Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
File:                     NkITiw7v_lajLMuqWNb_5u3D8p4.mft (raw, json)
Hash identifier:          bviLmcIpF10N9gwmRcp6Z3rc1LgCjDBrGfK2u85rPMs=
Subject key identifier:   D1:2E:C5:D0:32:E9:B7:36:96:59:D5:54:18:52:A1:EB:0A:75:95:4D
Authority key identifier: 36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E
Certificate issuer:       /CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
Certificate serial:       019A71B7A4F548106EDD9E41AAE03C3A8D85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
Manifest number:          0623
Signing time:             Tue 11 Nov 2025 07:00:51 +0000
Manifest this update:     Tue 11 Nov 2025 07:00:51 +0000
Manifest next update:     Wed 12 Nov 2025 07:00:51 +0000
Files and hashes:         1: NkITiw7v_lajLMuqWNb_5u3D8p4.crl (hash: sw9bxk5/T0HvmDGdgflZe0EOQReznoH3fZRWqXSAOsY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b7:a4:f5:48:10:6e:dd:9e:41:aa:e0:3c:3a:8d:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3642138b0eeffe56a32ccbaa58d6ffe6edc3f29e
        Validity
            Not Before: Nov 11 07:00:51 2025 GMT
            Not After : Nov 12 07:00:51 2025 GMT
        Subject: CN=d12ec5d032e9b7369659d5541852a1eb0a75954d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:06:f6:ee:cb:8b:93:06:2a:50:77:10:94:22:
                    cf:36:2a:25:1d:66:00:59:e5:ff:f1:cc:98:23:ea:
                    2e:cf:ca:f6:52:ce:7a:7e:5d:fd:f0:69:0a:ec:78:
                    12:62:a7:6a:fd:85:3d:5a:8b:8d:20:ec:66:50:a8:
                    ef:82:6d:f2:fe:86:80:9d:ff:8a:37:a2:2f:fa:14:
                    d2:fd:48:c8:22:f3:9b:73:a7:c1:94:7c:08:7d:3f:
                    6c:c9:15:be:81:74:f7:e1:97:9e:70:72:a1:92:b8:
                    65:28:cb:08:ad:34:a7:b0:c6:09:f0:c0:4c:93:92:
                    9f:9b:32:09:21:24:91:e1:d1:09:37:1c:c6:15:07:
                    c0:34:1c:9f:2f:14:3a:9b:61:59:7c:b6:e7:6c:b4:
                    80:fd:96:26:e1:a6:88:61:6f:c5:c4:6a:28:09:98:
                    39:6f:93:df:0e:7e:cb:f1:fe:a0:16:54:26:bc:dc:
                    4d:ae:ae:37:9d:fa:98:be:8d:98:3a:b0:df:b8:d6:
                    fb:29:ec:5d:ec:ab:51:aa:b9:61:75:53:e4:45:38:
                    c6:ba:ff:56:38:12:f3:4c:f1:5e:c0:29:3c:ba:03:
                    18:35:45:a8:cb:e1:86:7c:88:2f:05:8c:3f:64:a3:
                    10:a9:97:11:fa:f9:8d:c6:ce:c9:4d:4a:f7:f0:2c:
                    a0:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:2E:C5:D0:32:E9:B7:36:96:59:D5:54:18:52:A1:EB:0A:75:95:4D
            X509v3 Authority Key Identifier:
