Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
File:                     nuC9T-woxBx9-CFI8JHsPzkb23A.mft (raw, json)
Hash identifier:          EK/tJ/9J4/OTo1W7Ctq0JnSprSGmiRvrqAKc8wgAXAo=
Subject key identifier:   D1:80:E2:93:F5:60:B0:6C:E9:B0:46:A2:58:CC:65:D9:D0:94:CB:AF
Authority key identifier: 9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70
Certificate issuer:       /CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
Certificate serial:       0199239FE71498CEEED0E56B1DF185F13844
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
Manifest number:          0820
Signing time:             Sun 07 Sep 2025 10:01:45 +0000
Manifest this update:     Sun 07 Sep 2025 10:01:45 +0000
Manifest next update:     Mon 08 Sep 2025 10:01:45 +0000
Files and hashes:         1: nuC9T-woxBx9-CFI8JHsPzkb23A.crl (hash: 9cnjuxIK1a/wXN35Zuw4rCY/wb+lb1ofOVpyEQO3J7I=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9f:e7:14:98:ce:ee:d0:e5:6b:1d:f1:85:f1:38:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
        Validity
            Not Before: Sep  7 10:01:45 2025 GMT
            Not After : Sep  8 10:01:45 2025 GMT
        Subject: CN=d180e293f560b06ce9b046a258cc65d9d094cbaf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:49:de:4c:b5:8b:31:91:97:a3:e8:0c:90:ea:
                    ff:c8:2f:a4:21:e6:91:ef:4c:eb:75:69:0b:fb:37:
                    85:bc:e2:23:2d:dd:3e:39:b8:e3:7f:a9:48:6e:dc:
                    a6:58:11:2b:db:a6:09:88:80:ed:4f:7b:33:d1:fe:
                    ac:62:43:83:87:35:22:90:48:53:22:ed:26:24:d8:
                    69:1f:f9:ea:be:60:be:c0:c5:f6:2f:a1:d8:d3:4f:
                    57:49:58:a3:4f:0e:54:e8:e8:c9:48:7e:e1:c6:da:
                    f3:42:38:0f:25:25:54:aa:9c:13:fd:a1:ef:4d:79:
                    b8:69:5e:67:ce:f7:81:fc:39:5e:f6:fc:7e:eb:d8:
                    e2:63:7e:06:b4:6a:eb:07:d4:b6:cc:99:da:c8:f4:
                    14:73:40:ce:d8:a0:fa:4b:c4:ef:56:4d:5c:32:8c:
                    71:fe:3c:27:e3:d8:bd:dd:23:1c:f7:e1:0c:ac:42:
                    bd:f9:48:0f:62:5d:92:34:c4:bd:cd:4c:0c:af:e0:
                    98:94:a8:9f:e8:00:40:5b:b9:13:26:f2:99:77:a8:
                    51:2f:8b:ee:c3:3c:d6:ba:b9:f0:45:32:1b:ef:e0:
                    fe:d2:4a:be:b5:29:4a:b3:57:76:af:2a:e0:d2:c5:
                    fd:36:07:0d:19:45:33:2d:65:a9:9a:5a:22:2c:7d:
                    47:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:80:E2:93:F5:60:B0:6C:E9:B0:46:A2:58:CC:65:D9:D0:94:CB:AF
            X509v3 Authority Key Identifier:
                keyid:9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:0d:c3:6c:21:f7:a0:54:41:6e:0a:10:fe:38:01:a7:c2:38:
         88:8a:80:a1:e0:5a:06:5b:fb:9a:cb:fa:02:d2:d8:ed:ae:ec:
         79:7b:59:0c:f5:cf:a7:72:69:61:84:7e:8e:c8:d4:67:f2:25:
         c7:94:59:05:04:6c:a9:bf:01:0f:6e:9a:f9:9b:53:72:7e:45:
         95:c0:47:a1:c2:9a:90:43:59:6a:72:ac:62:ad:23:fc:97:15:
         b3:ba:42:71:39:f6:85:07:6a:e8:46:32:c7:f7:01:ce:21:bc:
         9e:14:9d:20:d9:c9:6f:6a:00:2e:dd:fb:ca:1e:8f:47:ad:53:
         f1:21:95:4f:47:66:59:66:e7:47:53:db:11:5c:71:76:04:4d:
         f2:7b:e6:3d:0e:aa:e9:54:6a:88:6d:1c:d9:30:22:b9:1c:08:
         05:cd:8e:ea:78:b6:07:b2:48:e7:9c:b3:f1:1e:94:cd:49:9d:
         e0:37:d4:10:90:c7:7a:02:45:7a:e3:be:96:0b:1f:29:84:3b:
         bb:9b:a8:0f:4d:36:11:d5:6f:f3:84:b6:bb:43:92:b7:b6:04:
         98:91:4f:be:a4:f9:7f:3f:fc:57:c2:1a:31:f7:f4:0c:3c:d6:
         b3:c0:18:b6:b8:e0:90:b2:2a:da:03:e4:5f:c3:f7:16:43:8c:
         67:80:17:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjn+cUmM7u0OVrHfGF8ThEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZTBiZDRmZWMyOGM0MWM3ZGY4MjE0OGYwOTFlYzNmMzkx
YmRiNzAwHhcNMjUwOTA3MTAwMTQ1WhcNMjUwOTA4MTAwMTQ1WjAzMTEwLwYDVQQD
EyhkMTgwZTI5M2Y1NjBiMDZjZTliMDQ2YTI1OGNjNjVkOWQwOTRjYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0neTLWLMZGXo+gMkOr/yC+kIeaR
70zrdWkL+zeFvOIjLd0+Objjf6lIbtymWBEr26YJiIDtT3sz0f6sYkODhzUikEhT
Iu0mJNhpH/nqvmC+wMX2L6HY009XSVijTw5U6OjJSH7hxtrzQjgPJSVUqpwT/aHv
TXm4aV5nzveB/Dle9vx+69jiY34GtGrrB9S2zJnayPQUc0DO2KD6S8TvVk1cMoxx
/jwn49i93SMc9+EMrEK9+UgPYl2SNMS9zUwMr+CYlKif6ABAW7kTJvKZd6hRL4vu
wzzWurnwRTIb7+D+0kq+tSlKs1d2ryrg0sX9NgcNGUUzLWWpmloiLH1H+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGA4pP1YLBs6bBGoljMZdnQlMuvMB8GA1UdIwQY
MBaAFJ7gvU/sKMQcffghSPCR7D85G9twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYt
ZWRmYmFiMzM2MWJiLzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYtZWRmYmFiMzM2MWJi
LzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqw3DbCH3
oFRBbgoQ/jgBp8I4iIqAoeBaBlv7msv6AtLY7a7seXtZDPXPp3JpYYR+jsjUZ/Il
x5RZBQRsqb8BD26a+ZtTcn5FlcBHocKakENZanKsYq0j/JcVs7pCcTn2hQdq6EYy
x/cBziG8nhSdINnJb2oALt37yh6PR61T8SGVT0dmWWbnR1PbEVxxdgRN8nvmPQ6q
6VRqiG0c2TAiuRwIBc2O6ni2B7JI55yz8R6UzUmd4DfUEJDHegJFeuO+lgsfKYQ7
u5uoD002EdVv84S2u0OSt7YEmJFPvqT5fz/8V8IaMff0DDzWs8AYtrjgkLIq2gPk
X8P3FkOMZ4AX+g==
-----END CERTIFICATE-----