrKdJd39PltfQcWfTMBGWCoAIWKhMHmcLBN+M
7ReYzas8OlPBlC5BdslrWZ1uGPuhXsrX1flrgP07VQ4UZnZevBZlCm1BByF8q/R8
p19YBHm3ttrRCInrQd/JxzxEXVGvaP3Cq3Zv67quxkoPno5qmIR1TJSq8qTMaH3u
0qaJNZMVXJPKkNCpIchJ4UNTxUKC1hu0zMug3ndXOm1wDlVfT87UkaoLpsZhtba2
Xu/MFuD3LPPrYA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:37:45 2025 by rpki-client