Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
File:                     nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json)
Hash identifier:          s6jkMpSazv7P1nx8160aEnlBRxJ6C4klBGUrFFRQA+k=
Subject key identifier:   79:0D:68:6C:96:58:5C:66:82:F7:AA:50:E5:51:55:73:28:E4:12:7C
Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03
Certificate issuer:       /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
Certificate serial:       019A71EEE015CD6DE03549AB6655A4FE697D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
Manifest number:          09AC
Signing time:             Tue 11 Nov 2025 08:01:11 +0000
Manifest this update:     Tue 11 Nov 2025 08:01:11 +0000
Manifest next update:     Wed 12 Nov 2025 08:01:11 +0000
Files and hashes:         1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: V91Zn+AfaKp4IiJ+XZbaf63eT2wT+TUjyZNQoOrfP8w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 08:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:ee:e0:15:cd:6d:e0:35:49:ab:66:55:a4:fe:69:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
        Validity
            Not Before: Nov 11 08:01:11 2025 GMT
            Not After : Nov 12 08:01:11 2025 GMT
        Subject: CN=790d686c96585c6682f7aa50e551557328e4127c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:9f:60:fd:27:d4:06:41:12:86:77:60:e3:c4:
                    54:81:8b:00:b7:40:ad:7e:b2:f2:c3:04:30:34:bc:
                    4e:f9:dd:86:57:1e:af:e3:ae:4b:7b:8f:84:2a:98:
                    1b:79:3f:8d:eb:4f:9d:6c:3d:6f:cc:02:20:83:e8:
                    4d:0d:53:33:6d:02:f7:51:a1:19:ff:05:91:3c:36:
                    9b:18:25:e5:f6:9b:ef:a1:cb:fe:74:e7:f2:7c:93:
                    f8:37:d2:e2:7a:56:55:d8:8b:cb:af:b9:c1:78:52:
                    84:db:8c:d3:72:d4:97:76:6f:73:28:5c:59:59:d8:
                    04:ff:e8:82:2a:b9:71:cf:9e:e6:09:6c:e1:fd:d7:
                    b0:26:7b:7e:c2:ba:6a:b6:45:70:bf:1b:ea:ae:49:
                    ea:26:7d:19:72:46:81:9e:d4:04:77:a1:ad:90:50:
                    8d:e4:ed:7d:77:cc:95:35:cc:95:ee:c1:f3:34:c9:
                    46:50:1e:22:af:03:71:cd:36:2c:61:9f:ff:37:f1:
                    02:7d:d0:34:39:7a:f6:cd:10:84:5d:68:b8:32:5f:
                    4f:8e:8f:cb:b6:d2:40:e4:fa:84:c6:3d:e3:ce:0c:
                    66:29:3e:30:5f:69:4d:61:05:8c:80:58:84:1c:2b:
                    fe:29:16:0e:d9:5b:99:dd:f1:8e:45:73:03:9c:09:
                    74:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:0D:68:6C:96:58:5C:66:82:F7:AA:50:E5:51:55:73:28:E4:12:7C
            X509v3 Authority Key Identifier:
                keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:ad:d4:16:96:d1:e1:21:d7:53:d4:28:46:b9:9b:f6:de:e3:
         b3:7b:5d:b2:19:88:17:04:24:e9:db:3e:aa:04:31:a8:14:13:
         36:2b:13:b0:04:d2:1d:25:04:7c:51:8d:1a:d8:3b:0c:b8:f7:
         dc:fe:50:04:02:ac:98:0c:80:1b:e5:bf:df:cf:b0:76:a3:d8:
         e1:0a:8a:00:6d:f2:01:c1:e0:79:f6:bc:2e:78:bf:d5:3f:bd:
         3c:89:9b:03:db:36:9b:b6:13:85:cb:ec:73:b9:41:d1:7f:29:
         fb:15:e3:08:39:21:15:d5:db:db:55:a4:27:4d:27:3f:45:a9:
         6d:05:a5:4e:23:bb:29:fe:53:6c:78:39:d6:1f:1d:d0:6a:fb:
         be:77:ee:11:13:d7:7b:a8:eb:76:79:10:bc:4e:bc:45:e0:05:
         65:8e:db:69:e3:bf:71:b2:72:8b:4d:7d:b9:46:9d:5f:3c:b4:
         3a:af:39:bd:ad:14:a0:7e:f8:c8:7a:17:ee:c0:9a:ce:94:b6:
         d5:87:4f:fb:cb:01:ba:4c:b5:74:2e:68:47:c6:13:b6:56:f6:
         a2:e2:32:a1:00:4e:87:bb:9a:1a:bc:b1:8e:9f:de:24:d5:fd:
         11:3f:8a:ef:f9:ae:5a:66:ca:d7:5e:51:9c:16:45:dc:b6:29:
         1b:e5:dc:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7uAVzW3gNUmrZlWk/ml9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi
YzA0MDMwHhcNMjUxMTExMDgwMTExWhcNMjUxMTEyMDgwMTExWjAzMTEwLwYDVQQD
Eyg3OTBkNjg2Yzk2NTg1YzY2ODJmN2FhNTBlNTUxNTU3MzI4ZTQxMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1p9g/SfUBkEShndg48RUgYsAt0Ct
frLywwQwNLxO+d2GVx6v465Le4+EKpgbeT+N60+dbD1vzAIgg+hNDVMzbQL3UaEZ
/wWRPDabGCXl9pvvocv+dOfyfJP4N9LielZV2IvLr7nBeFKE24zTctSXdm9zKFxZ
WdgE/+iCKrlxz57mCWzh/dewJnt+wrpqtkVwvxvqrknqJn0ZckaBntQEd6GtkFCN
5O19d8yVNcyV7sHzNMlGUB4irwNxzTYsYZ//N/ECfdA0OXr2zRCEXWi4Ml9Pjo/L
ttJA5PqExj3jzgxmKT4wX2lNYQWMgFiEHCv+KRYO2VuZ3fGORXMDnAl0CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkNaGyWWFxmgveqUOVRVXMo5BJ8MB8GA1UdIwQY
MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt
MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk
LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK63UFpbR
4SHXU9QoRrmb9t7js3tdshmIFwQk6ds+qgQxqBQTNisTsATSHSUEfFGNGtg7DLj3
3P5QBAKsmAyAG+W/38+wdqPY4QqKAG3yAcHgefa8Lni/1T+9PImbA9s2m7YThcvs
c7lB0X8p+xXjCDkhFdXb21WkJ00nP0WpbQWlTiO7Kf5TbHg51h8d0Gr7vnfuERPX
e6jrdnkQvE68ReAFZY7baeO/cbJyi019uUadXzy0Oq85va0UoH74yHoX7sCazpS2
1YdP+8sBuky1dC5oR8YTtlb2ouIyoQBOh7uaGryxjp/eJNX9ET+K7/muWmbK115R
nBZF3LYpG+Xccg==
-----END CERTIFICATE-----