Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          3EqTg6B6O4WILAn3pToh4s8gXsWPj4yN94pCTOyuiIk=
Subject key identifier:   0B:EB:CB:72:9B:E4:7A:E4:0D:1B:9E:32:BB:C5:7B:95:71:09:41:39
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       0199FC58868F168C34E274D70C647D72FFF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          158E
Signing time:             Sun 19 Oct 2025 12:01:24 +0000
Manifest this update:     Sun 19 Oct 2025 12:01:24 +0000
Manifest next update:     Mon 20 Oct 2025 12:01:24 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: aOXeoRtgGshdjnJkYuxKAhK5lCnknVVsE8/J/X/TT+I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fc:58:86:8f:16:8c:34:e2:74:d7:0c:64:7d:72:ff:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: Oct 19 12:01:24 2025 GMT
            Not After : Oct 20 12:01:24 2025 GMT
        Subject: CN=0bebcb729be47ae40d1b9e32bbc57b9571094139
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:f0:94:72:6a:c9:05:3b:f9:0f:cd:1d:e1:ce:
                    24:f7:d0:87:22:4c:3c:53:6e:e0:a6:97:33:fc:44:
                    be:e1:af:fb:58:39:fb:44:1e:89:88:5b:39:fa:b6:
                    18:02:83:ab:68:dc:4f:d1:3b:65:e2:c5:1c:88:16:
                    fc:0d:e2:88:03:e1:ed:a3:9e:7f:23:08:ca:47:ff:
                    55:60:a8:d5:70:e3:c5:06:5c:ef:e8:2c:88:08:5f:
                    66:d9:f6:dc:49:ed:1b:2f:b9:38:a4:5b:00:ad:62:
                    2b:0b:54:41:11:00:6c:4d:f1:14:64:f8:8b:36:79:
                    de:f6:05:c9:b9:7b:05:fc:b3:b4:29:a6:e9:68:01:
                    3f:07:62:43:0e:d1:fd:53:22:f8:d5:1e:c6:cf:20:
                    07:98:6a:13:04:25:59:d4:18:4a:c4:1f:b3:6a:83:
                    61:21:94:b7:76:70:b9:16:4f:e0:36:89:ea:f4:fa:
                    26:0a:d5:04:20:15:d2:f0:0b:52:be:f8:a5:58:fc:
                    af:57:b5:52:20:ff:a5:4b:d3:c7:5c:da:96:a9:f4:
                    5d:d2:37:45:09:37:6e:c7:4a:81:14:63:f5:cd:04:
                    b7:3e:5b:1b:3b:4c:fa:e1:87:53:65:9f:e7:8f:cf:
                    d0:44:8e:c5:ae:ce:65:3f:a3:72:c4:3c:86:97:30:
                    6a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:EB:CB:72:9B:E4:7A:E4:0D:1B:9E:32:BB:C5:7B:95:71:09:41:39
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:a9:e9:36:89:98:21:e6:71:15:13:c2:25:e0:5b:77:89:1c:
         e7:14:4a:e9:63:68:12:55:bb:b5:0f:1a:89:a1:5d:80:58:6f:
         c9:aa:00:60:22:f9:aa:37:21:6f:a7:d2:e3:90:76:9b:de:84:
         2e:59:dc:6d:fd:d1:4c:df:d2:68:1c:8f:20:1d:e3:c2:ac:4b:
         7b:64:05:8b:da:44:a4:bb:30:ff:68:47:55:c9:69:f2:a8:10:
         7d:e0:00:70:af:38:86:01:31:7f:54:18:c6:14:60:10:29:32:
         ce:e4:41:92:a1:d7:c6:47:2b:e6:8b:97:70:00:b5:a4:34:5e:
         a4:4e:68:0a:f6:e1:c2:56:bb:08:a2:7c:9e:bf:1b:15:c2:e6:
         4a:eb:eb:b4:eb:4c:38:cc:fa:12:c9:c0:9b:07:5c:e5:8a:af:
         1c:17:b4:95:77:02:a0:46:29:bc:d2:f6:58:f4:fe:4f:fc:c5:
         f2:3d:6a:00:92:6e:6c:b9:98:53:ed:9e:94:3f:0d:3a:42:70:
         c9:5f:64:83:13:de:6f:33:66:28:10:42:3a:3a:8a:d0:c4:9a:
         2d:2b:c5:c3:23:71:90:e9:0e:81:1c:70:64:d5:b7:54:58:15:
         aa:3f:4d:6a:f9:6c:42:b6:13:dc:ce:6c:4c:47:ed:a2:4c:0b:
         fd:01:e9:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WIaPFow04nTXDGR9cv/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUxMDE5MTIwMTI0WhcNMjUxMDIwMTIwMTI0WjAzMTEwLwYDVQQD
EygwYmViY2I3MjliZTQ3YWU0MGQxYjllMzJiYmM1N2I5NTcxMDk0MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vCUcmrJBTv5D80d4c4k99CHIkw8
U27gppcz/ES+4a/7WDn7RB6JiFs5+rYYAoOraNxP0Ttl4sUciBb8DeKIA+Hto55/
IwjKR/9VYKjVcOPFBlzv6CyICF9m2fbcSe0bL7k4pFsArWIrC1RBEQBsTfEUZPiL
Nnne9gXJuXsF/LO0KabpaAE/B2JDDtH9UyL41R7GzyAHmGoTBCVZ1BhKxB+zaoNh
IZS3dnC5Fk/gNonq9PomCtUEIBXS8AtSvvilWPyvV7VSIP+lS9PHXNqWqfRd0jdF
CTdux0qBFGP1zQS3PlsbO0z64YdTZZ/nj8/QRI7Frs5lP6NyxDyGlzBqWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAvry3Kb5HrkDRueMrvFe5VxCUE5MB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdqnpNomY
IeZxFRPCJeBbd4kc5xRK6WNoElW7tQ8aiaFdgFhvyaoAYCL5qjchb6fS45B2m96E
Llncbf3RTN/SaByPIB3jwqxLe2QFi9pEpLsw/2hHVclp8qgQfeAAcK84hgExf1QY
xhRgECkyzuRBkqHXxkcr5ouXcAC1pDRepE5oCvbhwla7CKJ8nr8bFcLmSuvrtOtM
OMz6EsnAmwdc5YqvHBe0lXcCoEYpvNL2WPT+T/zF8j1qAJJubLmYU+2elD8NOkJw
yV9kgxPebzNmKBBCOjqK0MSaLSvFwyNxkOkOgRxwZNW3VFgVqj9NavlsQrYT3M5s
TEftokwL/QHpow==
-----END CERTIFICATE-----