Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
File:                     nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft (raw, json)
Hash identifier:          2lbaK1R6UgtuOLlSUHK9xG0XARPLUGh3E6fZ9nOtVYM=
Subject key identifier:   3A:3D:91:C2:0C:2A:DD:38:4E:F3:5C:5B:88:72:97:93:8C:1C:51:BC
Authority key identifier: 9D:76:50:E4:53:B9:8F:6F:4D:D3:33:63:3A:FF:AB:BA:2C:0C:8F:8A
Certificate issuer:       /CN=9d7650e453b98f6f4dd333633affabba2c0c8f8a
Certificate serial:       0199FFC7421CE12D848769E1ABF9CF8B55F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
Manifest number:          01B5
Signing time:             Mon 20 Oct 2025 04:01:12 +0000
Manifest this update:     Mon 20 Oct 2025 04:01:12 +0000
Manifest next update:     Tue 21 Oct 2025 04:01:12 +0000
Files and hashes:         1: nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl (hash: Y8jpbySroweUMfmG7UScErqmuUZAdzmJy7spGpcfiL0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 04:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:ff:c7:42:1c:e1:2d:84:87:69:e1:ab:f9:cf:8b:55:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d7650e453b98f6f4dd333633affabba2c0c8f8a
        Validity
            Not Before: Oct 20 04:01:12 2025 GMT
            Not After : Oct 21 04:01:12 2025 GMT
        Subject: CN=3a3d91c20c2add384ef35c5b887297938c1c51bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:d2:82:3d:eb:ae:f3:07:44:10:b6:2e:4a:30:
                    f0:51:99:19:0d:62:a9:14:5d:17:7b:6e:7a:10:77:
                    f3:3a:c1:59:29:9a:fa:72:1a:aa:e3:e1:bc:04:7e:
                    75:c7:de:ef:f0:c2:45:31:a3:74:c8:1b:87:5a:3f:
                    aa:0b:3a:1f:d9:97:3f:5a:65:1b:33:f2:2d:7a:81:
                    d8:49:3c:a8:ce:e3:a0:e3:ce:06:ec:03:7f:67:a6:
                    7a:4e:96:2f:3d:20:35:5d:e3:86:41:0c:5c:4c:3c:
                    e9:38:86:2a:5c:a7:f5:0b:89:0a:bd:2e:f3:9d:24:
                    0a:70:59:98:1f:9a:3f:37:2c:a8:d1:eb:ff:cb:b8:
                    0d:13:de:c5:6b:03:12:a3:3c:c2:90:df:95:5e:70:
                    72:dd:6f:43:76:7a:ce:d5:8e:5f:ce:15:1a:77:d9:
                    6a:56:0d:f6:4a:cd:06:17:72:71:02:17:3b:1d:b8:
                    50:e3:f9:9c:43:79:51:7e:12:1c:2f:0e:7c:85:90:
                    ef:2f:65:cb:a0:36:df:23:2a:83:d4:27:f3:17:0b:
                    50:4e:91:c9:0a:1a:97:64:63:10:0d:3c:b0:66:a0:
                    b9:d3:99:a8:3a:a6:f7:2b:2f:09:13:96:9f:fc:d7:
                    4f:42:e3:82:1e:a3:9d:68:bf:00:05:e4:04:a7:64:
                    09:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:3D:91:C2:0C:2A:DD:38:4E:F3:5C:5B:88:72:97:93:8C:1C:51:BC
