Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          44J7dzobSuPLC3UIjmGYfYjs+zypGKvBkSi/4IMTJg4=
Subject key identifier:   69:66:97:24:85:13:B8:B1:A5:9E:24:3C:F7:ED:6E:2C:94:00:9B:10
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       019A71B841A4462F7B13B7E0EF612DE2FBB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0F7B
Signing time:             Tue 11 Nov 2025 07:01:32 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:32 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:32 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: cr503JVNDkJ+Ki+NnK/+tIQ7m/alCgMdR7n4L3Fzy/U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:41:a4:46:2f:7b:13:b7:e0:ef:61:2d:e2:fb:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: Nov 11 07:01:32 2025 GMT
            Not After : Nov 12 07:01:32 2025 GMT
        Subject: CN=696697248513b8b1a59e243cf7ed6e2c94009b10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:83:5c:15:5b:42:44:2e:63:8e:58:ec:b1:90:
                    d6:d8:5c:3f:af:03:1e:35:1c:ca:81:cf:74:d8:bd:
                    c9:3c:f4:e5:b9:4f:fc:3c:19:f4:84:20:37:e5:53:
                    4c:65:28:d9:84:44:dc:d3:ce:c2:02:8b:86:dd:fe:
                    f2:2a:d4:72:10:10:6c:19:6f:e6:28:32:9a:27:96:
                    59:2e:ff:9c:1e:51:40:7f:a8:89:f1:d7:84:e2:c3:
                    31:ef:be:65:8b:57:59:07:58:f0:7f:a1:2d:78:0b:
                    27:b5:03:82:ad:cb:c5:24:54:2a:44:f0:f6:ae:31:
                    fa:99:23:a7:89:b5:9b:12:67:9c:0e:f6:36:8c:a9:
                    80:6a:fc:7d:20:26:0e:7f:8c:95:5c:be:c8:63:d7:
                    c1:c8:bc:84:11:fc:7a:36:57:33:96:fd:45:a3:d8:
                    be:dc:9e:2e:50:44:5a:c8:86:a4:c1:be:42:92:26:
                    0b:75:f2:07:4c:e0:68:eb:16:d6:20:89:4f:07:98:
                    54:ff:14:f0:7e:46:d2:71:c8:49:5e:d0:c3:9c:0b:
                    ff:3a:e7:a1:31:0f:a2:1a:ec:f6:18:2f:59:22:4d:
                    62:1d:08:8f:ff:75:29:7e:a0:55:27:45:67:24:c1:
                    19:c6:2d:af:1f:4d:7b:6a:cc:cb:35:88:b4:5c:35:
                    d8:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:66:97:24:85:13:B8:B1:A5:9E:24:3C:F7:ED:6E:2C:94:00:9B:10
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:19:99:36:4f:28:06:31:de:d4:a9:68:e3:33:48:b7:33:44:
         60:9e:9e:a2:27:85:eb:dd:ba:bd:7b:f5:40:12:b3:ca:ca:4c:
         d4:f6:b8:cb:f2:f8:40:d3:96:0f:aa:6a:1d:a6:0f:a6:b9:cf:
         63:1d:af:3f:b7:3c:70:cf:10:56:69:83:9c:ac:06:12:7b:c5:
         30:3b:c5:df:3a:75:7c:32:0a:b2:24:41:6e:65:14:69:86:32:
         56:27:e4:c6:49:ce:1d:ff:54:7c:a0:55:ba:ea:09:4e:85:4f:
         cc:00:72:3c:77:d8:38:70:56:87:1d:95:aa:c5:17:aa:6d:47:
         a9:bf:96:bc:cb:43:cd:0d:5f:09:aa:de:ab:c0:98:5d:a3:a9:
         b2:64:2a:74:a7:2f:de:a2:43:71:5c:f9:fe:36:e2:d8:cc:4d:
         af:a6:5e:21:46:83:48:33:0c:06:36:04:1e:97:c5:cf:49:08:
         69:ec:c2:20:0e:42:01:d8:df:36:fb:ca:32:44:e9:41:1d:20:
         55:64:be:62:be:0e:2c:da:8a:5b:28:10:95:60:14:ea:95:6d:
         c1:25:41:b2:0f:bf:83:22:c4:12:69:9d:0c:8c:5e:a7:31:80:
         6d:0b:f4:43:ca:0c:68:00:00:ee:88:5d:23:b8:6d:45:8c:6a:
         c9:d1:d2:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEGkRi97E7fg72Et4vu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjUxMTExMDcwMTMyWhcNMjUxMTEyMDcwMTMyWjAzMTEwLwYDVQQD
Eyg2OTY2OTcyNDg1MTNiOGIxYTU5ZTI0M2NmN2VkNmUyYzk0MDA5YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuINcFVtCRC5jjljssZDW2Fw/rwMe
NRzKgc902L3JPPTluU/8PBn0hCA35VNMZSjZhETc087CAouG3f7yKtRyEBBsGW/m
KDKaJ5ZZLv+cHlFAf6iJ8deE4sMx775li1dZB1jwf6EteAsntQOCrcvFJFQqRPD2
rjH6mSOnibWbEmecDvY2jKmAavx9ICYOf4yVXL7IY9fByLyEEfx6Nlczlv1Fo9i+
3J4uUERayIakwb5CkiYLdfIHTOBo6xbWIIlPB5hU/xTwfkbScchJXtDDnAv/Oueh
MQ+iGuz2GC9ZIk1iHQiP/3UpfqBVJ0VnJMEZxi2vH017aszLNYi0XDXYNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlmlySFE7ixpZ4kPPftbiyUAJsQMB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASBmZNk8o
BjHe1Klo4zNItzNEYJ6eoieF6926vXv1QBKzyspM1Pa4y/L4QNOWD6pqHaYPprnP
Yx2vP7c8cM8QVmmDnKwGEnvFMDvF3zp1fDIKsiRBbmUUaYYyVifkxknOHf9UfKBV
uuoJToVPzAByPHfYOHBWhx2VqsUXqm1Hqb+WvMtDzQ1fCareq8CYXaOpsmQqdKcv
3qJDcVz5/jbi2MxNr6ZeIUaDSDMMBjYEHpfFz0kIaezCIA5CAdjfNvvKMkTpQR0g
VWS+Yr4OLNqKWygQlWAU6pVtwSVBsg+/gyLEEmmdDIxepzGAbQv0Q8oMaAAA7ohd
I7htRYxqydHS5w==
-----END CERTIFICATE-----