Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
File:                     NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft (raw, json)
Hash identifier:          sSw8MO0ICxbUKxlYLN76xbJXETu9P+393K642XX6qyU=
Subject key identifier:   EF:BD:AE:9F:B3:59:B3:B2:CC:5E:D8:B3:0D:EC:CD:AD:F1:AA:0B:55
Authority key identifier: 35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05
Certificate issuer:       /CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05
Certificate serial:       019A711356434FF4876AE4AC9C88EEA5EADE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
Manifest number:          0ACB
Signing time:             Tue 11 Nov 2025 04:01:23 +0000
Manifest this update:     Tue 11 Nov 2025 04:01:23 +0000
Manifest next update:     Wed 12 Nov 2025 04:01:23 +0000
Files and hashes:         1: NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl (hash: Ab0YoDsG2Bb5PIp+HaGwNTBrZiaL9wf0E5Q8MkN/uWE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 04:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:13:56:43:4f:f4:87:6a:e4:ac:9c:88:ee:a5:ea:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05
        Validity
            Not Before: Nov 11 04:01:23 2025 GMT
            Not After : Nov 12 04:01:23 2025 GMT
        Subject: CN=efbdae9fb359b3b2cc5ed8b30deccdadf1aa0b55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:df:83:89:03:3d:7e:1c:5c:cf:77:c2:73:c5:
                    5d:d8:d5:c8:cb:10:a5:bd:83:36:48:82:7b:65:b5:
                    92:0d:6f:87:80:2d:74:4b:14:01:8e:60:73:68:01:
                    70:fc:96:cd:43:62:a7:fa:bc:48:16:1a:fd:47:b3:
                    60:87:11:1f:ea:02:29:d1:a1:9c:a7:29:19:6c:2a:
                    55:e6:bc:a9:b3:0a:42:90:3e:6d:15:77:3d:0e:5b:
                    f8:76:f9:c0:21:ab:0f:32:91:d2:49:8c:fa:2e:ba:
                    ae:7e:62:fc:73:b5:7f:ff:18:8a:69:f7:ab:17:fd:
                    bd:12:64:5f:73:1d:2a:92:11:40:f1:bc:c0:9a:2d:
                    4b:5e:74:da:9b:c4:81:91:07:91:22:38:cb:9d:98:
                    f0:86:48:9c:0c:11:b9:36:a5:f7:7b:e2:4d:60:80:
                    8b:79:6c:ae:de:72:68:f9:44:e0:04:42:a9:52:a4:
                    1a:f9:20:a5:1a:21:88:6a:1b:53:21:ad:2e:91:d5:
                    39:3c:21:3f:a6:98:51:b7:f9:77:3b:a2:33:4b:4c:
                    29:42:94:27:b3:9e:e0:7a:27:1b:8f:d1:28:90:f0:
                    60:69:e5:6c:1c:e0:86:ad:6c:0a:6a:26:bb:4f:d0:
                    11:c6:57:b1:a8:fb:89:74:58:cd:d0:f1:e4:4b:c5:
                    08:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:BD:AE:9F:B3:59:B3:B2:CC:5E:D8:B3:0D:EC:CD:AD:F1:AA:0B:55
            X509v3 Authority Key Identifier:
                keyid:35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:6b:d0:90:ce:3d:bc:85:e0:60:47:14:95:82:7a:9a:65:c5:
         5f:f4:8a:30:c8:53:19:be:e0:f2:f3:c8:1b:2a:89:2f:5b:c1:
         6f:08:4f:51:99:ae:2e:5c:59:fa:e8:12:8f:0a:12:64:6e:22:
         f0:6d:5a:ed:8d:c4:d4:36:a2:a5:77:16:aa:81:01:01:9d:ad:
         4d:64:38:05:4e:c4:68:45:61:2f:ad:65:26:b7:0c:b9:7d:f9:
         42:30:fa:ed:40:98:86:f4:c2:05:df:cd:ed:28:cc:4d:49:3d:
         23:20:b2:98:4a:ac:c4:3c:83:3c:58:a1:a1:f8:6d:a8:5b:56:
         7b:e3:30:d0:6f:10:d8:9a:7d:22:49:d1:13:13:b7:a0:51:13:
         ed:76:98:0e:26:1d:04:39:0d:46:22:63:ce:d9:e0:2a:d2:7f:
         fa:4f:2c:07:3c:ba:70:79:70:9f:05:b8:b4:d5:96:29:d8:f9:
         76:f7:a4:5a:1b:e1:2e:08:77:45:69:81:6c:44:e5:4b:e9:5a:
         b4:5e:b9:68:a9:b6:bc:e7:10:50:a1:f4:c1:98:4b:82:aa:13:
         d8:ac:14:d0:50:ec:cc:84:29:87:b1:c5:a2:85:20:df:72:e2:
         ce:da:a0:cb:1a:5f:6b:30:44:e3:ff:b2:48:43:91:96:5c:4c:
         86:5a:0c:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1ZDT/SHauSsnIjupereMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YTU1NWUxNDZiZTRhZTVmN2NjZmU1YTNjMTJkM2YyYTI1
NDNiMDUwHhcNMjUxMTExMDQwMTIzWhcNMjUxMTEyMDQwMTIzWjAzMTEwLwYDVQQD
EyhlZmJkYWU5ZmIzNTliM2IyY2M1ZWQ4YjMwZGVjY2RhZGYxYWEwYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29+DiQM9fhxcz3fCc8Vd2NXIyxCl
vYM2SIJ7ZbWSDW+HgC10SxQBjmBzaAFw/JbNQ2Kn+rxIFhr9R7NghxEf6gIp0aGc
pykZbCpV5rypswpCkD5tFXc9Dlv4dvnAIasPMpHSSYz6LrqufmL8c7V//xiKafer
F/29EmRfcx0qkhFA8bzAmi1LXnTam8SBkQeRIjjLnZjwhkicDBG5NqX3e+JNYICL
eWyu3nJo+UTgBEKpUqQa+SClGiGIahtTIa0ukdU5PCE/pphRt/l3O6IzS0wpQpQn
s57geicbj9EokPBgaeVsHOCGrWwKaia7T9ARxlexqPuJdFjN0PHkS8UIjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO+9rp+zWbOyzF7Ysw3sza3xqgtVMB8GA1UdIwQY
MBaAFDWlVeFGvkrl98z+WjwS0/KiVDsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgt
MDUxY2QzMGNiY2YxLzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgtMDUxY2QzMGNiY2Yx
LzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQWvQkM49
vIXgYEcUlYJ6mmXFX/SKMMhTGb7g8vPIGyqJL1vBbwhPUZmuLlxZ+ugSjwoSZG4i
8G1a7Y3E1DaipXcWqoEBAZ2tTWQ4BU7EaEVhL61lJrcMuX35QjD67UCYhvTCBd/N
7SjMTUk9IyCymEqsxDyDPFihofhtqFtWe+Mw0G8Q2Jp9IknRExO3oFET7XaYDiYd
BDkNRiJjztngKtJ/+k8sBzy6cHlwnwW4tNWWKdj5dvekWhvhLgh3RWmBbETlS+la
tF65aKm2vOcQUKH0wZhLgqoT2KwU0FDszIQph7HFooUg33LiztqgyxpfazBE4/+y
SEORllxMhloMWg==
-----END CERTIFICATE-----