Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          vntKx+3UbbfFv766ng5ntarmlfnJ1RPNYkJBXhV8K+c=
Subject key identifier:   97:55:FE:3F:7C:06:C7:F6:2B:E5:D2:ED:D1:2A:9A:7C:E5:1F:83:15
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       019A72262155157540310EEB00C7D5A04FB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0B81
Signing time:             Tue 11 Nov 2025 09:01:32 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:32 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:32 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: CALe6GWLltxzUrJJNZ0f4eD/cyslRr/OtxR06OhMs5A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:21:55:15:75:40:31:0e:eb:00:c7:d5:a0:4f:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Nov 11 09:01:32 2025 GMT
            Not After : Nov 12 09:01:32 2025 GMT
        Subject: CN=9755fe3f7c06c7f62be5d2edd12a9a7ce51f8315
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:4b:04:8b:ee:f1:6c:10:80:8d:c8:4f:5b:26:
                    c7:cf:ce:29:54:b2:e5:5c:2d:eb:3b:e3:e5:b1:cc:
                    dc:45:21:06:d6:06:20:81:f6:7f:35:21:73:d4:88:
                    13:04:5e:2a:4a:ea:55:ec:99:b2:d4:cf:fd:33:7f:
                    0f:f8:00:48:54:27:95:24:e4:0a:68:5d:a2:c2:01:
                    91:8f:6b:f2:04:5f:22:4c:08:da:35:b3:96:76:a2:
                    b8:39:d7:e3:df:43:12:3a:18:14:98:e1:01:e4:58:
                    50:70:0d:ed:5b:fa:4e:50:2a:ca:16:c6:30:12:89:
                    a7:58:98:9e:4d:36:51:c8:19:93:14:09:86:61:ca:
                    33:81:1a:ad:a8:32:3a:5b:f5:10:aa:58:a4:e0:5e:
                    f1:64:dc:9c:4f:3c:24:28:51:87:68:02:05:ab:b8:
                    0c:32:38:9b:f4:e7:ab:d4:36:c5:1c:3b:df:69:9d:
                    c0:05:55:68:ea:f4:4e:41:90:36:70:cd:7c:ad:9a:
                    96:c6:6c:0d:45:87:dd:44:f6:03:c7:b6:72:a4:be:
                    00:a4:cc:61:fa:73:d3:b5:f0:42:96:48:72:f4:2b:
                    ef:89:93:fb:b1:68:73:47:7a:b5:ad:1d:08:b4:77:
                    f4:3a:93:23:46:47:42:20:28:30:36:e0:8c:65:1a:
                    14:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:55:FE:3F:7C:06:C7:F6:2B:E5:D2:ED:D1:2A:9A:7C:E5:1F:83:15
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:8f:2b:1e:60:67:68:01:f5:52:ba:4a:af:77:3c:26:fd:d1:
         d4:0f:91:fb:75:e3:c5:af:15:79:71:33:43:e7:0f:5c:dd:3f:
         a4:93:d7:51:05:e7:12:17:17:46:ef:b5:9d:53:f3:99:1e:a8:
         b4:23:52:79:d9:5c:d8:06:28:c8:fd:fc:12:33:2e:34:c7:59:
         7e:c7:73:c3:29:15:82:b5:5a:90:54:c2:71:22:83:aa:4c:b3:
         ed:7c:25:2d:ae:2e:43:ce:43:34:a0:a8:d9:67:9b:a9:1e:64:
         d4:07:61:96:4e:78:f9:42:bd:cc:a2:76:44:1f:11:d7:fe:29:
         6a:ff:22:ca:5e:c5:ba:97:f0:20:19:5e:26:dd:7c:02:2c:ba:
         3d:16:88:8b:96:f6:3c:14:72:fd:a3:45:be:00:2a:b5:ff:89:
         2a:3f:7e:44:07:0a:46:da:2a:1c:8c:7e:74:e0:a0:52:be:4e:
         29:fe:a2:39:7e:fa:c6:b0:4e:4d:b5:c8:c0:da:29:d8:7f:9a:
         03:e2:c5:1a:79:53:e5:85:00:60:47:08:48:e0:10:fc:74:43:
         57:a1:94:b6:7e:75:f6:66:c0:e7:ae:6d:1d:5b:61:bf:2e:cd:
         b4:78:8e:93:c0:e3:f0:a0:a0:21:ba:3c:65:66:4f:79:da:c2:
         99:88:2e:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJiFVFXVAMQ7rAMfVoE+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjUxMTExMDkwMTMyWhcNMjUxMTEyMDkwMTMyWjAzMTEwLwYDVQQD
Eyg5NzU1ZmUzZjdjMDZjN2Y2MmJlNWQyZWRkMTJhOWE3Y2U1MWY4MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsksEi+7xbBCAjchPWybHz84pVLLl
XC3rO+PlsczcRSEG1gYggfZ/NSFz1IgTBF4qSupV7Jmy1M/9M38P+ABIVCeVJOQK
aF2iwgGRj2vyBF8iTAjaNbOWdqK4Odfj30MSOhgUmOEB5FhQcA3tW/pOUCrKFsYw
EomnWJieTTZRyBmTFAmGYcozgRqtqDI6W/UQqlik4F7xZNycTzwkKFGHaAIFq7gM
Mjib9Oer1DbFHDvfaZ3ABVVo6vROQZA2cM18rZqWxmwNRYfdRPYDx7ZypL4ApMxh
+nPTtfBClkhy9CvviZP7sWhzR3q1rR0ItHf0OpMjRkdCICgwNuCMZRoUBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdV/j98Bsf2K+XS7dEqmnzlH4MVMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABo8rHmBn
aAH1UrpKr3c8Jv3R1A+R+3Xjxa8VeXEzQ+cPXN0/pJPXUQXnEhcXRu+1nVPzmR6o
tCNSedlc2AYoyP38EjMuNMdZfsdzwykVgrVakFTCcSKDqkyz7XwlLa4uQ85DNKCo
2WebqR5k1Adhlk54+UK9zKJ2RB8R1/4pav8iyl7FupfwIBleJt18Aiy6PRaIi5b2
PBRy/aNFvgAqtf+JKj9+RAcKRtoqHIx+dOCgUr5OKf6iOX76xrBOTbXIwNop2H+a
A+LFGnlT5YUAYEcISOAQ/HRDV6GUtn519mbA565tHVthvy7NtHiOk8Dj8KCgIbo8
ZWZPedrCmYgumQ==
-----END CERTIFICATE-----