Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
File:                     nTXgMBWeVx-qvTebUsHZoa77FEQ.mft (raw, json)
Hash identifier:          nSPVp7ObSmMPYOslyRqUjF9WZkifPXbualfPpszu3kk=
Subject key identifier:   8D:13:43:49:7C:00:05:3D:72:07:BC:67:65:CA:F0:C9:DD:30:68:09
Authority key identifier: 9D:35:E0:30:15:9E:57:1F:AA:BD:37:9B:52:C1:D9:A1:AE:FB:14:44
Certificate issuer:       /CN=9d35e030159e571faabd379b52c1d9a1aefb1444
Certificate serial:       0199FCC6D4737C4F7BCAA15D9179C5C09351
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
Manifest number:          016B
Signing time:             Sun 19 Oct 2025 14:01:52 +0000
Manifest this update:     Sun 19 Oct 2025 14:01:52 +0000
Manifest next update:     Mon 20 Oct 2025 14:01:52 +0000
Files and hashes:         1: nTXgMBWeVx-qvTebUsHZoa77FEQ.crl (hash: Ruc5XAyAfDqx7snLdbPtO8mUqmsz9WpypGLoX0Xmvzc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:c6:d4:73:7c:4f:7b:ca:a1:5d:91:79:c5:c0:93:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d35e030159e571faabd379b52c1d9a1aefb1444
        Validity
            Not Before: Oct 19 14:01:52 2025 GMT
            Not After : Oct 20 14:01:52 2025 GMT
        Subject: CN=8d1343497c00053d7207bc6765caf0c9dd306809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:62:53:52:90:33:2c:0a:9c:f7:e7:b8:ae:57:
                    72:f5:a3:c2:11:7d:89:a1:d0:d3:72:52:29:b8:a9:
                    85:7a:ca:82:0d:eb:99:25:9a:a2:02:dc:bd:b6:fc:
                    bd:58:41:b3:23:ec:26:22:f7:4f:54:8a:13:10:00:
                    e9:4e:b4:2f:99:fc:5e:76:38:83:e5:05:b9:a1:ec:
                    16:b4:96:03:3d:ee:c3:b5:02:56:7c:6f:19:8a:31:
                    63:d2:96:65:4e:0b:f3:7f:0f:c0:e8:82:11:59:35:
                    be:7d:82:e4:8b:26:13:29:d5:8a:2d:58:9c:05:fb:
                    18:d7:7e:23:25:41:9d:03:c4:8c:5e:2b:ee:a3:f6:
                    e4:11:93:ac:fe:b0:f4:87:af:04:ff:84:9b:f9:06:
                    8c:7a:0e:bb:3b:12:4a:6a:d5:b9:6e:73:10:91:c5:
                    77:da:ab:d2:5c:0b:e6:9d:e7:9a:b0:7c:2b:38:7a:
                    d9:01:3d:d2:1e:18:69:f3:42:6e:ac:2c:5c:a2:c8:
                    3d:2e:c6:24:fe:d7:64:0c:64:1a:48:43:0b:ca:4b:
                    b7:36:bc:7b:dc:44:ba:c3:96:7c:6a:18:19:e5:66:
                    00:e8:29:6b:a9:a8:89:16:07:58:39:60:70:81:7d:
                    0a:66:45:6f:76:de:df:c3:5f:c6:6b:8c:28:12:1f:
                    ab:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:13:43:49:7C:00:05:3D:72:07:BC:67:65:CA:F0:C9:DD:30:68:09
            X509v3 Authority Key Identifier:
