Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          aq8EzjX7X8bhU+XZ2i7I6zXpf8p8sxKrj050cZ82VPs=
Subject key identifier:   DB:04:C6:5D:EA:96:B7:96:21:FC:BB:F0:14:E9:4B:A8:59:B3:30:58
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       019921B12BB209CBE02C1A5AB31AE8617EFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0ECD
Signing time:             Sun 07 Sep 2025 01:01:23 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:23 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:23 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: u4vGeV1vINdSQmflhyxmV6WfFfMQo7+er/w4NXhPPbM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:2b:b2:09:cb:e0:2c:1a:5a:b3:1a:e8:61:7e:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: Sep  7 01:01:23 2025 GMT
            Not After : Sep  8 01:01:23 2025 GMT
        Subject: CN=db04c65dea96b79621fcbbf014e94ba859b33058
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:d1:9d:45:84:79:d7:1a:32:8b:94:04:e6:7d:
                    e9:c0:c5:5a:fc:ac:cc:02:d8:24:e5:ce:3e:e4:46:
                    cd:85:7c:4a:3a:a4:78:3e:63:fa:78:2b:77:af:f6:
                    7d:83:41:91:a2:7b:90:81:46:8a:0a:42:d8:6b:90:
                    aa:00:e6:45:1b:25:e7:6f:fa:b8:93:63:48:bb:f4:
                    b5:e1:97:93:4c:c6:c3:b8:e9:48:6c:e1:10:84:c9:
                    76:a8:e1:ef:fb:73:04:9e:b6:07:b4:36:9f:cd:89:
                    dc:43:fc:bf:ca:a2:e6:43:85:46:b9:63:9a:51:8d:
                    49:b6:bf:0b:f4:c5:45:c4:b9:5f:bb:dc:81:52:5d:
                    9d:7e:32:f6:34:23:0d:c0:29:c7:55:0b:62:20:5b:
                    72:5e:66:12:78:75:0d:3a:04:6c:b8:6a:87:ae:44:
                    bd:3e:ca:a2:90:f8:7b:af:eb:1d:24:c9:5b:f8:17:
                    1b:cf:bf:ff:d9:06:f1:9d:29:3e:4b:40:b5:e2:f9:
                    bd:c8:00:2b:c9:c3:71:fa:64:e1:67:6d:c1:0d:fd:
                    5c:86:bf:3e:aa:8e:38:8a:a0:b2:a9:2c:4e:e8:bc:
                    62:7b:3a:4e:49:12:d0:ca:e7:d6:bc:b4:cb:96:f7:
                    3c:21:96:df:8a:f2:98:c3:3a:31:58:e6:20:10:98:
                    ef:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:04:C6:5D:EA:96:B7:96:21:FC:BB:F0:14:E9:4B:A8:59:B3:30:58
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:ca:35:1c:9e:a8:db:01:e8:a1:51:89:07:e3:5c:46:f4:a7:
         42:37:05:d2:75:17:72:cc:8c:33:33:86:8c:1c:d5:15:96:cb:
         9e:00:e8:fb:7d:e6:e6:27:83:3f:72:eb:12:74:4c:85:c1:df:
         91:b2:62:7c:20:39:69:19:79:6a:87:97:eb:c8:52:1f:c2:10:
         82:e5:eb:35:63:a3:73:f2:aa:08:c2:55:80:74:c1:43:1e:86:
         24:ba:26:d7:c9:0d:e8:bb:73:48:78:1a:9c:34:14:54:ed:10:
         dd:59:7a:61:de:46:57:c8:b8:d6:43:c9:87:8c:2d:42:df:9f:
         de:7d:ff:86:ad:04:b4:cd:1b:3c:8a:5f:e4:36:eb:67:2b:7a:
         56:3b:b7:77:1c:89:bc:67:50:f3:60:27:97:62:b6:7c:54:39:
         7e:35:ca:c3:ca:62:ad:0d:a8:05:f8:8a:89:89:71:85:ee:56:
         eb:c8:f5:79:7e:41:15:92:84:55:c0:95:ba:0e:61:e8:20:76:
         eb:75:d5:31:e7:84:59:9d:14:c9:fa:6a:ff:c0:ce:67:14:82:
         06:44:bb:2a:92:6c:ac:bb:e2:06:0f:b3:7c:7c:eb:8f:21:65:
         59:f5:3f:1b:29:2d:92:c8:f7:2e:c1:3b:f4:8f:37:7b:19:ed:
         c8:76:53:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsSuyCcvgLBpasxroYX7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjUwOTA3MDEwMTIzWhcNMjUwOTA4MDEwMTIzWjAzMTEwLwYDVQQD
EyhkYjA0YzY1ZGVhOTZiNzk2MjFmY2JiZjAxNGU5NGJhODU5YjMzMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9GdRYR51xoyi5QE5n3pwMVa/KzM
Atgk5c4+5EbNhXxKOqR4PmP6eCt3r/Z9g0GRonuQgUaKCkLYa5CqAOZFGyXnb/q4
k2NIu/S14ZeTTMbDuOlIbOEQhMl2qOHv+3MEnrYHtDafzYncQ/y/yqLmQ4VGuWOa
UY1Jtr8L9MVFxLlfu9yBUl2dfjL2NCMNwCnHVQtiIFtyXmYSeHUNOgRsuGqHrkS9
PsqikPh7r+sdJMlb+Bcbz7//2QbxnSk+S0C14vm9yAArycNx+mThZ23BDf1chr8+
qo44iqCyqSxO6LxiezpOSRLQyufWvLTLlvc8IZbfivKYwzoxWOYgEJjvLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsExl3qlreWIfy78BTpS6hZszBYMB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADMo1HJ6o
2wHooVGJB+NcRvSnQjcF0nUXcsyMMzOGjBzVFZbLngDo+33m5ieDP3LrEnRMhcHf
kbJifCA5aRl5aoeX68hSH8IQguXrNWOjc/KqCMJVgHTBQx6GJLom18kN6LtzSHga
nDQUVO0Q3Vl6Yd5GV8i41kPJh4wtQt+f3n3/hq0EtM0bPIpf5DbrZyt6Vju3dxyJ
vGdQ82Anl2K2fFQ5fjXKw8pirQ2oBfiKiYlxhe5W68j1eX5BFZKEVcCVug5h6CB2
63XVMeeEWZ0Uyfpq/8DOZxSCBkS7KpJsrLviBg+zfHzrjyFlWfU/Gyktksj3LsE7
9I83exntyHZT4Q==
-----END CERTIFICATE-----