Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
File:                     ndVRnFTz4jtOEhKogIM58pXaSzQ.mft (raw, json)
Hash identifier:          NhhsTHEsbn5YQjI8flmX5qSGAY731DUwNiLQ1KJfbKo=
Subject key identifier:   F1:5D:DB:27:70:2A:67:FA:86:C5:1F:4E:E3:AF:55:A7:2C:D8:2D:28
Authority key identifier: 9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34
Certificate issuer:       /CN=9dd5519c54f3e23b4e1212a8808339f295da4b34
Certificate serial:       0199FE7DE80B727B44250F0AE1010301070C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
Manifest number:          16E0
Signing time:             Sun 19 Oct 2025 22:01:28 +0000
Manifest this update:     Sun 19 Oct 2025 22:01:28 +0000
Manifest next update:     Mon 20 Oct 2025 22:01:28 +0000
Files and hashes:         1: ndVRnFTz4jtOEhKogIM58pXaSzQ.crl (hash: 0GP20WMHV5rmHjQL9NC0DIxmag0pkJVQHdM1GJIA0Hs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 15:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fe:7d:e8:0b:72:7b:44:25:0f:0a:e1:01:03:01:07:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dd5519c54f3e23b4e1212a8808339f295da4b34
        Validity
            Not Before: Oct 19 22:01:28 2025 GMT
            Not After : Oct 20 22:01:28 2025 GMT
        Subject: CN=f15ddb27702a67fa86c51f4ee3af55a72cd82d28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:18:c2:23:60:02:b5:1e:2e:77:32:61:c4:40:
                    2f:5c:ac:16:3c:aa:80:10:3d:6f:78:9e:09:ac:14:
                    1d:2f:55:2c:b2:2d:b6:5a:b1:87:29:c6:93:d0:31:
                    bd:99:e3:6e:a0:7b:58:f3:9b:59:71:e2:57:a9:80:
                    7e:35:29:d2:58:e5:43:a2:73:09:85:7b:6f:58:0e:
                    cd:8c:3a:72:54:ff:a8:0d:0f:82:6f:47:ce:51:69:
                    14:17:3a:8b:f7:3c:95:05:14:11:3e:89:2a:88:f4:
                    94:77:d4:4d:8d:82:02:3c:6d:18:0e:ea:ba:79:69:
                    43:8a:74:ec:74:2f:75:22:15:1e:df:0f:5c:7d:32:
                    9c:a4:a2:8f:8f:4c:06:ed:a3:0f:ae:d0:27:82:43:
                    88:62:ca:c5:c7:36:f9:5d:6f:74:d7:60:fc:16:5f:
                    b9:bf:9e:b9:5a:16:56:2a:1e:c0:15:5c:51:3a:cf:
                    5b:31:71:04:4c:38:0f:ff:71:08:1b:b4:bd:52:d2:
                    3e:9b:aa:cb:27:eb:94:52:4f:72:4b:98:6c:ae:bd:
                    6b:63:0d:48:ce:3c:ea:54:7d:df:3e:bc:19:b7:e6:
                    e2:e4:dc:01:91:b0:b2:46:0a:8a:91:ea:15:c0:04:
                    d0:21:df:5a:e3:15:d1:0e:f0:6f:b0:93:c0:ab:ab:
                    a3:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:5D:DB:27:70:2A:67:FA:86:C5:1F:4E:E3:AF:55:A7:2C:D8:2D:28
            X509v3 Authority Key Identifier:
                keyid:9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:ee:79:ab:bf:8b:0c:ef:67:aa:7f:31:b9:32:73:37:95:5e:
         b5:3f:3f:13:f3:fe:3b:57:c0:30:83:45:d4:8a:c7:2e:a3:aa:
         a9:32:73:34:94:d0:76:d2:f2:2c:53:bc:3b:b6:38:ff:8d:af:
         fe:38:2f:fc:f9:6d:6b:1e:43:d8:be:fa:c4:21:5c:d5:66:e9:
         ab:5e:0e:81:3d:25:35:a0:7f:92:21:90:0c:d0:29:1f:8a:31:
         ea:22:20:f8:a5:b6:0b:58:76:51:0e:c1:4a:a3:ff:37:36:11:
         9e:18:47:62:9e:a1:89:03:3b:9c:31:7e:a1:8e:18:8d:b5:ad:
         34:b0:26:11:a6:f5:d3:99:b3:0c:88:5f:7f:69:bf:74:18:17:
         f3:5d:d3:cf:15:6e:c7:5a:ca:88:a6:34:b7:88:a3:81:e4:86:
         3b:71:95:11:fe:93:5a:49:6b:c5:d7:1c:1f:42:3a:88:c8:41:
         b5:73:4c:06:ea:dc:76:26:ac:eb:52:b6:1e:78:27:ce:b4:9e:
         67:e2:13:73:e3:46:c8:f5:db:96:8f:a6:95:44:9c:cd:b1:90:
         22:09:38:10:ff:a3:97:25:71:d3:74:f4:e3:41:c8:6b:8f:56:
         5c:9e:52:fb:db:6a:ff:c4:75:ed:b6:ec:88:b5:3d:dc:39:c2:
         5d:8b:60:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+fegLcntEJQ8K4QEDAQcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZDU1MTljNTRmM2UyM2I0ZTEyMTJhODgwODMzOWYyOTVk
YTRiMzQwHhcNMjUxMDE5MjIwMTI4WhcNMjUxMDIwMjIwMTI4WjAzMTEwLwYDVQQD
EyhmMTVkZGIyNzcwMmE2N2ZhODZjNTFmNGVlM2FmNTVhNzJjZDgyZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxjCI2ACtR4udzJhxEAvXKwWPKqA
ED1veJ4JrBQdL1Ussi22WrGHKcaT0DG9meNuoHtY85tZceJXqYB+NSnSWOVDonMJ
hXtvWA7NjDpyVP+oDQ+Cb0fOUWkUFzqL9zyVBRQRPokqiPSUd9RNjYICPG0YDuq6
eWlDinTsdC91IhUe3w9cfTKcpKKPj0wG7aMPrtAngkOIYsrFxzb5XW9012D8Fl+5
v565WhZWKh7AFVxROs9bMXEETDgP/3EIG7S9UtI+m6rLJ+uUUk9yS5hsrr1rYw1I
zjzqVH3fPrwZt+bi5NwBkbCyRgqKkeoVwATQId9a4xXRDvBvsJPAq6uj0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFd2ydwKmf6hsUfTuOvVacs2C0oMB8GA1UdIwQY
MBaAFJ3VUZxU8+I7ThISqICDOfKV2ks0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYt
OGY4YTc3MTE3MTdmLzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYtOGY4YTc3MTE3MTdm
LzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX+55q7+L
DO9nqn8xuTJzN5VetT8/E/P+O1fAMINF1IrHLqOqqTJzNJTQdtLyLFO8O7Y4/42v
/jgv/Pltax5D2L76xCFc1Wbpq14OgT0lNaB/kiGQDNApH4ox6iIg+KW2C1h2UQ7B
SqP/NzYRnhhHYp6hiQM7nDF+oY4YjbWtNLAmEab105mzDIhff2m/dBgX813TzxVu
x1rKiKY0t4ijgeSGO3GVEf6TWklrxdccH0I6iMhBtXNMBurcdias61K2HngnzrSe
Z+ITc+NGyPXblo+mlUSczbGQIgk4EP+jlyVx03T040HIa49WXJ5S+9tq/8R17bbs
iLU93DnCXYtggg==
-----END CERTIFICATE-----