Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
File:                     NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json)
Hash identifier:          Q3NZ860fJH0zX6+B8OeFU+M5n5/tLdh5aTtaL3kydpo=
Subject key identifier:   09:A5:0C:96:81:90:DA:03:50:7E:AD:97:34:12:D9:DC:62:89:96:E6
Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
Certificate issuer:       /CN=3432f3546de43ce35c7871c554b8b30ef635c251
Certificate serial:       0199FC59029F4F5FE5F03E86387A25CE6CBC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
Manifest number:          0289
Signing time:             Sun 19 Oct 2025 12:01:55 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:55 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:55 +0000
Files and hashes:         1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: 0Dam7b1catShbIS/EFoiExAe1/zWt8lySucgnaZoeWU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:59:02:9f:4f:5f:e5:f0:3e:86:38:7a:25:ce:6c:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251
        Validity
            Not Before: Oct 19 12:01:55 2025 GMT
            Not After : Oct 20 12:01:55 2025 GMT
        Subject: CN=09a50c968190da03507ead973412d9dc628996e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:9d:f7:49:b5:47:8a:00:2b:69:d4:84:6d:c5:
                    fd:57:8a:1f:48:9f:0c:c2:ca:98:77:7a:fa:72:2a:
                    06:99:44:4d:fc:03:e3:a5:7f:35:b9:18:d1:7f:fe:
                    9a:7b:09:9e:99:ce:63:29:ae:f1:85:1a:8a:39:59:
                    81:f1:91:6e:9e:77:b4:d5:8d:91:4d:c9:37:d0:db:
                    21:b6:ba:46:9f:97:82:f2:f8:6c:bb:ac:47:0a:e8:
                    96:b4:b0:36:2d:ea:0f:50:5b:ac:77:3c:0a:10:e3:
                    b9:86:77:84:f9:2b:de:ea:1f:97:2e:df:ac:d4:5d:
                    81:0e:31:b0:7f:24:c5:55:c4:a0:df:2e:11:ce:a8:
                    16:e2:d8:47:55:69:76:65:e2:5e:3a:2a:30:c7:e5:
                    5a:6b:bd:dc:42:44:0c:dd:44:ef:11:db:9b:d9:cb:
                    46:ee:03:ee:1f:49:f4:00:a8:fb:9f:1b:69:81:93:
                    15:eb:df:dc:5b:b7:67:af:a7:aa:b6:ca:23:aa:5d:
                    c4:d5:93:3a:ad:1d:bc:40:4a:62:37:7e:70:d6:4b:
                    ed:65:8e:0d:61:71:b1:07:86:54:53:c1:f2:74:b5:
                    69:c1:ff:a3:cf:5a:61:e1:eb:27:9b:80:c7:8e:d6:
                    82:95:c2:aa:43:d0:bd:79:55:e0:99:69:c9:5c:33:
                    58:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:A5:0C:96:81:90:DA:03:50:7E:AD:97:34:12:D9:DC:62:89:96:E6
            X509v3 Authority Key Identifier:
                keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:39:b3:5c:06:1b:db:a2:2a:67:6e:bd:10:5a:27:cd:12:11:
         8b:81:31:07:c6:73:b5:54:64:09:05:da:69:45:d0:f9:9e:e9:
         c9:59:98:a0:65:6a:bc:8c:a1:9a:40:c2:b1:65:b3:64:38:a2:
         98:88:d1:e0:62:7a:b2:2b:26:5b:72:30:9a:8c:da:99:bd:b1:
         3f:c4:1b:32:4a:a5:17:40:1a:ae:e7:27:43:88:37:46:68:8e:
         00:be:8c:ad:23:8b:25:2f:23:cc:85:1f:16:4c:e0:2a:ab:88:
         cf:0e:e2:cc:6e:ab:c7:f4:57:5f:6f:85:00:8a:4c:31:07:87:
         d6:a3:06:f1:4c:f3:a4:e7:cd:fd:c4:e3:0a:af:e1:c0:5f:1d:
         22:e1:ea:cb:0d:84:4f:d5:74:7c:93:7c:58:3f:4b:fa:7c:de:
         23:74:e2:37:58:d0:bb:2c:96:a0:8a:f4:29:94:bf:08:44:3d:
         89:3a:a4:e9:50:ef:f5:02:01:b5:11:7f:a9:12:7e:74:95:f5:
         dd:a9:4b:41:48:be:eb:dd:ca:84:11:73:04:20:12:bb:8a:e7:
         41:0a:18:f0:f8:16:d6:0b:cb:03:3e:77:6d:39:db:45:c4:9b:
         2f:67:2d:af:93:58:1c:c1:3d:61:d1:46:e9:fd:a9:c7:91:77:
         92:c1:75:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WQKfT1/l8D6GOHolzmy8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz
NWMyNTEwHhcNMjUxMDE5MTIwMTU1WhcNMjUxMDIwMTIwMTU1WjAzMTEwLwYDVQQD
EygwOWE1MGM5NjgxOTBkYTAzNTA3ZWFkOTczNDEyZDlkYzYyODk5NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ33SbVHigAradSEbcX9V4ofSJ8M
wsqYd3r6cioGmURN/APjpX81uRjRf/6aewmemc5jKa7xhRqKOVmB8ZFunne01Y2R
Tck30NshtrpGn5eC8vhsu6xHCuiWtLA2LeoPUFusdzwKEOO5hneE+Sve6h+XLt+s
1F2BDjGwfyTFVcSg3y4RzqgW4thHVWl2ZeJeOiowx+Vaa73cQkQM3UTvEdub2ctG
7gPuH0n0AKj7nxtpgZMV69/cW7dnr6eqtsojql3E1ZM6rR28QEpiN35w1kvtZY4N
YXGxB4ZUU8HydLVpwf+jz1ph4esnm4DHjtaClcKqQ9C9eVXgmWnJXDNYPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmlDJaBkNoDUH6tlzQS2dxiiZbmMB8GA1UdIwQY
MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct
NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3
LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfjmzXAYb
26IqZ269EFonzRIRi4ExB8ZztVRkCQXaaUXQ+Z7pyVmYoGVqvIyhmkDCsWWzZDii
mIjR4GJ6sismW3Iwmozamb2xP8QbMkqlF0AarucnQ4g3RmiOAL6MrSOLJS8jzIUf
FkzgKquIzw7izG6rx/RXX2+FAIpMMQeH1qMG8UzzpOfN/cTjCq/hwF8dIuHqyw2E
T9V0fJN8WD9L+nzeI3TiN1jQuyyWoIr0KZS/CEQ9iTqk6VDv9QIBtRF/qRJ+dJX1
3alLQUi+693KhBFzBCASu4rnQQoY8PgW1gvLAz53bTnbRcSbL2ctr5NYHME9YdFG
6f2px5F3ksF1kA==
-----END CERTIFICATE-----