Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          NOaPhFgJ39usqLrcDZWqNh9qsBgN+5/++kwC35y4zkQ=
Subject key identifier:   68:3D:76:10:63:8F:23:A5:0B:85:32:5D:52:7D:B7:9C:DB:C2:1C:F4
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       0199FBEBDA764AA0E55B12137AE1A1687757
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0F3E
Signing time:             Sun 19 Oct 2025 10:02:41 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:41 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:41 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: jM/kuTdaQE3Utj6kYQAlSHcHQTo8GzsPqkCtrye+cRQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:da:76:4a:a0:e5:5b:12:13:7a:e1:a1:68:77:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: Oct 19 10:02:41 2025 GMT
            Not After : Oct 20 10:02:41 2025 GMT
        Subject: CN=683d7610638f23a50b85325d527db79cdbc21cf4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:4a:1b:5e:7e:2e:38:a1:a6:de:cc:d0:a3:74:
                    cf:89:26:fe:ee:25:26:50:ef:5d:64:df:cd:8c:86:
                    8e:7d:55:26:90:19:5c:52:be:85:4c:bc:d9:7d:2e:
                    0e:06:39:18:15:a0:11:65:8e:c6:ac:fb:2e:84:17:
                    ae:c5:cf:ca:38:3f:aa:2d:07:31:e1:e4:cb:e3:0f:
                    f7:cc:bd:20:a7:85:c9:54:f2:0a:be:de:ba:20:13:
                    02:36:9b:c2:c7:03:f7:32:d2:3b:5f:e9:96:b7:86:
                    15:f9:9b:74:40:6c:a1:26:27:1d:a2:70:33:c7:b0:
                    ec:f3:1e:23:4c:01:83:0c:2c:78:4c:33:6a:8d:85:
                    30:63:ed:ca:ec:e8:90:6a:a4:59:84:ca:6e:95:65:
                    48:49:a3:12:1a:9e:5f:90:4a:cf:0d:5b:db:1e:c6:
                    3a:22:16:0f:03:fe:7c:f2:0f:48:0e:e5:d6:37:36:
                    20:3a:d4:cb:23:6c:58:4b:0c:f6:ff:7e:db:fa:1e:
                    5f:50:c1:38:88:3d:31:34:7a:92:39:12:c1:e2:7d:
                    3c:ad:08:ca:63:d2:d0:f8:49:fe:03:85:78:0a:1f:
                    2c:af:45:a8:a7:c2:d2:87:8a:33:e7:02:67:5f:64:
                    75:60:ab:90:73:8f:fb:3b:a3:89:cb:01:c9:da:33:
                    f4:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:3D:76:10:63:8F:23:A5:0B:85:32:5D:52:7D:B7:9C:DB:C2:1C:F4
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ac:d3:da:fd:42:45:38:d7:a8:b2:1b:4e:a1:69:fb:ea:55:b8:
         dd:dc:4a:9a:78:31:26:2d:c5:dd:5a:65:35:b3:02:30:f2:27:
         1b:65:12:78:b3:bc:68:89:8b:69:28:f1:3a:cb:5a:85:26:84:
         34:f9:e1:7a:68:2e:7a:bd:56:18:1d:0b:59:10:cf:0f:9e:0f:
         73:cd:a6:a9:fc:ec:aa:c9:cb:a8:7c:3c:eb:80:7e:17:28:6d:
         75:fe:10:ea:41:87:26:a6:da:bc:71:93:c9:36:80:20:31:a3:
         b6:26:e2:60:bb:c4:6f:27:f7:46:7c:dc:9f:06:0c:1b:fa:36:
         b1:b6:f8:dc:73:ee:94:46:f7:2a:93:65:9c:d4:87:c0:27:e4:
         07:5d:16:0f:1b:55:d2:02:71:f7:00:5d:9b:31:8a:5d:8c:31:
         b9:84:06:cb:31:0b:01:7d:3c:01:bb:06:a8:7a:de:f9:51:05:
         84:41:41:c7:16:27:49:23:c5:e1:6a:45:02:4f:f4:65:99:b1:
         76:30:07:ea:e5:65:96:4c:5f:08:d5:d6:22:33:36:e2:95:00:
         64:4e:b4:62:17:5e:66:7a:65:c6:37:2d:26:9a:b2:79:5f:93:
         e3:62:b8:aa:e9:80:78:3e:57:43:f0:3c:30:e6:b1:41:7f:c8:
         39:ca:a2:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn769p2SqDlWxITeuGhaHdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjUxMDE5MTAwMjQxWhcNMjUxMDIwMTAwMjQxWjAzMTEwLwYDVQQD
Eyg2ODNkNzYxMDYzOGYyM2E1MGI4NTMyNWQ1MjdkYjc5Y2RiYzIxY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4EobXn4uOKGm3szQo3TPiSb+7iUm
UO9dZN/NjIaOfVUmkBlcUr6FTLzZfS4OBjkYFaARZY7GrPsuhBeuxc/KOD+qLQcx
4eTL4w/3zL0gp4XJVPIKvt66IBMCNpvCxwP3MtI7X+mWt4YV+Zt0QGyhJicdonAz
x7Ds8x4jTAGDDCx4TDNqjYUwY+3K7OiQaqRZhMpulWVISaMSGp5fkErPDVvbHsY6
IhYPA/588g9IDuXWNzYgOtTLI2xYSwz2/37b+h5fUME4iD0xNHqSORLB4n08rQjK
Y9LQ+En+A4V4Ch8sr0Wop8LSh4oz5wJnX2R1YKuQc4/7O6OJywHJ2jP0nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGg9dhBjjyOlC4UyXVJ9t5zbwhz0MB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArNPa/UJF
ONeoshtOoWn76lW43dxKmngxJi3F3VplNbMCMPInG2USeLO8aImLaSjxOstahSaE
NPnhemguer1WGB0LWRDPD54Pc82mqfzsqsnLqHw864B+Fyhtdf4Q6kGHJqbavHGT
yTaAIDGjtibiYLvEbyf3RnzcnwYMG/o2sbb43HPulEb3KpNlnNSHwCfkB10WDxtV
0gJx9wBdmzGKXYwxuYQGyzELAX08AbsGqHre+VEFhEFBxxYnSSPF4WpFAk/0ZZmx
djAH6uVllkxfCNXWIjM24pUAZE60YhdeZnplxjctJpqyeV+T42K4qumAeD5XQ/A8
MOaxQX/IOcqimQ==
-----END CERTIFICATE-----