Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          I4dQyfS3CsmQtwD8wPleyGjJNqGqYPA8lKIjRU4N/oA=
Subject key identifier:   C9:10:4D:E0:97:74:D8:5D:47:6B:0C:70:1E:91:13:98:7E:EC:BD:64
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       019A71B976009F3CBAA54857B1F8E92FBA03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          0F2D
Signing time:             Tue 11 Nov 2025 07:02:50 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:50 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:50 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: LwFfm1D9yOG2MYi1o1qNIfbLkeeapbvKZMLA+7dW8ZI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b9:76:00:9f:3c:ba:a5:48:57:b1:f8:e9:2f:ba:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Nov 11 07:02:50 2025 GMT
            Not After : Nov 12 07:02:50 2025 GMT
        Subject: CN=c9104de09774d85d476b0c701e9113987eecbd64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:d8:59:f7:84:03:b8:4c:22:a6:9a:cf:c4:a7:
                    74:f2:b4:03:85:09:58:a0:84:4e:f5:00:a5:d6:99:
                    0f:db:df:f0:59:6e:cc:38:fa:51:fc:ea:c3:d4:f3:
                    6d:a5:bd:ad:55:5a:59:82:12:89:c3:5e:00:61:81:
                    8f:b2:b0:51:86:47:98:78:c1:71:a3:bb:b6:78:ab:
                    bc:37:24:49:ae:be:e4:28:c1:cb:70:ed:64:a3:5f:
                    ba:fa:ba:f4:b9:a1:18:44:f7:a1:c4:0a:9c:88:de:
                    c4:15:9f:47:4b:56:6a:c7:51:1d:1d:d1:c9:a4:53:
                    92:3f:1f:f3:86:a8:5f:62:c4:8e:f2:f0:65:c5:a0:
                    53:d6:df:78:07:30:60:36:6e:5b:c6:e9:72:cc:44:
                    65:11:c1:49:73:d5:3d:11:c4:5d:9d:f4:06:a0:3b:
                    14:a0:97:c9:3a:51:21:17:01:95:17:ee:9a:80:fc:
                    73:7e:68:db:de:b1:78:69:71:2a:89:c5:f3:07:fc:
                    4b:71:6c:d7:68:29:92:f3:ce:5e:2b:a4:f0:e7:3e:
                    f8:06:cd:bb:85:e3:ea:22:e4:ca:8d:c0:75:b4:16:
                    9a:f4:fc:22:81:1d:b1:f1:ee:6d:bf:60:ad:da:0e:
                    bd:84:48:fe:80:fe:fc:58:40:90:c6:2c:2a:7b:33:
                    29:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:10:4D:E0:97:74:D8:5D:47:6B:0C:70:1E:91:13:98:7E:EC:BD:64
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:8a:b2:67:f7:51:28:a0:3e:db:3c:09:75:8c:46:e5:20:21:
         57:12:12:10:d3:29:51:de:ea:41:af:f1:66:eb:db:53:be:b1:
         11:30:12:fd:cd:24:2e:6c:31:3f:2c:3d:4d:b4:92:e2:9f:a4:
         46:b6:68:28:9d:81:09:fd:9a:22:b7:6a:30:ef:31:5f:c6:40:
         d8:bc:ff:0c:6c:ab:4f:fc:de:a0:c1:db:31:18:7f:a8:58:94:
         c8:e9:2f:b5:32:02:b5:44:92:ef:a1:36:bf:f1:1c:6a:12:33:
         25:5b:bb:45:02:51:f0:26:98:3d:55:82:61:17:1c:fd:d2:83:
         80:c7:62:87:8c:89:bd:5d:e8:48:24:ea:37:96:a0:55:5e:e6:
         93:ee:9c:17:1f:17:77:23:2d:2a:e8:19:ca:5d:5e:65:d1:b8:
         76:34:a6:e8:9b:a3:80:ad:c3:f7:0d:b1:b8:03:78:1e:df:d9:
         41:13:01:d6:bc:bf:0d:42:bc:81:81:31:ad:2e:4f:7a:8d:b7:
         50:2b:2a:76:45:52:de:59:a9:4b:07:66:ed:6c:60:a0:58:23:
         c5:0a:98:37:4b:61:e2:e0:34:83:91:d9:4a:eb:6f:78:a3:e2:
         d8:c3:35:ee:90:c9:14:31:60:76:c6:8f:59:46:12:f8:6d:88:
         7f:26:51:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuXYAnzy6pUhXsfjpL7oDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjUxMTExMDcwMjUwWhcNMjUxMTEyMDcwMjUwWjAzMTEwLwYDVQQD
EyhjOTEwNGRlMDk3NzRkODVkNDc2YjBjNzAxZTkxMTM5ODdlZWNiZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNhZ94QDuEwipprPxKd08rQDhQlY
oIRO9QCl1pkP29/wWW7MOPpR/OrD1PNtpb2tVVpZghKJw14AYYGPsrBRhkeYeMFx
o7u2eKu8NyRJrr7kKMHLcO1ko1+6+rr0uaEYRPehxAqciN7EFZ9HS1Zqx1EdHdHJ
pFOSPx/zhqhfYsSO8vBlxaBT1t94BzBgNm5bxulyzERlEcFJc9U9EcRdnfQGoDsU
oJfJOlEhFwGVF+6agPxzfmjb3rF4aXEqicXzB/xLcWzXaCmS885eK6Tw5z74Bs27
hePqIuTKjcB1tBaa9PwigR2x8e5tv2Ct2g69hEj+gP78WECQxiwqezMpWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkQTeCXdNhdR2sMcB6RE5h+7L1kMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmIqyZ/dR
KKA+2zwJdYxG5SAhVxISENMpUd7qQa/xZuvbU76xETAS/c0kLmwxPyw9TbSS4p+k
RrZoKJ2BCf2aIrdqMO8xX8ZA2Lz/DGyrT/zeoMHbMRh/qFiUyOkvtTICtUSS76E2
v/EcahIzJVu7RQJR8CaYPVWCYRcc/dKDgMdih4yJvV3oSCTqN5agVV7mk+6cFx8X
dyMtKugZyl1eZdG4djSm6JujgK3D9w2xuAN4Ht/ZQRMB1ry/DUK8gYExrS5Peo23
UCsqdkVS3lmpSwdm7WxgoFgjxQqYN0th4uA0g5HZSutveKPi2MM17pDJFDFgdsaP
WUYS+G2IfyZR0Q==
-----END CERTIFICATE-----