Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          1hX4AcoQru+VnyJ2EPdZ2IWyEFC1qvweIfLCI3ZxN3A=
Subject key identifier:   D8:B4:DC:FA:0F:79:66:E4:F2:1F:02:58:02:A3:9A:B4:6F:0A:04:F6
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       0199FBEB6CB5B4474BDC464AEC8B05F756C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          0EF0
Signing time:             Sun 19 Oct 2025 10:02:13 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:13 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:13 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: /y1avgiB73tXgBNaUA2UF9lo5lbnD4xSIVcvp8qxkWo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:02:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:6c:b5:b4:47:4b:dc:46:4a:ec:8b:05:f7:56:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Oct 19 10:02:13 2025 GMT
            Not After : Oct 20 10:02:13 2025 GMT
        Subject: CN=d8b4dcfa0f7966e4f21f025802a39ab46f0a04f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:55:ee:27:71:4e:21:51:aa:58:9d:00:c9:8a:
                    0e:6b:46:7a:d4:86:18:f5:74:0c:28:fa:a0:5e:b2:
                    a0:ac:d4:a9:29:7a:02:97:2e:c4:7d:7f:eb:e7:e6:
                    64:59:56:30:67:42:e4:05:a7:f4:7c:7f:f4:96:25:
                    bf:51:2e:08:6b:99:0e:f7:05:e2:bd:14:33:68:d6:
                    fe:5d:94:06:f8:64:6a:4c:43:b1:eb:3c:1f:d8:9e:
                    0a:ab:cb:63:4d:08:99:de:f9:d2:ca:d8:03:42:e3:
                    2d:18:e3:28:7f:ba:92:42:d1:71:86:65:7a:e9:80:
                    4c:06:c0:ea:16:8b:b2:0e:ab:7a:48:f1:91:d5:30:
                    f6:b0:d5:53:ff:74:a9:3c:b1:a7:07:6b:b3:ae:b0:
                    b1:ba:f4:8d:1b:ae:0f:b4:6f:94:a5:cb:f8:15:13:
                    8d:79:a4:41:59:91:bc:5c:68:3a:64:55:34:2a:4c:
                    6d:49:d8:e7:fb:bd:21:ac:90:18:e5:79:21:77:df:
                    60:d2:92:12:66:df:18:de:21:7e:cc:91:5f:fc:ec:
                    6c:c6:68:ed:3a:0e:c6:0d:7a:70:50:ef:13:7a:1e:
                    c1:e1:1c:4c:5e:7c:12:9e:8f:f9:c8:df:24:5a:f9:
                    ee:5e:a0:96:bc:aa:dd:d1:f3:7d:88:14:ff:f5:69:
                    18:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:B4:DC:FA:0F:79:66:E4:F2:1F:02:58:02:A3:9A:B4:6F:0A:04:F6
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:bb:0e:13:72:f7:b4:39:07:f2:3e:c0:a1:6c:0d:57:4d:00:
         c2:d3:db:98:4c:e0:62:9f:e2:df:00:e1:5e:12:76:96:48:5e:
         d1:89:2c:1b:f3:64:43:d9:b5:5a:11:e8:50:68:61:01:aa:fd:
         6c:e0:f9:bc:14:8b:c9:0f:dc:47:b3:2f:90:82:a2:f3:77:16:
         a2:b6:69:93:2c:8b:f2:0c:f3:84:17:49:db:ca:bd:72:4b:ad:
         7f:08:51:46:73:2f:a6:55:64:65:fc:1a:e9:d7:0d:93:b4:74:
         cc:d7:b9:af:ba:3c:fd:6a:b0:a7:b6:e8:c0:47:66:46:fd:70:
         ad:88:80:1a:a5:5d:7d:38:2f:ab:c5:a2:28:30:99:fb:5e:7b:
         31:3a:98:78:34:89:5a:3a:17:c4:68:08:34:a0:b4:2c:fd:32:
         b5:f4:83:fa:82:39:09:ab:c2:5d:f4:24:15:83:03:09:59:ba:
         d8:87:e6:29:68:c8:04:76:96:4c:5d:61:83:dd:10:d6:db:61:
         9a:f2:2e:32:cd:8b:18:01:9b:9c:bd:79:5c:77:ae:0c:e7:aa:
         ac:6e:42:c8:39:c0:83:44:3d:16:5f:79:cd:07:d5:da:ca:04:
         c6:a4:43:e9:84:8a:95:a1:32:86:34:3d:0f:da:e5:d8:dc:94:
         3b:01:db:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn762y1tEdL3EZK7IsF91bCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjUxMDE5MTAwMjEzWhcNMjUxMDIwMTAwMjEzWjAzMTEwLwYDVQQD
EyhkOGI0ZGNmYTBmNzk2NmU0ZjIxZjAyNTgwMmEzOWFiNDZmMGEwNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVXuJ3FOIVGqWJ0AyYoOa0Z61IYY
9XQMKPqgXrKgrNSpKXoCly7EfX/r5+ZkWVYwZ0LkBaf0fH/0liW/US4Ia5kO9wXi
vRQzaNb+XZQG+GRqTEOx6zwf2J4Kq8tjTQiZ3vnSytgDQuMtGOMof7qSQtFxhmV6
6YBMBsDqFouyDqt6SPGR1TD2sNVT/3SpPLGnB2uzrrCxuvSNG64PtG+Upcv4FRON
eaRBWZG8XGg6ZFU0KkxtSdjn+70hrJAY5Xkhd99g0pISZt8Y3iF+zJFf/Oxsxmjt
Og7GDXpwUO8Teh7B4RxMXnwSno/5yN8kWvnuXqCWvKrd0fN9iBT/9WkYrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNi03PoPeWbk8h8CWAKjmrRvCgT2MB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaLsOE3L3
tDkH8j7AoWwNV00AwtPbmEzgYp/i3wDhXhJ2lkhe0YksG/NkQ9m1WhHoUGhhAar9
bOD5vBSLyQ/cR7MvkIKi83cWorZpkyyL8gzzhBdJ28q9ckutfwhRRnMvplVkZfwa
6dcNk7R0zNe5r7o8/Wqwp7bowEdmRv1wrYiAGqVdfTgvq8WiKDCZ+157MTqYeDSJ
WjoXxGgINKC0LP0ytfSD+oI5CavCXfQkFYMDCVm62IfmKWjIBHaWTF1hg90Q1tth
mvIuMs2LGAGbnL15XHeuDOeqrG5CyDnAg0Q9Fl95zQfV2soExqRD6YSKlaEyhjQ9
D9rl2NyUOwHbsA==
-----END CERTIFICATE-----