Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
File:                     NbdnbT6rzEXogFTIuEBH7ocyvHM.mft (raw, json)
Hash identifier:          UuD9XCFAtT7yYbgyKu9L0HH72vypWQDH+NFrH+DFPW4=
Subject key identifier:   03:6F:C1:F9:90:18:D6:FD:2E:4B:92:2A:D4:A5:5A:8C:9B:12:E1:97
Authority key identifier: 35:B7:67:6D:3E:AB:CC:45:E8:80:54:C8:B8:40:47:EE:87:32:BC:73
Certificate issuer:       /CN=35b7676d3eabcc45e88054c8b84047ee8732bc73
Certificate serial:       0199172CB2E3C5C3939B99C16A8797503FFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
Manifest number:          035F
Signing time:             Fri 05 Sep 2025 00:00:29 +0000
Manifest this update:     Fri 05 Sep 2025 00:00:29 +0000
Manifest next update:     Sat 06 Sep 2025 00:00:29 +0000
Files and hashes:         1: NbdnbT6rzEXogFTIuEBH7ocyvHM.crl (hash: pVucQw8Fj3XuhetuFVbHWgjqjxNsB9tfDrS1CJJ4i1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Sep 2025 00:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:17:2c:b2:e3:c5:c3:93:9b:99:c1:6a:87:97:50:3f:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35b7676d3eabcc45e88054c8b84047ee8732bc73
        Validity
            Not Before: Sep  5 00:00:29 2025 GMT
            Not After : Sep  6 00:00:29 2025 GMT
        Subject: CN=036fc1f99018d6fd2e4b922ad4a55a8c9b12e197
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:17:3f:f1:ff:aa:75:c3:9a:be:55:89:a7:b1:
                    8b:4d:62:1f:8b:97:05:da:5b:57:d4:69:33:88:ae:
                    c4:c8:c6:05:61:8e:00:a9:9a:a0:77:76:56:4a:6d:
                    7f:4b:f9:20:00:d2:2a:df:f7:dd:d0:f9:9c:a9:26:
                    72:90:8e:7d:da:57:3e:79:e8:5f:ca:cc:ed:92:21:
                    0c:5d:35:24:a7:2b:5b:8e:c9:53:9a:65:40:01:61:
                    72:85:03:9c:b4:be:64:e3:b4:70:59:87:6f:f7:a6:
                    82:19:ff:4a:4c:55:19:e1:d6:82:85:ac:a9:62:03:
                    96:ee:b1:b5:70:a6:cd:62:46:75:0e:55:d7:e3:c0:
                    2b:5e:08:17:f9:2a:49:78:ca:b2:34:40:d2:48:ad:
                    92:e4:22:22:e4:28:7f:02:5c:03:4b:d5:54:74:83:
                    a0:e6:16:a1:30:a6:e7:b1:e7:d2:3a:38:22:65:07:
                    3d:19:3f:1f:5c:fb:c5:74:2b:6f:91:5b:eb:67:ee:
                    2b:d6:d4:64:5c:a2:2f:e1:72:42:33:b7:9f:3c:e5:
                    a4:b5:16:30:cf:ba:5e:ed:b0:25:8d:44:45:4e:1f:
                    e4:ef:3c:cd:dc:db:ef:f3:33:7d:5e:6e:22:6f:f9:
                    e1:c9:e8:89:09:c1:06:57:4a:3b:df:1e:15:05:17:
                    b2:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:6F:C1:F9:90:18:D6:FD:2E:4B:92:2A:D4:A5:5A:8C:9B:12:E1:97
