Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          ubbii751XTdd0R4hInvw8vKh/bq1Fm66fyAHhleW6OA=
Subject key identifier:   74:D7:A1:4D:8C:3C:E6:83:EF:F4:FE:A8:36:65:88:F9:1F:4B:15:17
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       0199FC58E4DCEA7A5B9159FF95EC23FE5368
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0B44
Signing time:             Sun 19 Oct 2025 12:01:48 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:48 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:48 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: E3eCKAFLiE4FHsKa3O+PVyqeZpIYdKnX1mxBhpVtI2c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:e4:dc:ea:7a:5b:91:59:ff:95:ec:23:fe:53:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Oct 19 12:01:48 2025 GMT
            Not After : Oct 20 12:01:48 2025 GMT
        Subject: CN=74d7a14d8c3ce683eff4fea8366588f91f4b1517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:b5:8a:a2:50:02:a3:1f:49:48:1d:c1:4f:16:
                    b8:de:68:cf:16:e7:02:fa:25:97:49:0e:e9:ad:36:
                    9f:91:41:5b:3d:a5:8d:0c:14:66:71:b2:ca:ab:90:
                    df:ff:f5:99:12:ef:ad:28:9f:11:db:d9:35:97:ec:
                    98:51:4d:43:76:2c:b0:84:d7:75:39:93:c1:fc:d2:
                    b6:21:3b:2c:39:cd:4d:48:09:91:a4:d1:63:3b:de:
                    3b:ea:00:01:bb:da:f1:72:5f:ed:44:72:41:e9:67:
                    e3:92:71:7c:b9:96:fa:cd:bd:61:fa:5e:8b:6a:fb:
                    85:11:e1:9d:fe:33:f1:84:81:97:f5:e5:59:17:9c:
                    17:f4:aa:5c:58:39:c1:b9:73:16:ce:4d:ab:6c:a1:
                    53:49:c9:23:a2:d6:52:8f:a4:8a:6d:af:cf:be:e7:
                    00:dd:e8:aa:c4:33:29:27:a4:7c:0d:40:db:15:16:
                    cd:96:66:26:43:bf:f3:33:0b:26:ef:04:32:b9:f3:
                    a8:09:38:7c:7a:f5:9a:42:c0:e5:8c:21:e8:ac:be:
                    b2:59:b2:b9:6c:2c:53:fa:16:64:bc:5f:b9:2f:71:
                    bf:92:5d:74:fa:6c:7d:5a:c7:5c:65:59:e6:47:5a:
                    95:40:89:c5:e0:a7:61:3d:2f:20:7b:7b:f3:15:c5:
                    3f:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:D7:A1:4D:8C:3C:E6:83:EF:F4:FE:A8:36:65:88:F9:1F:4B:15:17
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:f6:da:bf:66:a2:77:69:d3:f7:a8:e0:02:fb:2b:9d:09:77:
         51:95:35:c3:54:2f:94:1b:f1:bb:f8:46:3a:90:df:44:7e:dc:
         db:35:18:b1:47:43:18:26:3b:f2:ca:32:8e:a0:e3:0d:ad:02:
         76:cd:8c:b2:62:bf:7d:df:65:77:6e:42:e0:97:e9:54:d8:51:
         31:dd:9e:f0:23:5b:2d:da:1e:e7:06:49:52:f0:74:98:eb:c2:
         b8:cd:20:6d:34:e1:e1:84:7b:a5:86:5f:bc:72:6e:ca:42:b5:
         7b:16:e8:2d:f4:4f:84:7c:f7:77:3b:2f:20:f5:7a:a4:b8:a6:
         f5:cf:f9:ad:88:77:84:b9:84:d2:7b:bf:68:68:99:66:c8:e2:
         48:0a:87:a9:37:22:fb:be:e0:1b:71:9d:9f:3b:3d:18:0d:68:
         9e:9f:49:71:8d:90:42:ba:90:e8:df:97:ca:10:79:e0:09:4b:
         06:83:47:95:a8:dc:73:f7:7e:b9:5a:5f:2e:96:6b:23:2a:ac:
         b1:58:0c:cc:52:af:52:29:6f:2e:84:14:c5:71:49:84:50:de:
         4c:73:12:e2:24:55:c5:8d:39:fa:6d:bb:0d:95:5f:16:d4:20:
         5a:a9:fa:a0:58:8c:c8:7d:85:d0:71:11:c1:31:4e:95:89:9e:
         e5:6a:78:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WOTc6npbkVn/lewj/lNoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjUxMDE5MTIwMTQ4WhcNMjUxMDIwMTIwMTQ4WjAzMTEwLwYDVQQD
Eyg3NGQ3YTE0ZDhjM2NlNjgzZWZmNGZlYTgzNjY1ODhmOTFmNGIxNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLWKolACox9JSB3BTxa43mjPFucC
+iWXSQ7prTafkUFbPaWNDBRmcbLKq5Df//WZEu+tKJ8R29k1l+yYUU1DdiywhNd1
OZPB/NK2ITssOc1NSAmRpNFjO9476gABu9rxcl/tRHJB6WfjknF8uZb6zb1h+l6L
avuFEeGd/jPxhIGX9eVZF5wX9KpcWDnBuXMWzk2rbKFTSckjotZSj6SKba/PvucA
3eiqxDMpJ6R8DUDbFRbNlmYmQ7/zMwsm7wQyufOoCTh8evWaQsDljCHorL6yWbK5
bCxT+hZkvF+5L3G/kl10+mx9WsdcZVnmR1qVQInF4KdhPS8ge3vzFcU//wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHTXoU2MPOaD7/T+qDZliPkfSxUXMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYfbav2ai
d2nT96jgAvsrnQl3UZU1w1QvlBvxu/hGOpDfRH7c2zUYsUdDGCY78soyjqDjDa0C
ds2MsmK/fd9ld25C4JfpVNhRMd2e8CNbLdoe5wZJUvB0mOvCuM0gbTTh4YR7pYZf
vHJuykK1exboLfRPhHz3dzsvIPV6pLim9c/5rYh3hLmE0nu/aGiZZsjiSAqHqTci
+77gG3Gdnzs9GA1onp9JcY2QQrqQ6N+XyhB54AlLBoNHlajcc/d+uVpfLpZrIyqs
sVgMzFKvUilvLoQUxXFJhFDeTHMS4iRVxY05+m27DZVfFtQgWqn6oFiMyH2F0HER
wTFOlYme5Wp4iA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:14:50 2025 by rpki-client