Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          iF+YwLUDSbEByTJ3ZBzBFHTg3J3sh8p63anICID/xYA=
Subject key identifier:   7D:5C:5E:51:87:B6:79:73:4B:16:F7:6C:80:A8:5C:94:EB:A2:DB:E5
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       0199FDDA511347E0A8597285DA180A31A40E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          16DE
Signing time:             Sun 19 Oct 2025 19:02:47 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:47 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:47 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: prx8sLQ5tOt+lKTP+7vyuWj6y1xdhowI7ataIi7XCjA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 19:02:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:51:13:47:e0:a8:59:72:85:da:18:0a:31:a4:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Oct 19 19:02:47 2025 GMT
            Not After : Oct 20 19:02:47 2025 GMT
        Subject: CN=7d5c5e5187b679734b16f76c80a85c94eba2dbe5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fd:57:ff:a4:eb:ba:9a:9d:f5:de:a7:07:96:
                    bb:6a:a7:99:32:bd:94:c7:fc:2c:e7:1e:14:b3:4d:
                    3a:75:22:ac:e1:46:88:d4:81:03:74:96:ac:1a:e5:
                    d0:5b:36:da:96:01:21:ca:13:44:41:31:f1:3a:75:
                    5a:01:49:a1:07:1a:51:72:8b:ac:24:e0:fb:66:87:
                    cd:20:03:52:d8:69:29:3e:3e:7b:34:2a:79:c8:86:
                    65:13:13:43:75:74:08:99:08:e6:97:9a:20:6d:ca:
                    a5:9e:a0:1e:e9:66:05:e3:6f:09:b4:ce:5a:09:cc:
                    6b:8d:d3:79:af:85:36:8a:fb:10:0c:a7:05:97:f9:
                    18:dc:91:ff:cf:91:1d:a7:30:4e:21:57:6a:a0:a6:
                    04:60:f7:af:b2:b5:1a:43:71:1f:97:ba:15:1b:2e:
                    36:dc:1c:42:46:ea:f2:67:eb:6a:91:c1:b4:14:8b:
                    8e:96:bc:4d:b6:18:5b:3e:e2:2b:df:13:97:ab:ce:
                    dd:6e:54:57:53:b0:3b:59:ea:c0:0b:97:49:33:5a:
                    b0:17:ea:43:cf:55:6f:04:62:c1:65:2f:28:13:c2:
                    28:53:67:60:b8:fd:c3:53:4d:4a:5b:fd:8f:ce:e9:
                    c9:3c:d2:b4:86:cf:77:91:1f:5f:07:dc:4b:48:bb:
                    75:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:5C:5E:51:87:B6:79:73:4B:16:F7:6C:80:A8:5C:94:EB:A2:DB:E5
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:6c:75:c3:a0:7b:32:9b:49:d2:fc:48:08:b8:09:74:22:ab:
         d0:de:97:52:5d:58:b9:de:51:09:14:e0:e5:ff:aa:f3:8d:bc:
         1c:eb:74:b9:46:78:73:fb:6e:51:e5:f5:84:cd:4f:0c:28:c7:
         9b:10:b1:4c:e4:f7:3f:31:d6:01:90:91:d3:aa:52:dd:d7:5b:
         d9:be:eb:cc:07:12:98:87:ec:19:4b:a5:bb:df:aa:4b:cd:b4:
         4b:7b:83:ef:99:58:1a:66:37:13:b2:12:6e:de:84:f1:48:8a:
         de:04:af:ab:b5:d4:33:76:3c:73:7e:ee:60:11:d0:b4:d1:e5:
         9b:ab:b1:47:f0:39:eb:7c:2d:66:49:e4:53:88:6d:58:bd:fd:
         61:f8:b2:3f:bf:95:d2:60:92:70:35:26:d0:8a:15:98:37:db:
         53:f3:07:f4:78:2b:aa:d0:6c:1a:c6:08:80:98:c7:d4:6f:95:
         5d:0d:1f:db:fd:80:49:62:12:b0:29:9f:0d:4c:38:fa:79:1a:
         c5:f6:16:fc:28:17:43:86:0c:d1:e1:96:94:46:dd:73:cc:e3:
         2c:7b:67:90:3f:ab:fa:c8:67:5e:8e:04:23:fe:5d:97:5f:8b:
         45:47:53:9f:09:b8:5f:7e:41:71:24:0b:26:f7:ca:d5:4d:ad:
         4a:1b:a4:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92lETR+CoWXKF2hgKMaQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjUxMDE5MTkwMjQ3WhcNMjUxMDIwMTkwMjQ3WjAzMTEwLwYDVQQD
Eyg3ZDVjNWU1MTg3YjY3OTczNGIxNmY3NmM4MGE4NWM5NGViYTJkYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/1X/6Trupqd9d6nB5a7aqeZMr2U
x/ws5x4Us006dSKs4UaI1IEDdJasGuXQWzbalgEhyhNEQTHxOnVaAUmhBxpRcous
JOD7ZofNIANS2GkpPj57NCp5yIZlExNDdXQImQjml5ogbcqlnqAe6WYF428JtM5a
CcxrjdN5r4U2ivsQDKcFl/kY3JH/z5EdpzBOIVdqoKYEYPevsrUaQ3Efl7oVGy42
3BxCRuryZ+tqkcG0FIuOlrxNthhbPuIr3xOXq87dblRXU7A7WerAC5dJM1qwF+pD
z1VvBGLBZS8oE8IoU2dguP3DU01KW/2PzunJPNK0hs93kR9fB9xLSLt1SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH1cXlGHtnlzSxb3bICoXJTrotvlMB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeWx1w6B7
MptJ0vxICLgJdCKr0N6XUl1Yud5RCRTg5f+q8428HOt0uUZ4c/tuUeX1hM1PDCjH
mxCxTOT3PzHWAZCR06pS3ddb2b7rzAcSmIfsGUulu9+qS820S3uD75lYGmY3E7IS
bt6E8UiK3gSvq7XUM3Y8c37uYBHQtNHlm6uxR/A563wtZknkU4htWL39YfiyP7+V
0mCScDUm0IoVmDfbU/MH9HgrqtBsGsYIgJjH1G+VXQ0f2/2ASWISsCmfDUw4+nka
xfYW/CgXQ4YM0eGWlEbdc8zjLHtnkD+r+shnXo4EI/5dl1+LRUdTnwm4X35BcSQL
JvfK1U2tShukYw==
-----END CERTIFICATE-----