Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          +K7Co6uBz8u21w1AyOk+NGELq32xt57fgtY1kZcneQc=
Subject key identifier:   1E:BE:1D:A8:E1:FE:DD:BB:E4:A1:9D:1C:54:CE:B2:E5:7B:D3:F9:C5
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       019923A0B1C4BA517E1035472BE15D499B59
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          166D
Signing time:             Sun 07 Sep 2025 10:02:37 +0000
Manifest this update:     Sun 07 Sep 2025 10:02:37 +0000
Manifest next update:     Mon 08 Sep 2025 10:02:37 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: 3CQvulpTh2E7BJENcC3dCFdsc72SQMkPCBM4Xaea8pE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:a0:b1:c4:ba:51:7e:10:35:47:2b:e1:5d:49:9b:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Sep  7 10:02:37 2025 GMT
            Not After : Sep  8 10:02:37 2025 GMT
        Subject: CN=1ebe1da8e1feddbbe4a19d1c54ceb2e57bd3f9c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:03:68:5d:53:38:8e:76:c1:55:e9:9c:0e:3a:
                    64:c1:75:93:0d:3a:e2:07:41:ca:88:47:6b:7d:08:
                    01:9d:64:f7:e1:a5:c0:91:f5:55:54:8a:68:72:59:
                    85:bd:a6:c4:99:fe:4c:54:99:d8:11:4e:f9:0b:cc:
                    e9:85:ac:ec:08:a8:9f:34:50:da:97:2f:88:b3:97:
                    64:7d:cd:36:48:bb:04:4c:a8:9b:b7:52:ed:ff:20:
                    e9:e8:c2:e0:0d:d0:28:20:fa:3c:8d:52:ba:38:1a:
                    ca:c6:a2:1a:64:56:d8:7e:ab:23:09:b7:4f:af:4a:
                    d8:13:6d:b1:c5:41:42:09:11:fa:48:cb:f0:9b:39:
                    d1:93:46:5f:b6:ee:46:9f:00:36:74:83:fd:02:81:
                    16:10:bf:d7:30:94:71:65:77:cb:ba:ac:50:cc:fc:
                    bb:9c:d8:86:a5:e2:bd:fb:8d:9b:ea:08:cf:29:82:
                    1d:00:d7:c1:1d:6c:30:bf:4c:bc:66:b2:5a:be:50:
                    8f:ab:01:7b:61:c7:f4:30:c0:6f:9c:ab:95:90:be:
                    55:9e:1d:b8:91:3b:9a:e8:6e:72:ca:62:5b:42:e3:
                    00:89:bf:11:dd:56:fd:f3:20:b5:2a:99:6b:db:09:
                    28:eb:91:29:7b:67:be:e1:67:a5:83:38:17:53:b9:
                    49:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:BE:1D:A8:E1:FE:DD:BB:E4:A1:9D:1C:54:CE:B2:E5:7B:D3:F9:C5
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:26:ea:10:8f:87:04:f1:d2:c0:c5:89:f7:e7:33:6f:02:f2:
         bc:08:4d:be:82:b9:e6:5c:0f:55:06:33:d8:01:33:51:88:15:
         7b:06:5a:c7:64:e2:6e:d7:d0:64:5a:01:d8:8d:1b:44:c0:e1:
         5a:7b:54:77:90:3d:e4:11:5c:7d:93:71:cb:63:94:37:0c:36:
         83:5b:bc:74:09:df:a8:99:db:5f:3e:ed:2a:ec:c8:3f:20:74:
         d7:10:49:85:c0:cd:d1:e5:b8:3d:01:91:01:8f:81:e7:33:09:
         dd:c7:3e:0b:ad:71:59:8d:ee:af:f8:9f:68:52:a8:d2:4b:67:
         da:4f:33:f2:3f:4b:86:ca:10:4f:f6:98:5c:f2:8f:b6:d6:d6:
         ef:bc:f4:13:74:26:15:7d:5a:80:5e:b9:65:ae:25:60:ba:4e:
         74:67:42:85:a3:6a:ca:5e:8f:96:45:71:4a:83:39:0f:35:56:
         4a:a3:bf:94:bc:46:25:27:f3:d8:3d:0f:70:1b:70:11:58:18:
         3c:8c:02:2c:5e:5d:19:6d:48:41:01:88:86:d6:7f:cd:57:c9:
         24:17:32:31:07:09:d8:2e:76:59:ee:d8:05:f1:81:05:d3:b9:
         8f:4b:78:32:d6:73:02:f8:a2:0a:04:bc:dd:75:ee:9a:29:30:
         28:31:e7:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoLHEulF+EDVHK+FdSZtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjUwOTA3MTAwMjM3WhcNMjUwOTA4MTAwMjM3WjAzMTEwLwYDVQQD
EygxZWJlMWRhOGUxZmVkZGJiZTRhMTlkMWM1NGNlYjJlNTdiZDNmOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApANoXVM4jnbBVemcDjpkwXWTDTri
B0HKiEdrfQgBnWT34aXAkfVVVIpoclmFvabEmf5MVJnYEU75C8zphazsCKifNFDa
ly+Is5dkfc02SLsETKibt1Lt/yDp6MLgDdAoIPo8jVK6OBrKxqIaZFbYfqsjCbdP
r0rYE22xxUFCCRH6SMvwmznRk0Zftu5GnwA2dIP9AoEWEL/XMJRxZXfLuqxQzPy7
nNiGpeK9+42b6gjPKYIdANfBHWwwv0y8ZrJavlCPqwF7Ycf0MMBvnKuVkL5Vnh24
kTua6G5yymJbQuMAib8R3Vb98yC1Kplr2wko65Epe2e+4WelgzgXU7lJZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6+Hajh/t275KGdHFTOsuV70/nFMB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFSbqEI+H
BPHSwMWJ9+czbwLyvAhNvoK55lwPVQYz2AEzUYgVewZax2TibtfQZFoB2I0bRMDh
WntUd5A95BFcfZNxy2OUNww2g1u8dAnfqJnbXz7tKuzIPyB01xBJhcDN0eW4PQGR
AY+B5zMJ3cc+C61xWY3ur/ifaFKo0ktn2k8z8j9LhsoQT/aYXPKPttbW77z0E3Qm
FX1agF65Za4lYLpOdGdChaNqyl6PlkVxSoM5DzVWSqO/lLxGJSfz2D0PcBtwEVgY
PIwCLF5dGW1IQQGIhtZ/zVfJJBcyMQcJ2C52We7YBfGBBdO5j0t4MtZzAviiCgS8
3XXumikwKDHnHg==
-----END CERTIFICATE-----