Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft
File:                     NM-cB0OwPV4EX0bprPToAKnxio4.mft (raw, json)
Hash identifier:          zNO/hvj/K1QhTzMln4zKmmoBIQS8xG8YLrsCxdP7FZ4=
Subject key identifier:   3F:42:99:8F:56:96:A7:A1:EC:85:C3:19:64:76:53:03:F4:E2:1D:B8
Authority key identifier: 34:CF:9C:07:43:B0:3D:5E:04:5F:46:E9:AC:F4:E8:00:A9:F1:8A:8E
Certificate issuer:       /CN=34cf9c0743b03d5e045f46e9acf4e800a9f18a8e
Certificate serial:       019A0035417EBD2CEAD9F7C32F71003DFE40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft
Manifest number:          0BF0
Signing time:             Mon 20 Oct 2025 06:01:21 +0000
Manifest this update:     Mon 20 Oct 2025 06:01:21 +0000
Manifest next update:     Tue 21 Oct 2025 06:01:21 +0000
Files and hashes:         1: NM-cB0OwPV4EX0bprPToAKnxio4.crl (hash: jOUZS/0Jrvpjm5QikXij90NAKyO7UVMfltEztMiA3Es=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 Oct 2025 00:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:00:35:41:7e:bd:2c:ea:d9:f7:c3:2f:71:00:3d:fe:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34cf9c0743b03d5e045f46e9acf4e800a9f18a8e
        Validity
            Not Before: Oct 20 06:01:21 2025 GMT
            Not After : Oct 21 06:01:21 2025 GMT
        Subject: CN=3f42998f5696a7a1ec85c31964765303f4e21db8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:11:85:b3:33:1a:3b:18:52:4d:24:5d:8a:1b:
                    ca:b3:f3:ce:b0:66:76:13:c7:23:47:13:79:a5:c2:
                    0e:98:a3:b3:d3:bd:1e:a4:4e:cc:b5:27:5b:e3:7d:
                    07:90:11:43:cf:e2:8b:ff:e2:32:80:46:3a:6a:97:
                    b7:dd:2f:1f:6c:22:06:67:ec:0b:85:4f:fa:a2:db:
                    0b:9f:fa:9b:67:ed:6f:f4:cd:92:02:9e:04:27:fe:
                    78:20:3b:65:2f:3f:98:34:4c:11:fb:e2:8e:90:76:
                    5e:51:b0:d5:93:6f:bd:28:96:74:ef:d6:72:13:1c:
                    55:d4:09:ab:bb:2d:c8:94:99:cf:bc:39:f4:a2:b8:
                    ec:cc:4a:7c:8d:da:a6:97:1f:c7:53:81:89:0a:67:
                    dc:20:c9:7b:48:3a:03:48:c5:52:64:22:37:73:f6:
                    a3:38:85:30:72:15:07:e2:99:86:52:b5:14:26:70:
                    37:a2:db:d8:d4:a9:91:84:55:e6:d4:ee:f9:a4:56:
                    b4:2d:ba:d2:f2:30:2f:7c:15:70:e2:36:a0:1c:fe:
                    2e:47:c3:81:dc:1d:f1:ed:22:65:a9:b3:90:1a:b0:
                    21:3a:18:02:70:d1:dd:bb:3e:6e:61:1c:d7:40:1d:
                    bf:1d:11:ad:c8:61:dc:90:f5:8b:a0:eb:61:f2:f7:
                    7d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:42:99:8F:56:96:A7:A1:EC:85:C3:19:64:76:53:03:F4:E2:1D:B8
            X509v3 Authority Key Identifier:
                keyid:34:CF:9C:07:43:B0:3D:5E:04:5F:46:E9:AC:F4:E8:00:A9:F1:8A:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NM-cB0OwPV4EX0bprPToAKnxio4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/45e4e0-da19-4cb9-8c8c-ee8035bbb4c1/1/NM-cB0OwPV4EX0bprPToAKnxio4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:66:18:65:71:67:f3:f0:39:1b:c4:d0:8a:ac:9e:6b:80:3d:
         05:79:4a:e7:3e:e3:aa:c7:47:e4:36:5b:d5:d8:c4:ea:df:18:
         27:fc:fc:03:c7:c0:d4:24:82:db:ea:71:b1:fa:d8:29:c8:a9:
         bc:8d:0d:62:f0:ae:dc:fa:c1:9d:93:2e:d8:67:20:c1:9a:00:
         f5:51:70:47:2d:d5:9c:f3:ab:41:e1:98:00:b0:98:f9:a1:32:
         c7:7a:e1:62:32:47:b1:f7:8f:73:7c:fc:e7:2b:b7:d6:fd:60:
         7c:a0:0e:3e:ca:1f:6b:15:0f:17:ec:34:c4:c2:7c:ed:80:f2:
         b9:d1:da:6a:33:38:af:73:ca:8c:7e:ca:1a:28:68:24:31:49:
         b1:43:6a:a0:cc:3d:97:0c:40:19:75:01:0b:09:02:22:1d:5f:
         42:2c:2a:c2:e7:92:73:64:8d:7f:fd:a1:5c:6d:87:e1:32:d5:
         35:a7:be:67:b6:8f:3f:fe:aa:07:34:3b:7a:84:85:ac:73:ad:
         0e:eb:d3:21:07:d1:07:43:0c:4e:c3:04:10:cb:5b:e1:6a:24:
         1e:dc:92:ed:fa:68:00:6b:86:64:90:dc:ad:bf:17:6a:b9:e2:
         58:78:0d:8a:8e:0f:92:1a:95:71:49:96:ac:56:ee:7a:8d:3c:
         f5:85:cb:2a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANUF+vSzq2ffDL3EAPf5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0Y2Y5YzA3NDNiMDNkNWUwNDVmNDZlOWFjZjRlODAwYTlm
MThhOGUwHhcNMjUxMDIwMDYwMTIxWhcNMjUxMDIxMDYwMTIxWjAzMTEwLwYDVQQD
EygzZjQyOTk4ZjU2OTZhN2ExZWM4NWMzMTk2NDc2NTMwM2Y0ZTIxZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRGFszMaOxhSTSRdihvKs/POsGZ2
E8cjRxN5pcIOmKOz070epE7MtSdb430HkBFDz+KL/+IygEY6ape33S8fbCIGZ+wL
hU/6otsLn/qbZ+1v9M2SAp4EJ/54IDtlLz+YNEwR++KOkHZeUbDVk2+9KJZ079Zy
ExxV1Amruy3IlJnPvDn0orjszEp8jdqmlx/HU4GJCmfcIMl7SDoDSMVSZCI3c/aj
OIUwchUH4pmGUrUUJnA3otvY1KmRhFXm1O75pFa0LbrS8jAvfBVw4jagHP4uR8OB
3B3x7SJlqbOQGrAhOhgCcNHduz5uYRzXQB2/HRGtyGHckPWLoOth8vd9kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9CmY9Wlqeh7IXDGWR2UwP04h24MB8GA1UdIwQY
MBaAFDTPnAdDsD1eBF9G6az06ACp8YqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80NWU0ZTAtZGExOS00Y2I5LThjOGMt
ZWU4MDM1YmJiNGMxLzEvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80NWU0ZTAtZGExOS00Y2I5LThjOGMtZWU4MDM1YmJiNGMx
LzEvTk0tY0IwT3dQVjRFWDBicHJQVG9BS254aW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR2YYZXFn
8/A5G8TQiqyea4A9BXlK5z7jqsdH5DZb1djE6t8YJ/z8A8fA1CSC2+pxsfrYKcip
vI0NYvCu3PrBnZMu2GcgwZoA9VFwRy3VnPOrQeGYALCY+aEyx3rhYjJHsfePc3z8
5yu31v1gfKAOPsofaxUPF+w0xMJ87YDyudHaajM4r3PKjH7KGihoJDFJsUNqoMw9
lwxAGXUBCwkCIh1fQiwqwueSc2SNf/2hXG2H4TLVNae+Z7aPP/6qBzQ7eoSFrHOt
DuvTIQfRB0MMTsMEEMtb4WokHtyS7fpoAGuGZJDcrb8XarniWHgNio4PkhqVcUmW
rFbueo089YXLKg==
-----END CERTIFICATE-----