Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
File:                     nzeBglGggdHMfzAVMg62NSZwm5E.mft (raw, json)
Hash identifier:          Wn3vTlgjofTUR4QpRuhxcvOMRYKTZupT79KW2hmIEJc=
Subject key identifier:   30:56:5A:ED:25:FE:EF:B1:30:A6:67:68:3C:39:7C:A8:44:29:86:22
Authority key identifier: 9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91
Certificate issuer:       /CN=9f37818251a081d1cc7f3015320eb63526709b91
Certificate serial:       019A71B77652804EFB1B5D0ACB4C25BED038
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
Manifest number:          0788
Signing time:             Tue 11 Nov 2025 07:00:39 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:39 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:39 +0000
Files and hashes:         1: nzeBglGggdHMfzAVMg62NSZwm5E.crl (hash: ET7UcuJ6XJ6JWn9URt3WLQtcu4jS5mcFd6gN5mxi1Og=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:76:52:80:4e:fb:1b:5d:0a:cb:4c:25:be:d0:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f37818251a081d1cc7f3015320eb63526709b91
        Validity
            Not Before: Nov 11 07:00:39 2025 GMT
            Not After : Nov 12 07:00:39 2025 GMT
        Subject: CN=30565aed25feefb130a667683c397ca844298622
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:2d:ce:01:61:c9:e0:07:fd:ad:de:c2:76:12:
                    7c:76:6a:07:17:27:e9:90:f5:a8:c9:26:c1:a1:eb:
                    ea:58:a0:b0:a3:35:9b:4e:d7:23:cd:28:da:bb:e8:
                    65:fb:ba:60:f3:4b:49:16:54:e8:19:48:fe:4a:70:
                    36:0d:c6:9a:2c:8c:b8:60:b0:9b:ed:53:82:e4:e9:
                    9b:82:86:73:64:9d:dd:59:05:45:31:68:66:47:f2:
                    b7:33:99:18:a9:35:8a:a7:0a:db:64:fb:1f:f4:ab:
                    a4:6c:7b:fc:81:24:60:81:a7:ae:53:55:ab:b9:e6:
                    55:f4:df:05:31:59:d7:62:c2:83:41:cf:a1:04:25:
                    cc:3f:e8:00:d5:32:35:73:f2:72:ce:51:9b:05:aa:
                    59:55:f5:71:69:cd:2b:b4:cd:18:c1:e3:9c:d2:a9:
                    b6:37:bb:75:07:25:30:93:87:09:d8:e9:2f:87:6b:
                    59:61:ce:69:03:be:39:b6:6c:e7:46:5d:19:a4:5f:
                    3a:63:b0:56:ee:3e:d5:44:32:20:ae:41:d1:e4:93:
                    e0:bd:0e:f2:0f:38:1b:50:6d:3d:47:47:0c:49:a1:
                    c1:1b:21:d2:05:3b:b8:ae:7f:0c:bd:99:ca:37:24:
                    19:75:f1:18:fe:c3:5c:c0:d9:16:58:be:f0:15:50:
                    df:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:56:5A:ED:25:FE:EF:B1:30:A6:67:68:3C:39:7C:A8:44:29:86:22
            X509v3 Authority Key Identifier:
                keyid:9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:55:50:60:8a:41:6f:d5:23:14:82:09:95:00:6d:76:02:b3:
         a5:e0:10:38:55:50:94:f8:3a:b2:6a:a2:b9:5d:25:cf:d1:d2:
         bc:f9:b9:00:2c:44:a2:25:bd:75:62:a3:37:7a:da:1c:ef:e1:
         65:8d:84:ec:9e:3c:90:82:8d:2b:2c:97:f7:75:85:83:e4:2d:
         78:be:0d:5c:38:02:43:65:ee:88:c8:a8:ab:3f:8a:33:c0:eb:
         45:c0:0d:fb:3f:cb:7b:c4:b9:15:0b:d9:19:5b:18:0f:77:85:
         d6:73:e0:1b:9d:c4:1c:2c:94:ad:26:58:e3:b3:bf:ff:10:cf:
         d6:09:7a:15:08:f8:b1:39:06:fa:65:fd:e2:5d:ea:7e:a4:26:
         75:4b:b1:d5:6f:4b:ee:db:ab:0f:90:2b:2e:ef:45:ba:f8:35:
         d3:34:4c:05:ca:bc:52:ff:7a:34:4c:fd:bf:8c:e2:a3:4e:53:
         3e:36:84:87:fc:fe:98:a6:ba:3b:2b:b1:06:8c:2c:0a:d4:5b:
         dc:05:0e:8a:c2:fe:3d:ad:62:5d:36:50:e3:b2:c4:68:fb:20:
         66:02:82:e5:50:ca:25:a0:33:80:1d:04:e1:24:4b:59:61:4f:
         95:55:95:63:5b:ab:f6:35:3c:29:f0:18:1e:8c:f6:b3:5c:d6:
         ff:59:76:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3ZSgE77G10Ky0wlvtA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzc4MTgyNTFhMDgxZDFjYzdmMzAxNTMyMGViNjM1MjY3
MDliOTEwHhcNMjUxMTExMDcwMDM5WhcNMjUxMTEyMDcwMDM5WjAzMTEwLwYDVQQD
EygzMDU2NWFlZDI1ZmVlZmIxMzBhNjY3NjgzYzM5N2NhODQ0Mjk4NjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyy3OAWHJ4Af9rd7CdhJ8dmoHFyfp
kPWoySbBoevqWKCwozWbTtcjzSjau+hl+7pg80tJFlToGUj+SnA2DcaaLIy4YLCb
7VOC5OmbgoZzZJ3dWQVFMWhmR/K3M5kYqTWKpwrbZPsf9KukbHv8gSRggaeuU1Wr
ueZV9N8FMVnXYsKDQc+hBCXMP+gA1TI1c/JyzlGbBapZVfVxac0rtM0YweOc0qm2
N7t1ByUwk4cJ2Okvh2tZYc5pA745tmznRl0ZpF86Y7BW7j7VRDIgrkHR5JPgvQ7y
DzgbUG09R0cMSaHBGyHSBTu4rn8MvZnKNyQZdfEY/sNcwNkWWL7wFVDftwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBWWu0l/u+xMKZnaDw5fKhEKYYiMB8GA1UdIwQY
MBaAFJ83gYJRoIHRzH8wFTIOtjUmcJuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQt
NmIyZjUyNjA0N2E5LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQtNmIyZjUyNjA0N2E5
LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALlVQYIpB
b9UjFIIJlQBtdgKzpeAQOFVQlPg6smqiuV0lz9HSvPm5ACxEoiW9dWKjN3raHO/h
ZY2E7J48kIKNKyyX93WFg+QteL4NXDgCQ2XuiMioqz+KM8DrRcAN+z/Le8S5FQvZ
GVsYD3eF1nPgG53EHCyUrSZY47O//xDP1gl6FQj4sTkG+mX94l3qfqQmdUux1W9L
7turD5ArLu9Fuvg10zRMBcq8Uv96NEz9v4zio05TPjaEh/z+mKa6OyuxBowsCtRb
3AUOisL+Pa1iXTZQ47LEaPsgZgKC5VDKJaAzgB0E4SRLWWFPlVWVY1ur9jU8KfAY
Hoz2s1zW/1l2vA==
-----END CERTIFICATE-----