Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          Lnt67g50508D8SLYiChfCbwA7zLWAE+89l8bop+ISiQ=
Subject key identifier:   60:C5:4D:CA:96:6A:C4:97:8E:9A:4E:0A:B3:2C:91:74:D3:2A:CE:FA
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       019A71B8EB579730633474318E72293EBEF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          1719
Signing time:             Tue 11 Nov 2025 07:02:15 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:15 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:15 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: q7WHvHGRoE3QO8buS7Bk7Z600Bmu7e5cPw9QJbFKzqo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:eb:57:97:30:63:34:74:31:8e:72:29:3e:be:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Nov 11 07:02:15 2025 GMT
            Not After : Nov 12 07:02:15 2025 GMT
        Subject: CN=60c54dca966ac4978e9a4e0ab32c9174d32acefa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:8f:50:a0:67:6f:e4:71:e4:f9:f9:ed:9b:28:
                    ef:a0:52:69:a1:a3:87:74:b4:67:fe:28:f3:67:e8:
                    b6:de:66:3d:d4:40:26:8c:79:65:76:39:11:e5:84:
                    f2:3b:51:48:48:8c:3a:08:06:a4:9e:0f:4d:fd:d0:
                    56:56:3c:29:a8:f1:51:61:6c:9b:bf:81:66:6d:33:
                    aa:3e:46:55:ea:26:6c:38:5b:ea:2c:23:e2:41:6c:
                    7a:73:ab:82:1c:38:cd:50:12:0b:b7:fe:c8:d6:26:
                    96:6a:43:75:7c:79:e3:04:a5:8a:e0:8c:d7:31:de:
                    a8:4c:41:4c:e8:b6:52:a4:88:2a:d1:06:b5:16:9d:
                    e6:9a:ba:d2:b2:6c:8f:cc:12:35:48:a1:2f:a0:fe:
                    58:4a:29:4e:63:d5:e3:16:d3:7d:ad:3d:7a:c1:86:
                    e5:7f:17:e3:ce:ab:4f:87:fd:f6:0d:8a:51:f2:87:
                    b7:b8:bf:db:fc:b6:bc:c1:4f:74:92:a6:fe:07:e4:
                    9d:84:2a:89:46:24:09:dd:79:c3:ee:40:34:4f:6b:
                    a9:54:34:bd:cd:00:d7:7c:dd:20:43:f2:51:9f:ad:
                    e9:45:60:8c:07:d8:fe:6b:24:be:1d:a9:36:d6:7b:
                    d7:ad:a3:1c:d7:9e:4c:6d:0d:28:f2:ff:3c:4b:1e:
                    c4:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:C5:4D:CA:96:6A:C4:97:8E:9A:4E:0A:B3:2C:91:74:D3:2A:CE:FA
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:48:78:d6:80:2b:41:49:06:ac:d7:f2:f5:60:38:43:4c:33:
         c2:27:d5:84:94:84:f9:ff:68:c8:f7:ad:78:1a:46:73:e5:a0:
         45:12:45:88:b7:dd:4a:5d:5e:f4:24:16:55:bb:aa:01:60:25:
         f9:33:39:5e:c7:8e:9f:cb:53:f6:0c:68:28:c8:4c:1a:eb:65:
         c9:64:a7:72:e0:6d:08:00:1f:7d:92:f6:40:d3:55:00:1c:41:
         95:f3:85:71:6a:c4:44:c2:a4:36:80:4b:68:9d:c6:d6:84:13:
         80:ed:62:6d:c3:3a:17:a6:b3:56:1d:e3:cc:cb:24:41:1d:5b:
         f2:07:70:f7:1c:3a:8e:b0:11:fd:a0:51:e3:e0:da:70:6e:97:
         21:8c:c2:66:66:17:64:94:f4:d1:12:f3:ca:e9:d5:e3:79:d9:
         25:1a:33:5a:b2:41:c9:c9:eb:de:9f:df:b1:11:8a:14:27:bf:
         53:79:96:6b:d1:93:ce:06:ea:0a:b1:e6:ea:aa:fa:ea:c8:9a:
         55:75:05:ad:6f:7c:29:86:9a:80:72:ee:9f:7e:33:df:95:69:
         4f:63:18:10:37:b7:fb:5a:58:77:64:01:cd:f8:c9:b8:82:33:
         8f:bd:12:ae:75:64:3f:6d:b1:46:9a:8c:bd:23:fb:c6:40:a3:
         ee:f2:ff:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOtXlzBjNHQxjnIpPr7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjUxMTExMDcwMjE1WhcNMjUxMTEyMDcwMjE1WjAzMTEwLwYDVQQD
Eyg2MGM1NGRjYTk2NmFjNDk3OGU5YTRlMGFiMzJjOTE3NGQzMmFjZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA749QoGdv5HHk+fntmyjvoFJpoaOH
dLRn/ijzZ+i23mY91EAmjHlldjkR5YTyO1FISIw6CAakng9N/dBWVjwpqPFRYWyb
v4FmbTOqPkZV6iZsOFvqLCPiQWx6c6uCHDjNUBILt/7I1iaWakN1fHnjBKWK4IzX
Md6oTEFM6LZSpIgq0Qa1Fp3mmrrSsmyPzBI1SKEvoP5YSilOY9XjFtN9rT16wYbl
fxfjzqtPh/32DYpR8oe3uL/b/La8wU90kqb+B+SdhCqJRiQJ3XnD7kA0T2upVDS9
zQDXfN0gQ/JRn63pRWCMB9j+ayS+Hak21nvXraMc155MbQ0o8v88Sx7EeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGDFTcqWasSXjppOCrMskXTTKs76MB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXUh41oAr
QUkGrNfy9WA4Q0wzwifVhJSE+f9oyPeteBpGc+WgRRJFiLfdSl1e9CQWVbuqAWAl
+TM5XseOn8tT9gxoKMhMGutlyWSncuBtCAAffZL2QNNVABxBlfOFcWrERMKkNoBL
aJ3G1oQTgO1ibcM6F6azVh3jzMskQR1b8gdw9xw6jrAR/aBR4+DacG6XIYzCZmYX
ZJT00RLzyunV43nZJRozWrJBycnr3p/fsRGKFCe/U3mWa9GTzgbqCrHm6qr66sia
VXUFrW98KYaagHLun34z35VpT2MYEDe3+1pYd2QBzfjJuIIzj70SrnVkP22xRpqM
vSP7xkCj7vL/JA==
-----END CERTIFICATE-----