            X509v3 Authority Key Identifier:
                keyid:9D:76:50:E4:53:B9:8F:6F:4D:D3:33:63:3A:FF:AB:BA:2C:0C:8F:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:2e:b0:52:f6:b8:be:1c:a4:0c:18:b0:cf:8c:a8:39:50:b7:
         35:d0:34:7f:ca:45:2e:14:6d:1b:65:94:9c:9b:b9:9a:8c:18:
         3a:a0:ba:18:bc:64:f3:63:43:76:be:f4:ed:fb:05:18:20:2d:
         c1:9b:0e:ce:8c:d9:77:fe:8a:88:e2:37:b8:9b:70:41:55:2e:
         66:f5:40:f2:38:44:29:b6:ed:a8:2e:46:cb:a1:94:ec:fe:09:
         e4:08:bc:50:06:06:d0:52:ac:79:8e:b6:29:08:d1:62:ee:80:
         78:4c:57:00:8a:a4:dc:2b:b5:5a:a6:63:91:26:64:da:42:1a:
         17:83:18:11:35:86:d9:dc:0a:8c:ef:ed:80:6e:56:19:6a:4c:
         60:af:b4:d5:0d:9b:c6:34:f0:cc:cc:3e:90:8f:fe:6d:e0:20:
         30:42:75:f8:24:3e:36:f8:ed:fb:09:48:8e:87:17:87:69:51:
         d3:03:7c:06:f0:7d:ee:af:41:ac:0b:73:b0:39:42:8f:2b:88:
         94:c8:47:99:12:ed:b2:f9:93:82:70:4c:a9:ba:e1:84:c7:50:
         d7:f0:5c:56:29:26:9c:ee:18:12:b2:d8:12:5a:ec:d0:eb:c6:
         74:90:f7:21:d7:4d:12:75:bf:34:53:f9:2f:7a:f9:b5:b0:a4:
         4d:f6:77:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x0Ic4S2Eh2nhq/nPi1XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNzY1MGU0NTNiOThmNmY0ZGQzMzM2MzNhZmZhYmJhMmMw
YzhmOGEwHhcNMjUxMDIwMDQwMTEyWhcNMjUxMDIxMDQwMTEyWjAzMTEwLwYDVQQD
EygzYTNkOTFjMjBjMmFkZDM4NGVmMzVjNWI4ODcyOTc5MzhjMWM1MWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49KCPeuu8wdEELYuSjDwUZkZDWKp
FF0Xe256EHfzOsFZKZr6chqq4+G8BH51x97v8MJFMaN0yBuHWj+qCzof2Zc/WmUb
M/IteoHYSTyozuOg484G7AN/Z6Z6TpYvPSA1XeOGQQxcTDzpOIYqXKf1C4kKvS7z
nSQKcFmYH5o/Nyyo0ev/y7gNE97FawMSozzCkN+VXnBy3W9DdnrO1Y5fzhUad9lq
Vg32Ss0GF3JxAhc7HbhQ4/mcQ3lRfhIcLw58hZDvL2XLoDbfIyqD1CfzFwtQTpHJ
ChqXZGMQDTywZqC505moOqb3Ky8JE5af/NdPQuOCHqOdaL8ABeQEp2QJ2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDo9kcIMKt04TvNcW4hyl5OMHFG8MB8GA1UdIwQY
MBaAFJ12UORTuY9vTdMzYzr/q7osDI+KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82YmZlNTMtODBjMy00YTM1LTllY2It
ZDI0MWY5ZWM1MDQxLzEvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82YmZlNTMtODBjMy00YTM1LTllY2ItZDI0MWY5ZWM1MDQx
LzEvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAky6wUva4
vhykDBiwz4yoOVC3NdA0f8pFLhRtG2WUnJu5mowYOqC6GLxk82NDdr707fsFGCAt
wZsOzozZd/6KiOI3uJtwQVUuZvVA8jhEKbbtqC5Gy6GU7P4J5Ai8UAYG0FKseY62
KQjRYu6AeExXAIqk3Cu1WqZjkSZk2kIaF4MYETWG2dwKjO/tgG5WGWpMYK+01Q2b
xjTwzMw+kI/+beAgMEJ1+CQ+Nvjt+wlIjocXh2lR0wN8BvB97q9BrAtzsDlCjyuI
lMhHmRLtsvmTgnBMqbrhhMdQ1/BcVikmnO4YErLYElrs0OvGdJD3IddNEnW/NFP5
L3r5tbCkTfZ3lQ==
-----END CERTIFICATE-----