Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
File:                     NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft (raw, json)
Hash identifier:          wcY9zEvsEM6apWk4mGZXF9oZEtqM2xK9cll1VkJXpdE=
Subject key identifier:   1E:6F:B6:95:D4:4E:B7:8B:2F:F4:DE:2B:EB:AC:C3:BE:FD:FC:A4:92
Authority key identifier: 35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F
Certificate issuer:       /CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
Certificate serial:       019A1EAE3895E98460C28DD8A49157B863B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
Manifest number:          09A2
Signing time:             Sun 26 Oct 2025 04:02:05 +0000
Manifest this update:     Sun 26 Oct 2025 04:02:05 +0000
Manifest next update:     Mon 27 Oct 2025 04:02:05 +0000
Files and hashes:         1: NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl (hash: eBETd/bRROL+CCLxqc6uf+/yqpbI90g2jjEdyiLt4N8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 Oct 2025 03:42:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:1e:ae:38:95:e9:84:60:c2:8d:d8:a4:91:57:b8:63:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
        Validity
            Not Before: Oct 26 04:02:05 2025 GMT
            Not After : Oct 27 04:02:05 2025 GMT
        Subject: CN=1e6fb695d44eb78b2ff4de2bebacc3befdfca492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a6:e6:42:72:4b:af:f7:1c:e0:22:a4:af:45:
                    9b:cf:46:56:a9:cd:24:75:54:b8:bb:fd:ce:dd:36:
                    42:38:f1:82:9a:01:92:54:a4:a3:15:6b:5a:d7:57:
                    e7:34:31:86:12:5f:04:b3:80:b0:b4:e8:35:66:04:
                    13:85:0c:f2:1f:f7:3b:b9:fb:bc:1d:a8:20:5d:ee:
                    fc:ac:f5:2a:f1:ec:77:30:42:fc:f4:30:c7:bf:b4:
                    82:0b:4e:a5:07:78:4c:66:a8:bd:99:1d:59:80:51:
                    44:5e:a5:37:06:9c:82:5b:32:a5:b5:58:6d:33:42:
                    04:7a:08:b1:57:90:72:05:08:75:ae:71:d0:47:76:
                    20:38:11:89:bf:5a:55:88:e1:78:16:fe:5c:77:77:
                    49:ad:70:1b:bb:33:8e:f0:36:2a:2f:4e:99:74:0d:
                    92:c0:8c:58:2d:15:3f:36:d3:f8:60:22:38:0d:2d:
                    04:88:3d:69:ef:7e:e7:86:ee:42:41:b4:a8:d0:96:
                    68:47:46:57:6f:65:b6:8d:b3:63:ce:93:7a:64:20:
                    75:27:5d:1a:0f:68:04:fa:05:aa:9d:94:99:55:eb:
                    7e:f4:d5:01:69:1b:d8:4a:0b:b6:52:93:a4:73:ad:
                    66:c2:af:4d:e2:9a:e1:f0:68:30:ce:cc:05:79:86:
                    26:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:6F:B6:95:D4:4E:B7:8B:2F:F4:DE:2B:EB:AC:C3:BE:FD:FC:A4:92
            X509v3 Authority Key Identifier:
                keyid:35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:cb:9c:2c:67:ef:ba:46:84:ca:8e:26:85:c6:be:f1:40:15:
         f4:bc:d6:23:83:b7:be:ed:d4:ef:7d:85:48:a0:78:d1:51:6d:
         c2:04:9d:ed:48:88:31:c4:8a:8c:2d:2a:ef:b3:26:9a:5c:be:
         07:74:7b:fa:50:58:6a:fb:8d:6d:a4:70:a0:14:b4:95:01:57:
         fd:28:2e:f3:91:99:f7:69:0b:2e:d6:d9:27:8f:65:9a:b3:9d:
         3c:71:0b:11:ff:74:23:cd:f6:5f:11:ac:b8:67:60:49:ae:15:
         b9:7f:d2:11:24:81:a5:22:88:bf:2e:1f:1e:13:38:f5:d3:17:
         be:97:40:2e:11:10:f1:00:c7:c7:62:82:03:2c:20:da:d7:9a:
         ed:36:36:98:bf:4d:be:fb:ba:59:04:fd:34:b5:70:e0:a0:88:
         ba:42:a0:8f:14:62:6d:aa:2b:b2:63:0e:ec:11:51:9d:26:84:
         ee:10:83:47:17:b0:1d:62:aa:70:44:73:42:98:f6:54:f3:21:
         65:35:b7:29:ee:8e:86:ae:f8:5a:1b:a7:24:0e:d4:25:f3:96:
         72:cc:cc:5b:8d:12:68:ce:60:32:fb:17:8e:9e:d6:03:e7:1d:
         f9:71:e3:78:ff:bb:82:a1:f9:ab:dd:04:eb:1f:3d:f3:62:9f:
         1f:b1:5c:93
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoerjiV6YRgwo3YpJFXuGOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDZiYjdlYzA2NjYwMjJmMDNjMGJkOWY1NWY3OGMwYTdl
YWRhOWYwHhcNMjUxMDI2MDQwMjA1WhcNMjUxMDI3MDQwMjA1WjAzMTEwLwYDVQQD
EygxZTZmYjY5NWQ0NGViNzhiMmZmNGRlMmJlYmFjYzNiZWZkZmNhNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvabmQnJLr/cc4CKkr0Wbz0ZWqc0k
dVS4u/3O3TZCOPGCmgGSVKSjFWta11fnNDGGEl8Es4CwtOg1ZgQThQzyH/c7ufu8
HaggXe78rPUq8ex3MEL89DDHv7SCC06lB3hMZqi9mR1ZgFFEXqU3BpyCWzKltVht
M0IEegixV5ByBQh1rnHQR3YgOBGJv1pViOF4Fv5cd3dJrXAbuzOO8DYqL06ZdA2S
wIxYLRU/NtP4YCI4DS0EiD1p737nhu5CQbSo0JZoR0ZXb2W2jbNjzpN6ZCB1J10a
D2gE+gWqnZSZVet+9NUBaRvYSgu2UpOkc61mwq9N4prh8GgwzswFeYYm0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB5vtpXUTreLL/TeK+usw779/KSSMB8GA1UdIwQY
MBaAFDUGu37AZmAi8DwL2fVfeMCn6tqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYt
NDEzYTU5NThhN2YzLzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYtNDEzYTU5NThhN2Yz
LzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfcucLGfv
ukaEyo4mhca+8UAV9LzWI4O3vu3U732FSKB40VFtwgSd7UiIMcSKjC0q77Mmmly+
B3R7+lBYavuNbaRwoBS0lQFX/Sgu85GZ92kLLtbZJ49lmrOdPHELEf90I832XxGs
uGdgSa4VuX/SESSBpSKIvy4fHhM49dMXvpdALhEQ8QDHx2KCAywg2tea7TY2mL9N
vvu6WQT9NLVw4KCIukKgjxRibaorsmMO7BFRnSaE7hCDRxewHWKqcERzQpj2VPMh
ZTW3Ke6Ohq74WhunJA7UJfOWcszMW40SaM5gMvsXjp7WA+cd+XHjeP+7gqH5q90E
6x8982KfH7Fckw==
-----END CERTIFICATE-----