Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
File:                     nuC9T-woxBx9-CFI8JHsPzkb23A.mft (raw, json)
Hash identifier:          aonq7wrvfYTzDmkN3cVNN851BJHvSoKzzISiD40SsUg=
Subject key identifier:   E4:A8:13:01:1C:36:52:4A:7B:98:89:8E:EC:08:A3:8C:8E:7B:7B:BF
Authority key identifier: 9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70
Certificate issuer:       /CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
Certificate serial:       019A71B7E72ABFB06F04BE24C6B5607577BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
Manifest number:          08CD
Signing time:             Tue 11 Nov 2025 07:01:08 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:08 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:08 +0000
Files and hashes:         1: nuC9T-woxBx9-CFI8JHsPzkb23A.crl (hash: kDbRf8MhseXviYqiTo4B0UEuAmP6RjXX3rX+ndQ4atY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:e7:2a:bf:b0:6f:04:be:24:c6:b5:60:75:77:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
        Validity
            Not Before: Nov 11 07:01:08 2025 GMT
            Not After : Nov 12 07:01:08 2025 GMT
        Subject: CN=e4a813011c36524a7b98898eec08a38c8e7b7bbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ab:a0:a7:dd:da:db:79:88:1a:35:ca:6d:5c:
                    dc:75:a0:c2:93:ea:3b:83:c3:f4:6b:3b:ad:68:a8:
                    2e:68:fc:09:5a:fe:05:97:e3:35:61:b0:11:96:c9:
                    fe:f3:31:a2:cf:61:fa:13:1a:f5:a5:34:6a:44:63:
                    95:fa:e7:b7:29:4d:0e:0b:dd:4c:2f:25:2c:4a:8a:
                    1f:a7:55:49:69:26:a4:70:95:66:7a:5a:b8:21:39:
                    0c:05:da:ea:f1:d5:38:f7:f3:d5:39:b2:87:29:4c:
                    7b:4f:e5:6d:6c:d3:0e:96:a9:06:d9:b7:75:db:1c:
                    d2:61:dd:57:d6:b3:1a:ab:2c:65:a3:e0:0b:78:cd:
                    ad:26:15:9a:d1:c9:72:86:c8:46:64:ea:ee:da:1a:
                    16:1a:e1:4b:d4:38:0b:b3:36:7e:ed:d4:54:75:b5:
                    e3:16:ca:06:6f:c0:53:49:f4:e4:f3:6f:16:53:89:
                    d4:3d:d9:c4:6b:f1:60:a6:28:d8:f9:e8:e7:e1:ba:
                    93:44:88:d5:51:6b:22:a6:99:80:0e:54:0e:02:f0:
                    13:ac:83:aa:6b:ac:00:67:dc:ca:c5:9b:bc:22:fd:
                    01:e5:7a:36:d6:19:bf:9f:bd:16:9e:18:3d:b8:e2:
                    d7:1c:0b:13:2d:09:cd:39:73:50:b9:fe:34:c5:30:
                    7c:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:A8:13:01:1C:36:52:4A:7B:98:89:8E:EC:08:A3:8C:8E:7B:7B:BF
            X509v3 Authority Key Identifier:
                keyid:9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:a3:17:ca:86:7f:05:e6:b3:de:df:78:48:82:b2:e1:77:ab:
         55:9f:13:04:4c:a9:93:de:d7:82:e1:c9:6a:8b:02:8f:4c:2c:
         83:28:dd:9c:21:ff:2c:ee:0e:fd:a1:ea:cb:0a:cf:1e:ae:aa:
         2a:d3:80:72:ce:f7:51:bf:74:93:59:08:cc:58:80:ae:b1:71:
         68:e9:d7:d6:e4:f1:33:6f:d6:77:e2:ef:63:c5:7c:ae:93:7a:
         91:03:e0:26:12:e8:ac:a0:a6:d7:72:cd:4e:1d:6b:ea:9b:d2:
         ec:c2:2b:03:95:40:89:94:72:ac:c1:be:09:ef:74:ce:cb:11:
         da:38:b1:29:2c:f1:3e:cd:29:1f:84:66:c8:c1:22:41:5a:0a:
         56:c6:75:3f:f5:7f:0d:b5:03:29:19:63:a9:b3:c7:66:03:62:
         59:50:8f:54:9e:3f:2e:e2:1c:63:33:d5:6c:aa:81:25:f1:c9:
         de:99:59:95:73:5a:b7:f7:61:a1:00:91:35:73:de:aa:ad:c6:
         7c:44:27:97:d1:63:d4:be:d3:cc:92:04:28:5a:bf:76:89:9d:
         59:d2:4a:85:e6:13:ba:34:df:de:e9:90:fb:5a:a6:aa:eb:fb:
         16:50:85:d5:a7:36:b2:d7:ff:dc:79:6d:6d:b6:c6:b9:65:1e:
         90:77:3e:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+cqv7BvBL4kxrVgdXe9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZTBiZDRmZWMyOGM0MWM3ZGY4MjE0OGYwOTFlYzNmMzkx
YmRiNzAwHhcNMjUxMTExMDcwMTA4WhcNMjUxMTEyMDcwMTA4WjAzMTEwLwYDVQQD
EyhlNGE4MTMwMTFjMzY1MjRhN2I5ODg5OGVlYzA4YTM4YzhlN2I3YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6ugp93a23mIGjXKbVzcdaDCk+o7
g8P0azutaKguaPwJWv4Fl+M1YbARlsn+8zGiz2H6Exr1pTRqRGOV+ue3KU0OC91M
LyUsSoofp1VJaSakcJVmelq4ITkMBdrq8dU49/PVObKHKUx7T+VtbNMOlqkG2bd1
2xzSYd1X1rMaqyxlo+ALeM2tJhWa0clyhshGZOru2hoWGuFL1DgLszZ+7dRUdbXj
FsoGb8BTSfTk828WU4nUPdnEa/FgpijY+ejn4bqTRIjVUWsippmADlQOAvATrIOq
a6wAZ9zKxZu8Iv0B5Xo21hm/n70Wnhg9uOLXHAsTLQnNOXNQuf40xTB83wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSoEwEcNlJKe5iJjuwIo4yOe3u/MB8GA1UdIwQY
MBaAFJ7gvU/sKMQcffghSPCR7D85G9twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYt
ZWRmYmFiMzM2MWJiLzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYtZWRmYmFiMzM2MWJi
LzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj6MXyoZ/
Beaz3t94SIKy4XerVZ8TBEypk97XguHJaosCj0wsgyjdnCH/LO4O/aHqywrPHq6q
KtOAcs73Ub90k1kIzFiArrFxaOnX1uTxM2/Wd+LvY8V8rpN6kQPgJhLorKCm13LN
Th1r6pvS7MIrA5VAiZRyrMG+Ce90zssR2jixKSzxPs0pH4RmyMEiQVoKVsZ1P/V/
DbUDKRljqbPHZgNiWVCPVJ4/LuIcYzPVbKqBJfHJ3plZlXNat/dhoQCRNXPeqq3G
fEQnl9Fj1L7TzJIEKFq/domdWdJKheYTujTf3umQ+1qmquv7FlCF1ac2stf/3Hlt
bbbGuWUekHc++g==
-----END CERTIFICATE-----