Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          EhklEgj+XT+V+KD52YXwhmzNnTfBigVtl1u44CTFxHM=
Subject key identifier:   97:74:29:3E:9D:B1:6C:4E:C9:56:AE:7E:4B:32:16:EA:1D:38:DC:2A
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       019A71B7CE32E8DC2593515E7309ED6799E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          1435
Signing time:             Tue 11 Nov 2025 07:01:02 +0000
Manifest this update:     Tue 11 Nov 2025 07:01:02 +0000
Manifest next update:     Wed 12 Nov 2025 07:01:02 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: 1hB3sZy5BPPHckVN3yr+DdBn4q2v5LuGEuoMZHnIODw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:ce:32:e8:dc:25:93:51:5e:73:09:ed:67:99:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: Nov 11 07:01:02 2025 GMT
            Not After : Nov 12 07:01:02 2025 GMT
        Subject: CN=9774293e9db16c4ec956ae7e4b3216ea1d38dc2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:7a:40:ae:27:de:c4:a3:b5:48:7f:1b:63:3c:
                    b0:81:35:bd:26:f3:78:9f:b7:5a:8f:82:cb:88:74:
                    2d:df:09:e4:75:36:a2:c6:71:68:1e:1f:2e:c0:e2:
                    78:21:f4:0f:5a:e0:eb:41:15:b1:60:29:4b:9f:47:
                    48:53:3c:0d:d1:ba:60:10:4c:7a:dc:33:b7:bd:00:
                    9f:51:e9:cb:1b:62:f9:cb:bf:b0:c3:8f:f2:57:fc:
                    fd:dc:43:2f:e8:ad:1e:e1:9b:1d:95:99:57:15:34:
                    d9:aa:7f:7f:bc:a0:bb:e7:14:2f:25:43:61:2a:78:
                    98:ff:79:c9:5b:00:a6:1f:ea:8b:85:10:d8:4f:28:
                    28:4f:19:ab:25:75:15:7d:b0:c3:01:60:81:65:d4:
                    54:1c:19:c9:ba:0f:51:45:c0:b8:fc:e5:3e:0f:f0:
                    58:fe:e5:a6:ca:6e:7b:8e:2e:2a:db:06:70:d2:3a:
                    90:1b:59:de:3d:05:c2:20:9c:41:43:be:60:ab:6a:
                    ac:b3:9a:fb:1c:6c:0b:60:94:a6:b4:85:95:42:63:
                    6c:97:c7:ec:0b:ad:04:77:3b:fe:b5:fb:77:ff:f4:
                    9a:eb:2b:ed:01:93:81:1b:ae:a9:f9:e8:6d:3c:e1:
                    e0:a5:be:22:ef:2d:8e:17:5a:06:60:45:a6:39:5b:
                    4b:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:74:29:3E:9D:B1:6C:4E:C9:56:AE:7E:4B:32:16:EA:1D:38:DC:2A
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:8f:28:05:68:27:2f:2e:7c:ff:b1:92:91:3b:f7:1c:df:e6:
         d7:77:b9:69:aa:86:77:f1:15:c4:47:b9:5a:20:6a:f3:cd:90:
         d2:3e:bb:12:c5:02:b8:37:27:90:c7:e4:71:b5:9f:75:ec:b3:
         c8:fe:06:3a:73:87:32:42:35:54:bf:3a:0d:0c:92:5d:65:a4:
         c1:ce:7c:c1:ec:8b:4f:df:5f:ff:a9:14:24:84:05:66:93:e7:
         f2:24:b5:26:88:63:77:81:03:b0:12:7a:d7:0c:14:17:ff:c7:
         fa:17:23:19:1b:c6:52:85:57:ad:6e:ec:ca:26:14:3b:89:86:
         0a:f9:74:f5:df:59:f7:ae:8c:2b:27:56:75:01:11:e1:fb:07:
         cd:3a:85:0e:f7:b3:27:b1:33:55:d8:6f:e5:72:43:e1:09:54:
         25:9e:0a:9e:34:2f:47:37:d9:af:4c:ff:26:0f:1d:dc:e1:59:
         6a:7e:43:15:4e:c6:61:4c:1d:a6:9e:38:35:9c:e7:c6:45:70:
         b3:36:47:9d:17:ec:19:a8:59:15:53:1e:ca:b8:a1:33:17:21:
         14:8b:24:04:c2:98:02:cf:7b:a2:43:93:7d:7d:9b:08:c8:5b:
         de:d0:5d:d5:0f:d2:c5:1a:da:76:33:63:a4:83:32:8b:7b:14:
         c2:9a:94:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt84y6Nwlk1FecwntZ5nlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjUxMTExMDcwMTAyWhcNMjUxMTEyMDcwMTAyWjAzMTEwLwYDVQQD
Eyg5Nzc0MjkzZTlkYjE2YzRlYzk1NmFlN2U0YjMyMTZlYTFkMzhkYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnpArifexKO1SH8bYzywgTW9JvN4
n7daj4LLiHQt3wnkdTaixnFoHh8uwOJ4IfQPWuDrQRWxYClLn0dIUzwN0bpgEEx6
3DO3vQCfUenLG2L5y7+ww4/yV/z93EMv6K0e4ZsdlZlXFTTZqn9/vKC75xQvJUNh
KniY/3nJWwCmH+qLhRDYTygoTxmrJXUVfbDDAWCBZdRUHBnJug9RRcC4/OU+D/BY
/uWmym57ji4q2wZw0jqQG1nePQXCIJxBQ75gq2qss5r7HGwLYJSmtIWVQmNsl8fs
C60Edzv+tft3//Sa6yvtAZOBG66p+ehtPOHgpb4i7y2OF1oGYEWmOVtLVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJd0KT6dsWxOyVaufksyFuodONwqMB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYI8oBWgn
Ly58/7GSkTv3HN/m13e5aaqGd/EVxEe5WiBq882Q0j67EsUCuDcnkMfkcbWfdeyz
yP4GOnOHMkI1VL86DQySXWWkwc58weyLT99f/6kUJIQFZpPn8iS1Johjd4EDsBJ6
1wwUF//H+hcjGRvGUoVXrW7syiYUO4mGCvl09d9Z966MKydWdQER4fsHzTqFDvez
J7EzVdhv5XJD4QlUJZ4KnjQvRzfZr0z/Jg8d3OFZan5DFU7GYUwdpp44NZznxkVw
szZHnRfsGahZFVMeyrihMxchFIskBMKYAs97okOTfX2bCMhb3tBd1Q/SxRradjNj
pIMyi3sUwpqUFA==
-----END CERTIFICATE-----