                keyid:36:42:13:8B:0E:EF:FE:56:A3:2C:CB:AA:58:D6:FF:E6:ED:C3:F2:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkITiw7v_lajLMuqWNb_5u3D8p4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/4b5cf1-4320-44c2-9358-e07f959356a1/1/NkITiw7v_lajLMuqWNb_5u3D8p4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:4e:db:c3:28:72:3d:22:90:c6:9d:a5:62:77:89:1f:ad:5f:
         03:e7:00:d3:6c:cd:14:55:62:16:9b:48:c8:27:8e:83:4b:97:
         6c:97:4c:9b:a7:f3:f4:a3:a7:70:a5:ea:18:d6:56:d4:ba:eb:
         00:f5:3b:ce:77:dc:0e:c0:86:83:f8:58:33:c9:3f:dd:19:4f:
         3f:7f:78:9e:28:fc:ba:6b:ad:80:27:cb:b0:c7:a5:a3:60:86:
         5f:aa:95:a0:22:3e:5a:b7:80:06:e2:4d:5b:17:50:86:35:76:
         fc:18:99:81:bb:12:10:49:a4:eb:e6:73:1d:7a:2e:cd:21:2b:
         ba:9c:b2:4b:01:6b:dc:44:a0:d5:1c:b6:c5:00:be:44:ca:51:
         26:9d:b6:01:e4:d0:56:9e:b3:d6:b0:c5:9b:b8:ae:fc:bf:1e:
         25:ca:01:ae:ca:9a:8a:32:da:6b:c0:83:d9:3e:f6:64:db:22:
         4a:52:5e:9b:02:18:4e:2a:81:bc:fc:5e:b5:84:b0:9f:39:1f:
         68:ea:27:cd:ad:ef:18:ef:42:4d:26:7b:df:77:12:c0:ce:cf:
         0e:4d:ec:85:07:01:65:c3:5a:bf:fb:d9:83:77:ec:17:49:76:
         f2:09:54:7a:03:31:75:00:46:a5:22:b8:1e:6d:a4:f9:b3:28:
         e3:6d:e9:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt6T1SBBu3Z5BquA8Oo2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDIxMzhiMGVlZmZlNTZhMzJjY2JhYTU4ZDZmZmU2ZWRj
M2YyOWUwHhcNMjUxMTExMDcwMDUxWhcNMjUxMTEyMDcwMDUxWjAzMTEwLwYDVQQD
EyhkMTJlYzVkMDMyZTliNzM2OTY1OWQ1NTQxODUyYTFlYjBhNzU5NTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQb27suLkwYqUHcQlCLPNiolHWYA
WeX/8cyYI+ouz8r2Us56fl398GkK7HgSYqdq/YU9WouNIOxmUKjvgm3y/oaAnf+K
N6Iv+hTS/UjIIvObc6fBlHwIfT9syRW+gXT34ZeecHKhkrhlKMsIrTSnsMYJ8MBM
k5KfmzIJISSR4dEJNxzGFQfANByfLxQ6m2FZfLbnbLSA/ZYm4aaIYW/FxGooCZg5
b5PfDn7L8f6gFlQmvNxNrq43nfqYvo2YOrDfuNb7Kexd7KtRqrlhdVPkRTjGuv9W
OBLzTPFewCk8ugMYNUWoy+GGfIgvBYw/ZKMQqZcR+vmNxs7JTUr38CygUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNEuxdAy6bc2llnVVBhSoesKdZVNMB8GA1UdIwQY
MBaAFDZCE4sO7/5WoyzLqljW/+btw/KeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgt
ZTA3Zjk1OTM1NmExLzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80YjVjZjEtNDMyMC00NGMyLTkzNTgtZTA3Zjk1OTM1NmEx
LzEvTmtJVGl3N3ZfbGFqTE11cVdOYl81dTNEOHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACE7bwyhy
PSKQxp2lYneJH61fA+cA02zNFFViFptIyCeOg0uXbJdMm6fz9KOncKXqGNZW1Lrr
APU7znfcDsCGg/hYM8k/3RlPP394nij8umutgCfLsMelo2CGX6qVoCI+WreABuJN
WxdQhjV2/BiZgbsSEEmk6+ZzHXouzSErupyySwFr3ESg1Ry2xQC+RMpRJp22AeTQ
Vp6z1rDFm7iu/L8eJcoBrsqaijLaa8CD2T72ZNsiSlJemwIYTiqBvPxetYSwnzkf
aOonza3vGO9CTSZ733cSwM7PDk3shQcBZcNav/vZg3fsF0l28glUegMxdQBGpSK4
Hm2k+bMo423png==
-----END CERTIFICATE-----