Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          64W/6XThLGjX7wTpQ8GENKrYQY/+q8nVozB38BlUCAE=
Subject key identifier:   76:B1:D9:96:0E:03:51:3C:CB:11:D7:41:71:DA:AA:B9:A0:06:F4:EA
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       019A01B4AD0A247F9400D1199DAEDC90B41F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          13FB
Signing time:             Mon 20 Oct 2025 13:00:09 +0000
Manifest this update:     Mon 20 Oct 2025 13:00:09 +0000
Manifest next update:     Tue 21 Oct 2025 13:00:09 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: pfznTobzBFbUOZ143YYMIuFrq71P8ukJjQ6lhgjufIQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 13:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:01:b4:ad:0a:24:7f:94:00:d1:19:9d:ae:dc:90:b4:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Oct 20 13:00:09 2025 GMT
            Not After : Oct 21 13:00:09 2025 GMT
        Subject: CN=76b1d9960e03513ccb11d74171daaab9a006f4ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:1d:3a:5e:b2:12:db:f8:40:28:54:f2:ca:bd:
                    0e:1d:09:97:4f:64:13:7b:21:14:03:0e:2e:cc:f8:
                    db:8e:36:4a:77:38:e3:14:20:8a:90:78:6e:5e:7d:
                    f6:06:54:96:66:e6:44:a4:fd:d8:a1:bc:be:ac:d3:
                    1f:a5:62:1a:ac:ea:d0:8c:a7:50:32:9a:33:d1:fd:
                    47:02:6a:b2:e2:92:51:e8:20:f6:95:6c:a2:91:9d:
                    b0:b5:2a:4c:cf:a3:cb:80:60:05:56:c3:82:3c:92:
                    7c:18:d9:fc:56:75:dc:f1:7a:00:c4:45:c9:48:a2:
                    af:0d:3b:06:47:4e:5f:d1:1d:b0:2a:b1:be:27:a9:
                    90:a4:68:ef:6f:d2:e9:61:fd:12:f8:d1:a2:8f:17:
                    39:ef:ac:52:62:12:46:14:c2:83:b4:37:d9:86:58:
                    17:b5:66:5e:af:29:2d:26:aa:d4:55:50:0c:89:d7:
                    7d:a2:fc:7e:41:94:68:08:c7:dd:b6:9e:46:b6:49:
                    0e:34:ff:e0:d9:29:a2:76:48:02:3c:f3:ea:85:cf:
                    78:0c:24:b8:e7:11:d3:e3:d0:98:0d:09:54:85:21:
                    93:ed:97:32:bd:96:f0:be:51:74:ae:63:8a:43:5d:
                    f5:d3:0c:07:56:b3:54:78:4e:8a:c3:f9:55:4a:ed:
                    e3:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:B1:D9:96:0E:03:51:3C:CB:11:D7:41:71:DA:AA:B9:A0:06:F4:EA
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:d3:49:8f:b6:39:2d:e1:51:bd:c2:47:2d:b1:cb:9c:69:d5:
         ca:83:54:a8:fd:36:2d:df:19:b7:08:2b:6f:6d:47:91:45:9d:
         a5:60:a1:cd:81:54:61:ca:be:e5:fa:17:49:dd:e3:39:ec:e4:
         fe:24:c5:7c:b8:33:1b:71:5c:23:b5:78:9d:9e:ad:ef:f5:67:
         04:13:ce:49:86:2d:f0:e4:55:d1:19:46:96:f2:ea:9f:96:eb:
         2f:28:75:aa:18:ef:2b:50:eb:2b:99:2f:5a:0e:ed:bf:f6:6c:
         29:c5:97:83:b4:5f:d7:f2:85:3f:44:14:67:fd:08:42:e9:56:
         ed:2c:80:22:97:a4:2f:6b:a5:d8:b7:ad:0f:33:75:1d:af:aa:
         14:b1:74:a1:dd:be:ee:13:2f:fd:57:f4:48:59:b0:0f:41:59:
         55:a9:8a:a3:2f:b3:d0:d0:41:98:83:07:f7:c4:23:94:20:01:
         05:27:0d:14:bb:d9:f5:76:65:9e:9d:0f:e0:c2:f8:c5:7c:21:
         20:ce:40:bb:5f:31:cc:d6:3f:d3:c4:e4:a1:3a:fe:10:c3:80:
         df:2f:e9:eb:23:7a:af:47:ad:b5:70:ae:20:98:ac:71:37:56:
         e4:f3:76:2a:f7:6e:31:09:83:f2:04:d6:11:25:26:13:f5:2a:
         20:22:c4:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBtK0KJH+UANEZna7ckLQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjUxMDIwMTMwMDA5WhcNMjUxMDIxMTMwMDA5WjAzMTEwLwYDVQQD
Eyg3NmIxZDk5NjBlMDM1MTNjY2IxMWQ3NDE3MWRhYWFiOWEwMDZmNGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3B06XrIS2/hAKFTyyr0OHQmXT2QT
eyEUAw4uzPjbjjZKdzjjFCCKkHhuXn32BlSWZuZEpP3Yoby+rNMfpWIarOrQjKdQ
Mpoz0f1HAmqy4pJR6CD2lWyikZ2wtSpMz6PLgGAFVsOCPJJ8GNn8VnXc8XoAxEXJ
SKKvDTsGR05f0R2wKrG+J6mQpGjvb9LpYf0S+NGijxc576xSYhJGFMKDtDfZhlgX
tWZeryktJqrUVVAMidd9ovx+QZRoCMfdtp5GtkkONP/g2SmidkgCPPPqhc94DCS4
5xHT49CYDQlUhSGT7ZcyvZbwvlF0rmOKQ1310wwHVrNUeE6Kw/lVSu3jAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHax2ZYOA1E8yxHXQXHaqrmgBvTqMB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmNNJj7Y5
LeFRvcJHLbHLnGnVyoNUqP02Ld8Ztwgrb21HkUWdpWChzYFUYcq+5foXSd3jOezk
/iTFfLgzG3FcI7V4nZ6t7/VnBBPOSYYt8ORV0RlGlvLqn5brLyh1qhjvK1DrK5kv
Wg7tv/ZsKcWXg7Rf1/KFP0QUZ/0IQulW7SyAIpekL2ul2LetDzN1Ha+qFLF0od2+
7hMv/Vf0SFmwD0FZVamKoy+z0NBBmIMH98QjlCABBScNFLvZ9XZlnp0P4ML4xXwh
IM5Au18xzNY/08TkoTr+EMOA3y/p6yN6r0ettXCuIJiscTdW5PN2KvduMQmD8gTW
ESUmE/UqICLEiA==
-----END CERTIFICATE-----