Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
File:                     NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft (raw, json)
Hash identifier:          nQo+fg98mig/m+odIJ+3P0JgJujiT8nb9O4XZA4OslA=
Subject key identifier:   7D:D3:C2:92:7B:E1:2C:F9:F7:2A:A1:39:25:FE:5D:4F:E0:A5:E3:8C
Authority key identifier: 36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57
Certificate issuer:       /CN=36d8c1a73b1595109d26067b4291f71dc1db9957
Certificate serial:       019A00A35CC0E759A51957E0AD4F7BBC3E00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
Manifest number:          10F0
Signing time:             Mon 20 Oct 2025 08:01:37 +0000
Manifest this update:     Mon 20 Oct 2025 08:01:37 +0000
Manifest next update:     Tue 21 Oct 2025 08:01:37 +0000
Files and hashes:         1: NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl (hash: wPaT6HKWKS9CIS4Dy5+7FHZI8JECQlgRn/qNF38+Jts=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 08:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:a3:5c:c0:e7:59:a5:19:57:e0:ad:4f:7b:bc:3e:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36d8c1a73b1595109d26067b4291f71dc1db9957
        Validity
            Not Before: Oct 20 08:01:37 2025 GMT
            Not After : Oct 21 08:01:37 2025 GMT
        Subject: CN=7dd3c2927be12cf9f72aa13925fe5d4fe0a5e38c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:37:51:74:95:82:db:f5:20:06:ae:89:33:03:
                    d8:9d:fa:6d:7c:00:11:c7:c7:3b:36:66:ae:4f:50:
                    f9:cf:16:2e:9d:c5:80:3c:ca:fc:fc:9b:75:3c:a9:
                    8e:38:ab:6a:04:62:c8:23:58:9a:1a:db:43:88:7a:
                    f9:72:28:7d:30:c3:52:84:7d:6b:b1:41:c6:ed:50:
                    08:4d:f0:c6:d0:fb:2d:ab:59:80:e0:f9:64:10:fb:
                    a3:98:bc:bd:32:d0:67:19:ca:b4:b8:22:08:4d:13:
                    b6:da:19:54:8d:c0:c5:05:9d:8a:d2:be:e2:30:37:
                    2a:59:93:ab:00:c0:cb:8f:d2:2d:13:0f:32:37:54:
                    38:6d:4b:66:ad:b4:2a:c2:fd:c4:3e:c5:0a:08:14:
                    b2:ce:11:a4:d6:ef:1f:31:8b:5c:da:d7:12:e6:3b:
                    1e:a3:f3:af:3d:20:61:1a:81:5c:05:80:cd:b8:cd:
                    aa:07:fa:94:5f:3f:2b:b9:8a:6f:a6:0a:18:0a:cf:
                    60:cd:f6:2d:e1:5a:e9:52:96:62:7c:62:7b:81:5d:
                    f8:4e:5d:c1:56:60:08:97:43:db:1e:d2:6c:1f:ee:
                    80:df:f3:3d:92:9c:ca:4d:ec:b0:6e:43:5e:6c:e4:
                    98:78:75:79:69:26:ce:67:6e:b5:90:48:a6:b3:f3:
                    e4:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:D3:C2:92:7B:E1:2C:F9:F7:2A:A1:39:25:FE:5D:4F:E0:A5:E3:8C
            X509v3 Authority Key Identifier:
                keyid:36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:c0:41:13:de:9b:32:c8:2b:da:98:77:d4:14:c8:e2:0a:7a:
         3a:9e:0c:b3:e5:d9:33:ce:e8:57:1b:aa:4e:d8:29:77:d7:17:
         9c:9d:11:4f:12:85:0b:80:b4:8f:04:6c:3e:b4:08:53:83:74:
         87:32:15:74:51:59:a6:32:01:44:8d:4b:f6:36:97:37:eb:0c:
         1c:10:85:6d:af:1e:31:2d:18:56:01:ff:60:33:12:97:7e:86:
         72:f3:03:40:5d:a6:50:56:d5:8c:e3:f6:5f:e9:1d:08:e9:e4:
         a7:f5:03:29:50:86:5e:b8:d3:b2:d6:ff:cd:5a:d6:0b:ef:5f:
         af:83:14:d2:2f:f3:37:10:2d:8f:2a:c6:57:15:c0:8e:4b:0b:
         2d:ce:90:89:a3:cc:4d:29:93:a5:bb:3f:96:2a:f8:c7:6f:89:
         5c:80:84:5a:bb:ce:98:dd:77:fb:aa:c2:b1:60:5d:42:0c:de:
         f7:7c:00:cf:5a:99:75:7f:1c:18:d8:a6:5e:02:64:4b:bd:86:
         1f:cc:06:c3:b9:2a:a6:c4:2f:47:18:ce:7d:4e:b6:ce:dd:c8:
         ef:27:0d:35:bc:b9:b4:cf:84:b0:28:d7:e0:87:78:12:af:81:
         b3:20:bc:db:e4:9a:7e:f0:a1:38:32:90:f8:dc:b3:0c:3c:88:
         10:ba:4a:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAo1zA51mlGVfgrU97vD4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZDhjMWE3M2IxNTk1MTA5ZDI2MDY3YjQyOTFmNzFkYzFk
Yjk5NTcwHhcNMjUxMDIwMDgwMTM3WhcNMjUxMDIxMDgwMTM3WjAzMTEwLwYDVQQD
Eyg3ZGQzYzI5MjdiZTEyY2Y5ZjcyYWExMzkyNWZlNWQ0ZmUwYTVlMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTdRdJWC2/UgBq6JMwPYnfptfAAR
x8c7NmauT1D5zxYuncWAPMr8/Jt1PKmOOKtqBGLII1iaGttDiHr5cih9MMNShH1r
sUHG7VAITfDG0Pstq1mA4PlkEPujmLy9MtBnGcq0uCIITRO22hlUjcDFBZ2K0r7i
MDcqWZOrAMDLj9ItEw8yN1Q4bUtmrbQqwv3EPsUKCBSyzhGk1u8fMYtc2tcS5jse
o/OvPSBhGoFcBYDNuM2qB/qUXz8ruYpvpgoYCs9gzfYt4VrpUpZifGJ7gV34Tl3B
VmAIl0PbHtJsH+6A3/M9kpzKTeywbkNebOSYeHV5aSbOZ261kEims/PkrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3TwpJ74Sz59yqhOSX+XU/gpeOMMB8GA1UdIwQY
MBaAFDbYwac7FZUQnSYGe0KR9x3B25lXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgt
ZjYxZWM4NWQwZjU3LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgtZjYxZWM4NWQwZjU3
LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFcBBE96b
Msgr2ph31BTI4gp6Op4Ms+XZM87oVxuqTtgpd9cXnJ0RTxKFC4C0jwRsPrQIU4N0
hzIVdFFZpjIBRI1L9jaXN+sMHBCFba8eMS0YVgH/YDMSl36GcvMDQF2mUFbVjOP2
X+kdCOnkp/UDKVCGXrjTstb/zVrWC+9fr4MU0i/zNxAtjyrGVxXAjksLLc6QiaPM
TSmTpbs/lir4x2+JXICEWrvOmN13+6rCsWBdQgze93wAz1qZdX8cGNimXgJkS72G
H8wGw7kqpsQvRxjOfU62zt3I7ycNNby5tM+EsCjX4Id4Eq+BsyC82+SafvChODKQ
+NyzDDyIELpKwA==
-----END CERTIFICATE-----