                keyid:9D:35:E0:30:15:9E:57:1F:AA:BD:37:9B:52:C1:D9:A1:AE:FB:14:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTXgMBWeVx-qvTebUsHZoa77FEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7d7323-9e84-4f87-b5f9-286a828dd7d5/1/nTXgMBWeVx-qvTebUsHZoa77FEQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:08:35:23:c4:ee:8b:a6:bc:7e:4b:2f:6a:90:81:4c:e0:38:
         00:bb:59:c5:e8:d1:85:1f:6d:ba:73:b1:29:10:3e:82:5c:19:
         96:2a:2e:77:fc:4b:37:3f:68:09:d1:b8:50:68:45:c7:b2:f3:
         06:02:ed:be:31:e7:8c:70:de:b0:c3:02:c8:f8:e8:f9:31:20:
         73:cf:ca:3a:58:90:25:38:fb:ea:18:19:56:51:f2:92:f7:51:
         fa:53:92:3e:cb:00:4b:71:ce:1d:c0:58:79:db:3f:e3:98:a1:
         29:08:e8:ce:00:91:ee:3e:35:c8:46:c5:9c:0b:c5:05:14:0c:
         e3:4f:3f:23:40:85:07:a6:4a:d0:33:19:53:8c:34:8c:a8:14:
         e1:0d:75:6e:af:64:51:41:a0:74:95:66:04:3d:50:bf:e5:9c:
         05:a6:56:0e:54:b8:68:04:9d:7f:c4:09:cd:24:4c:2e:3c:67:
         8e:50:4f:27:e6:d6:e2:0e:a4:49:8e:d5:11:e8:e6:07:e6:66:
         35:e1:5f:12:1a:b9:b1:f8:4a:3a:bf:1e:36:a7:d2:58:93:55:
         c8:5a:6c:22:ff:12:3c:25:b9:bf:b6:36:6b:94:bc:12:71:8a:
         7e:5d:e1:36:a3:3f:a1:f9:3a:b8:91:fd:50:80:67:3e:f0:63:
         1b:9a:b6:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xtRzfE97yqFdkXnFwJNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzVlMDMwMTU5ZTU3MWZhYWJkMzc5YjUyYzFkOWExYWVm
YjE0NDQwHhcNMjUxMDE5MTQwMTUyWhcNMjUxMDIwMTQwMTUyWjAzMTEwLwYDVQQD
Eyg4ZDEzNDM0OTdjMDAwNTNkNzIwN2JjNjc2NWNhZjBjOWRkMzA2ODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWJTUpAzLAqc9+e4rldy9aPCEX2J
odDTclIpuKmFesqCDeuZJZqiAty9tvy9WEGzI+wmIvdPVIoTEADpTrQvmfxedjiD
5QW5oewWtJYDPe7DtQJWfG8ZijFj0pZlTgvzfw/A6IIRWTW+fYLkiyYTKdWKLVic
BfsY134jJUGdA8SMXivuo/bkEZOs/rD0h68E/4Sb+QaMeg67OxJKatW5bnMQkcV3
2qvSXAvmneeasHwrOHrZAT3SHhhp80JurCxcosg9LsYk/tdkDGQaSEMLyku3Nrx7
3ES6w5Z8ahgZ5WYA6ClrqaiJFgdYOWBwgX0KZkVvdt7fw1/Ga4woEh+rSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0TQ0l8AAU9cge8Z2XK8MndMGgJMB8GA1UdIwQY
MBaAFJ014DAVnlcfqr03m1LB2aGu+xREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZDczMjMtOWU4NC00Zjg3LWI1Zjkt
Mjg2YTgyOGRkN2Q1LzEvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZDczMjMtOWU4NC00Zjg3LWI1ZjktMjg2YTgyOGRkN2Q1
LzEvblRYZ01CV2VWeC1xdlRlYlVzSFpvYTc3RkVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPgg1I8Tu
i6a8fksvapCBTOA4ALtZxejRhR9tunOxKRA+glwZlioud/xLNz9oCdG4UGhFx7Lz
BgLtvjHnjHDesMMCyPjo+TEgc8/KOliQJTj76hgZVlHykvdR+lOSPssAS3HOHcBY
eds/45ihKQjozgCR7j41yEbFnAvFBRQM408/I0CFB6ZK0DMZU4w0jKgU4Q11bq9k
UUGgdJVmBD1Qv+WcBaZWDlS4aASdf8QJzSRMLjxnjlBPJ+bW4g6kSY7VEejmB+Zm
NeFfEhq5sfhKOr8eNqfSWJNVyFpsIv8SPCW5v7Y2a5S8EnGKfl3hNqM/ofk6uJH9
UIBnPvBjG5q2Ug==
-----END CERTIFICATE-----