Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          OmHBjZ6TVHhXU/jGb6HFmfc6OqhNFFHqffA41KFUkFQ=
Subject key identifier:   42:9D:93:47:D0:2E:07:7F:4C:7E:2A:2A:30:CE:10:4B:2F:C2:44:5E
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       0199FDD9C68E71FB39C99A0E86CB0F0AD5C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          16DD
Signing time:             Sun 19 Oct 2025 19:02:11 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:11 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:11 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: fzL5kZSAkp1UcBmTjmq0eNYBS8rc5Z3CoSdSYIbl+Sc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:d9:c6:8e:71:fb:39:c9:9a:0e:86:cb:0f:0a:d5:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Oct 19 19:02:11 2025 GMT
            Not After : Oct 20 19:02:11 2025 GMT
        Subject: CN=429d9347d02e077f4c7e2a2a30ce104b2fc2445e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:27:08:5c:c2:0c:1b:33:3d:f0:15:6a:7d:49:
                    b4:0a:c3:24:76:39:05:fa:c3:a6:16:d4:6b:3a:73:
                    2c:3c:22:34:6d:8d:b3:7f:ba:cd:cb:20:01:01:9f:
                    d3:5b:14:44:6e:c9:d9:aa:c8:9d:71:ab:93:42:2f:
                    e8:68:6f:4c:02:77:95:a5:12:5a:32:75:6a:d7:5e:
                    cb:23:66:47:df:81:eb:28:5b:22:92:bb:97:0c:25:
                    4b:02:10:6a:45:c1:9b:31:00:d5:49:bb:a8:3b:ed:
                    8e:10:e1:8e:f3:79:3e:29:ff:73:29:00:4b:5f:66:
                    1c:44:89:57:fc:16:c9:23:70:fb:ee:38:c4:55:04:
                    29:3d:99:a4:60:47:e4:b0:09:b8:5f:2b:4c:f4:cf:
                    04:10:53:6c:55:76:02:68:be:63:06:2a:8e:70:f9:
                    53:ac:c2:c4:6f:b9:de:2e:10:ff:41:1c:db:86:58:
                    82:a5:97:6d:e1:80:d7:2a:59:e8:9b:a0:68:5c:02:
                    8d:13:96:ea:a9:75:30:2e:77:dc:d6:65:22:10:0a:
                    6d:95:8a:c6:aa:c5:d8:70:a1:f8:5a:e4:bd:7b:bf:
                    37:97:2e:2f:39:79:e6:76:4b:36:98:77:82:00:fe:
                    56:82:e5:24:bd:d1:23:18:10:a2:ce:29:ce:a6:47:
                    39:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:9D:93:47:D0:2E:07:7F:4C:7E:2A:2A:30:CE:10:4B:2F:C2:44:5E
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:91:69:da:9d:f1:5f:68:c4:7a:79:c6:d5:db:2d:e5:a6:22:
         f1:a8:85:8a:d6:fd:90:d1:55:b1:a3:9a:6b:6d:ea:ab:60:ce:
         dc:50:b4:3e:f2:66:d3:03:fd:58:d6:10:54:e1:40:da:40:74:
         a3:4c:2b:5b:21:88:1b:a8:f3:84:d9:19:cd:65:c4:fc:19:aa:
         86:f9:ca:88:c3:98:8f:cc:92:db:03:a3:df:a3:f6:4a:05:32:
         5c:71:0c:20:38:d9:ed:9f:47:78:29:44:ac:83:92:13:53:d7:
         1d:bb:01:78:93:54:e4:be:c7:c1:02:68:07:4c:f6:ea:d2:4c:
         6a:d5:46:45:2e:b5:a9:ac:dd:b9:8a:aa:a7:28:db:5f:04:a2:
         d3:9c:45:6f:09:c0:19:50:cc:b9:3d:44:21:2d:c3:05:67:f5:
         1a:8d:48:da:2d:c2:51:7c:68:25:9c:46:19:b0:5f:6f:f8:19:
         8c:b8:e3:23:87:12:26:f4:58:dc:25:06:f9:ba:02:23:b9:5b:
         7b:d3:3b:78:77:c5:7e:fb:d1:ae:bb:0b:07:f7:f7:89:1e:b5:
         ca:44:a1:4b:09:df:e8:3a:ca:1d:d9:07:f8:d6:88:cf:ab:2c:
         71:95:39:dd:aa:94:3f:d6:f3:20:be:fa:85:5d:f6:6f:88:ad:
         50:20:df:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92caOcfs5yZoOhssPCtXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjUxMDE5MTkwMjExWhcNMjUxMDIwMTkwMjExWjAzMTEwLwYDVQQD
Eyg0MjlkOTM0N2QwMmUwNzdmNGM3ZTJhMmEzMGNlMTA0YjJmYzI0NDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyycIXMIMGzM98BVqfUm0CsMkdjkF
+sOmFtRrOnMsPCI0bY2zf7rNyyABAZ/TWxREbsnZqsidcauTQi/oaG9MAneVpRJa
MnVq117LI2ZH34HrKFsikruXDCVLAhBqRcGbMQDVSbuoO+2OEOGO83k+Kf9zKQBL
X2YcRIlX/BbJI3D77jjEVQQpPZmkYEfksAm4XytM9M8EEFNsVXYCaL5jBiqOcPlT
rMLEb7neLhD/QRzbhliCpZdt4YDXKlnom6BoXAKNE5bqqXUwLnfc1mUiEAptlYrG
qsXYcKH4WuS9e783ly4vOXnmdks2mHeCAP5WguUkvdEjGBCizinOpkc5eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKdk0fQLgd/TH4qKjDOEEsvwkReMB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5Fp2p3x
X2jEennG1dst5aYi8aiFitb9kNFVsaOaa23qq2DO3FC0PvJm0wP9WNYQVOFA2kB0
o0wrWyGIG6jzhNkZzWXE/BmqhvnKiMOYj8yS2wOj36P2SgUyXHEMIDjZ7Z9HeClE
rIOSE1PXHbsBeJNU5L7HwQJoB0z26tJMatVGRS61qazduYqqpyjbXwSi05xFbwnA
GVDMuT1EIS3DBWf1Go1I2i3CUXxoJZxGGbBfb/gZjLjjI4cSJvRY3CUG+boCI7lb
e9M7eHfFfvvRrrsLB/f3iR61ykShSwnf6DrKHdkH+NaIz6sscZU53aqUP9bzIL76
hV32b4itUCDf8Q==
-----END CERTIFICATE-----