            X509v3 Authority Key Identifier:
                keyid:35:B7:67:6D:3E:AB:CC:45:E8:80:54:C8:B8:40:47:EE:87:32:BC:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:ca:9d:91:96:70:57:a2:e9:05:75:5a:0e:cc:ad:fb:bd:b8:
         cb:06:60:25:ca:f3:d4:e6:25:bb:8c:f6:06:a2:8f:f5:47:8f:
         7b:9d:48:94:af:62:01:ff:98:84:12:80:e3:8b:57:7c:9d:3b:
         fb:82:0a:9f:d5:1a:41:c9:75:81:9c:f8:d4:c4:dc:61:b9:d4:
         3a:d3:7d:88:4e:e5:f5:01:42:8a:25:9a:58:65:90:fc:64:27:
         c2:0b:5e:9b:56:7f:43:95:7a:85:f2:65:f2:d3:74:25:bd:fb:
         3f:14:65:9e:0d:60:62:0e:a8:0d:77:83:2a:3f:a6:d5:49:46:
         b9:a8:7a:b0:42:49:f9:f8:f9:63:8a:8e:c8:3e:9b:fa:45:41:
         1d:a5:6b:20:eb:c5:51:3e:45:9f:1e:21:75:1c:97:32:44:96:
         74:e3:0d:f7:9c:00:d6:ea:85:aa:b6:a3:26:b1:21:52:dc:d9:
         69:60:12:d7:c6:4c:89:56:31:e7:bf:5d:1f:d0:97:20:0d:18:
         5b:0c:81:9a:56:5f:5a:1b:cc:52:d2:c5:7d:50:ae:41:6b:2d:
         1f:90:d1:03:97:a6:84:0a:b0:bf:85:cb:ff:62:f7:92:16:24:
         1d:cd:9a:e8:0c:4c:01:39:a4:ba:b1:11:be:04:ab:35:db:dd:
         ce:03:70:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkXLLLjxcOTm5nBaoeXUD/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yjc2NzZkM2VhYmNjNDVlODgwNTRjOGI4NDA0N2VlODcz
MmJjNzMwHhcNMjUwOTA1MDAwMDI5WhcNMjUwOTA2MDAwMDI5WjAzMTEwLwYDVQQD
EygwMzZmYzFmOTkwMThkNmZkMmU0YjkyMmFkNGE1NWE4YzliMTJlMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRc/8f+qdcOavlWJp7GLTWIfi5cF
2ltX1GkziK7EyMYFYY4AqZqgd3ZWSm1/S/kgANIq3/fd0PmcqSZykI592lc+eehf
ysztkiEMXTUkpytbjslTmmVAAWFyhQOctL5k47RwWYdv96aCGf9KTFUZ4daChayp
YgOW7rG1cKbNYkZ1DlXX48ArXggX+SpJeMqyNEDSSK2S5CIi5Ch/AlwDS9VUdIOg
5hahMKbnsefSOjgiZQc9GT8fXPvFdCtvkVvrZ+4r1tRkXKIv4XJCM7efPOWktRYw
z7pe7bAljURFTh/k7zzN3Nvv8zN9Xm4ib/nhyeiJCcEGV0o73x4VBReyMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANvwfmQGNb9LkuSKtSlWoybEuGXMB8GA1UdIwQY
MBaAFDW3Z20+q8xF6IBUyLhAR+6HMrxzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wYzcxZTgtNmMwOS00ODUwLWE2YzUt
YmUyMDNmMDEzMDRkLzEvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wYzcxZTgtNmMwOS00ODUwLWE2YzUtYmUyMDNmMDEzMDRk
LzEvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF8qdkZZw
V6LpBXVaDsyt+724ywZgJcrz1OYlu4z2BqKP9UePe51IlK9iAf+YhBKA44tXfJ07
+4IKn9UaQcl1gZz41MTcYbnUOtN9iE7l9QFCiiWaWGWQ/GQnwgtem1Z/Q5V6hfJl
8tN0Jb37PxRlng1gYg6oDXeDKj+m1UlGuah6sEJJ+fj5Y4qOyD6b+kVBHaVrIOvF
UT5Fnx4hdRyXMkSWdOMN95wA1uqFqrajJrEhUtzZaWAS18ZMiVYx579dH9CXIA0Y
WwyBmlZfWhvMUtLFfVCuQWstH5DRA5emhAqwv4XL/2L3khYkHc2a6AxMATmkurER
vgSrNdvdzgNwJg==
-----END CERTIFICATE-----