Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          LJQJcxBHemk1gnCLsYEPwIZm/G0sHHfbGnmZ2BnMV70=
Subject key identifier:   A2:31:5D:95:E4:FF:80:45:D1:40:F0:36:E8:97:BF:D7:3E:E7:DC:8A
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       019A4EF4D0F3F065AC8E284A9044174F37BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          170B
Signing time:             Tue 04 Nov 2025 13:00:58 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:58 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:58 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: bd21ZJ046z8BcUHdLYAyCm3Q1Ib6NNqGJtsNV4B5JMU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:d0:f3:f0:65:ac:8e:28:4a:90:44:17:4f:37:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Nov  4 13:00:58 2025 GMT
            Not After : Nov  5 13:00:58 2025 GMT
        Subject: CN=a2315d95e4ff8045d140f036e897bfd73ee7dc8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:e1:9f:9f:cf:e5:04:8b:92:d8:20:cf:7d:43:
                    af:c7:5d:fe:4b:8f:df:24:20:8b:cc:09:30:0d:fa:
                    fc:75:04:3c:8b:9f:25:d1:5f:64:ae:a5:36:bd:5b:
                    38:a3:0d:ad:72:17:1d:62:d9:64:07:c0:74:2d:28:
                    ba:b0:6a:75:f1:c8:dd:b9:8c:fa:54:1e:6e:cc:f4:
                    c8:01:ce:80:e6:6c:65:d8:71:cb:79:ed:36:cf:0e:
                    8d:53:60:6c:9b:9a:27:91:30:27:f5:bd:6f:63:dc:
                    a3:d8:ea:60:8d:c0:15:51:ba:4e:f8:c9:69:0b:73:
                    c9:c3:3b:ec:64:b1:ea:90:43:30:78:71:db:ba:9f:
                    38:4d:cb:ff:cc:2d:f2:07:d3:ee:fc:8a:58:5b:26:
                    39:1b:5b:57:85:7f:16:32:43:c1:42:fe:19:59:c1:
                    35:91:ea:8f:ba:cd:86:f7:6a:65:09:cb:0e:d5:70:
                    b1:87:a5:68:2d:3e:90:8a:72:27:d0:de:bf:c8:f3:
                    60:f4:90:ae:b7:ab:96:d9:a2:01:78:01:3a:01:af:
                    13:c0:a8:f5:f8:6f:70:ab:29:06:e5:09:15:45:a8:
                    75:87:1d:2f:7b:6b:17:95:b0:68:b1:b9:84:78:bf:
                    94:3c:11:04:ed:35:f5:58:6f:47:2e:24:bc:30:4c:
                    ce:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:31:5D:95:E4:FF:80:45:D1:40:F0:36:E8:97:BF:D7:3E:E7:DC:8A
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:5b:0e:f8:fd:b0:ea:9d:26:22:ca:06:ca:a5:b4:0b:f4:4f:
         f4:c9:c5:9b:b4:d2:a6:0a:10:92:9b:53:13:21:26:cf:a4:1e:
         64:f4:3a:0f:51:69:6c:49:2c:20:00:7f:5b:14:64:06:7f:6e:
         2d:46:a7:ca:bc:a2:e5:6d:1b:bc:82:d6:8d:99:9f:28:64:48:
         8c:c3:2f:c3:5c:fe:16:95:e0:91:cc:63:b0:71:d5:04:5c:08:
         a3:3f:a4:0d:ea:4d:e1:41:75:c3:dc:e7:7e:e3:4d:7c:ad:22:
         bc:94:8e:82:12:c5:79:b7:2e:13:c4:89:60:eb:aa:11:1b:3a:
         bb:32:11:58:77:fd:58:cd:a9:ef:5f:61:5f:2d:44:1b:25:e0:
         4a:c8:72:e3:c3:ce:b3:81:59:ae:08:a8:c5:de:74:5f:12:69:
         99:23:3e:09:4f:64:82:06:c8:5d:67:67:5b:bf:9b:28:0f:66:
         68:25:38:68:4e:3a:96:37:fb:b9:9d:6a:61:29:23:1f:79:4c:
         0e:71:4f:b0:63:41:5c:1e:ee:2a:0c:e1:8a:49:36:2d:c6:fd:
         af:e0:fb:ae:5b:4a:75:4c:58:da:4f:db:75:2f:c9:80:34:83:
         6c:89:c0:79:77:71:14:a4:92:82:a6:b1:0e:09:26:2b:de:16:
         93:9d:85:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9NDz8GWsjihKkEQXTze8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjUxMTA0MTMwMDU4WhcNMjUxMTA1MTMwMDU4WjAzMTEwLwYDVQQD
EyhhMjMxNWQ5NWU0ZmY4MDQ1ZDE0MGYwMzZlODk3YmZkNzNlZTdkYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OGfn8/lBIuS2CDPfUOvx13+S4/f
JCCLzAkwDfr8dQQ8i58l0V9krqU2vVs4ow2tchcdYtlkB8B0LSi6sGp18cjduYz6
VB5uzPTIAc6A5mxl2HHLee02zw6NU2Bsm5onkTAn9b1vY9yj2OpgjcAVUbpO+Mlp
C3PJwzvsZLHqkEMweHHbup84Tcv/zC3yB9Pu/IpYWyY5G1tXhX8WMkPBQv4ZWcE1
keqPus2G92plCcsO1XCxh6VoLT6QinIn0N6/yPNg9JCut6uW2aIBeAE6Aa8TwKj1
+G9wqykG5QkVRah1hx0ve2sXlbBosbmEeL+UPBEE7TX1WG9HLiS8MEzOzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKIxXZXk/4BF0UDwNuiXv9c+59yKMB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIVsO+P2w
6p0mIsoGyqW0C/RP9MnFm7TSpgoQkptTEyEmz6QeZPQ6D1FpbEksIAB/WxRkBn9u
LUanyryi5W0bvILWjZmfKGRIjMMvw1z+FpXgkcxjsHHVBFwIoz+kDepN4UF1w9zn
fuNNfK0ivJSOghLFebcuE8SJYOuqERs6uzIRWHf9WM2p719hXy1EGyXgSshy48PO
s4FZrgioxd50XxJpmSM+CU9kggbIXWdnW7+bKA9maCU4aE46ljf7uZ1qYSkjH3lM
DnFPsGNBXB7uKgzhikk2Lcb9r+D7rltKdUxY2k/bdS/JgDSDbInAeXdxFKSSgqax
DgkmK94Wk52FbA==
-----END CERTIFICATE-----