Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
File:                     jNspNdndDVhbZVEYdkwBxtdvdMI.mft (raw, json)
Hash identifier:          CHzAB5Erh+h0j6FI2BGbO+64b23YScCdWR9eNYa4r3E=
Subject key identifier:   36:9B:8A:9C:F2:6B:FE:CC:67:3C:77:82:59:A8:D0:AB:94:11:7D:F6
Authority key identifier: 8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2
Certificate issuer:       /CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
Certificate serial:       019A72CA467E258889158723E2F8A82A57B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
Manifest number:          0827
Signing time:             Tue 11 Nov 2025 12:00:50 +0000
Manifest this update:     Tue 11 Nov 2025 12:00:50 +0000
Manifest next update:     Wed 12 Nov 2025 12:00:50 +0000
Files and hashes:         1: jNspNdndDVhbZVEYdkwBxtdvdMI.crl (hash: 42WrolYzM4KUeDw1vnSJZEu93ZRYG4T0A7xi2rsKUB0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:ca:46:7e:25:88:89:15:87:23:e2:f8:a8:2a:57:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
        Validity
            Not Before: Nov 11 12:00:50 2025 GMT
            Not After : Nov 12 12:00:50 2025 GMT
        Subject: CN=369b8a9cf26bfecc673c778259a8d0ab94117df6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:42:3f:0d:7d:f1:12:10:3d:8e:65:8f:8d:89:
                    64:2e:b6:04:13:22:69:ff:2f:06:44:2b:cc:71:11:
                    6d:28:14:52:aa:7a:a1:01:52:6f:15:85:17:4d:6c:
                    61:73:5c:b9:c5:97:70:22:7e:9c:bc:8a:41:2b:60:
                    98:c5:ed:8c:af:d6:d6:25:c3:b0:79:ae:6d:93:10:
                    14:6a:46:fa:6b:eb:db:ba:a3:25:9d:e1:5f:40:2d:
                    1c:93:2d:d3:1b:0e:d7:fb:33:35:74:60:d4:d5:c9:
                    8e:c5:b6:15:50:d2:e5:9a:24:2f:47:20:9b:6c:7b:
                    15:5c:ca:42:a5:3c:0b:d3:f5:8b:b7:26:65:1e:28:
                    c8:d7:60:83:a5:b3:18:d8:24:c2:b1:dc:9e:81:b3:
                    e0:97:a1:84:f9:ae:d7:19:e5:0e:88:14:55:9d:f3:
                    04:9b:ae:b7:99:78:51:d1:f1:5a:ad:47:fe:17:7b:
                    45:03:09:af:aa:26:6a:ae:4f:27:3f:19:2f:e1:f6:
                    80:9f:5d:7f:e6:08:73:88:a6:21:87:49:67:a8:9e:
                    6c:fc:c1:49:5e:f0:5c:d4:2c:53:7f:8d:dd:c3:bf:
                    35:d0:d4:86:af:d4:94:96:4a:79:24:67:3c:74:96:
                    e6:1f:86:7d:47:a0:f6:87:03:13:fa:21:03:db:0a:
                    98:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:9B:8A:9C:F2:6B:FE:CC:67:3C:77:82:59:A8:D0:AB:94:11:7D:F6
            X509v3 Authority Key Identifier:
                keyid:8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:76:a7:33:2a:4c:99:88:47:07:c8:10:f2:98:2a:d1:e2:24:
         88:07:50:2d:04:0f:90:72:b2:b2:88:05:ef:b6:dd:c2:7e:d5:
         44:24:24:b3:9c:92:08:90:25:1e:c2:2b:2b:0c:55:51:4c:36:
         55:c3:6f:1b:b5:9a:fe:58:f8:3e:34:e1:f0:7f:d1:1e:5f:4d:
         06:86:62:34:46:d5:4e:51:e4:46:8e:0c:6d:33:ed:f2:c6:c5:
         af:90:e6:1f:da:a3:f9:8f:76:1f:bf:13:48:34:a5:69:17:18:
         45:0d:34:f9:7a:07:e0:71:ae:09:1f:21:a2:68:54:40:b5:5a:
         38:de:26:b3:4f:e5:a0:d0:d5:8f:d3:59:6c:24:c8:7f:7a:f9:
         2c:67:55:fe:2d:57:7e:3b:ea:e1:15:06:bf:9c:3d:b6:34:81:
         ee:ca:ac:dc:21:de:1b:c3:96:b9:2e:8b:22:db:43:bc:18:3b:
         b0:85:2d:ce:11:58:e0:9f:51:3b:b5:85:e7:49:d2:33:fd:74:
         ce:c6:90:79:8f:b4:1a:41:3c:14:da:91:93:05:6c:c8:7f:c6:
         8a:63:06:65:77:90:0c:20:9a:64:46:94:de:6f:2e:7c:89:20:
         80:7d:94:01:91:4f:7c:5f:01:41:86:7a:14:24:88:b8:82:3c:
         c4:75:41:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyykZ+JYiJFYcj4vioKle5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGIyOTM1ZDlkZDBkNTg1YjY1NTExODc2NGMwMWM2ZDc2
Zjc0YzIwHhcNMjUxMTExMTIwMDUwWhcNMjUxMTEyMTIwMDUwWjAzMTEwLwYDVQQD
EygzNjliOGE5Y2YyNmJmZWNjNjczYzc3ODI1OWE4ZDBhYjk0MTE3ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0I/DX3xEhA9jmWPjYlkLrYEEyJp
/y8GRCvMcRFtKBRSqnqhAVJvFYUXTWxhc1y5xZdwIn6cvIpBK2CYxe2Mr9bWJcOw
ea5tkxAUakb6a+vbuqMlneFfQC0cky3TGw7X+zM1dGDU1cmOxbYVUNLlmiQvRyCb
bHsVXMpCpTwL0/WLtyZlHijI12CDpbMY2CTCsdyegbPgl6GE+a7XGeUOiBRVnfME
m663mXhR0fFarUf+F3tFAwmvqiZqrk8nPxkv4faAn11/5ghziKYhh0lnqJ5s/MFJ
XvBc1CxTf43dw7810NSGr9SUlkp5JGc8dJbmH4Z9R6D2hwMT+iED2wqY1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDabipzya/7MZzx3glmo0KuUEX32MB8GA1UdIwQY
MBaAFIzbKTXZ3Q1YW2VRGHZMAcbXb3TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEt
NTQ1NmUxNWQ0NjcxLzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEtNTQ1NmUxNWQ0Njcx
LzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZXanMypM
mYhHB8gQ8pgq0eIkiAdQLQQPkHKysogF77bdwn7VRCQks5ySCJAlHsIrKwxVUUw2
VcNvG7Wa/lj4PjTh8H/RHl9NBoZiNEbVTlHkRo4MbTPt8sbFr5DmH9qj+Y92H78T
SDSlaRcYRQ00+XoH4HGuCR8homhUQLVaON4ms0/loNDVj9NZbCTIf3r5LGdV/i1X
fjvq4RUGv5w9tjSB7sqs3CHeG8OWuS6LIttDvBg7sIUtzhFY4J9RO7WF50nSM/10
zsaQeY+0GkE8FNqRkwVsyH/GimMGZXeQDCCaZEaU3m8ufIkggH2UAZFPfF8BQYZ6
FCSIuII8xHVBOg==
-----END CERTIFICATE-----