Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
File:                     Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft (raw, json)
Hash identifier:          OVo7lkpC3R6lONGlDsTSD1iuEsxsGHyToNWBx4o8dBI=
Subject key identifier:   00:4A:A1:0C:3A:5E:A3:8A:E6:5A:01:3E:2F:70:45:3D:00:B9:D8:BC
Authority key identifier: 35:FC:74:B5:79:8C:70:5B:30:BD:0E:AF:A9:8F:FD:3D:5B:D4:22:B0
Certificate issuer:       /CN=35fc74b5798c705b30bd0eafa98ffd3d5bd422b0
Certificate serial:       019A72265D3FEDCFE9629A06EFF7B528EED9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
Manifest number:          04EA
Signing time:             Tue 11 Nov 2025 09:01:48 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:48 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:48 +0000
Files and hashes:         1: Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl (hash: 0xVSqAJGgZBMtyUOe8KSXuzun8W0wgjYl5Z3GInywDo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:26:5d:3f:ed:cf:e9:62:9a:06:ef:f7:b5:28:ee:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35fc74b5798c705b30bd0eafa98ffd3d5bd422b0
        Validity
            Not Before: Nov 11 09:01:48 2025 GMT
            Not After : Nov 12 09:01:48 2025 GMT
        Subject: CN=004aa10c3a5ea38ae65a013e2f70453d00b9d8bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0a:9c:20:da:78:1f:9f:03:bc:c5:d5:79:1a:
                    17:27:fe:d7:75:00:28:21:34:42:82:eb:12:b5:d5:
                    a8:89:9f:88:66:0b:8b:7d:1a:44:2b:f1:f0:34:ad:
                    9e:50:41:95:e2:db:55:66:95:bd:d1:1d:b9:91:43:
                    1b:b8:99:fe:2e:c0:f6:41:da:bc:31:88:3c:16:cf:
                    c7:8f:7f:2d:0e:d9:84:88:f3:95:f4:03:25:34:27:
                    a7:53:a5:86:52:6a:a4:2c:d0:ea:81:93:f5:7f:cc:
                    11:43:b8:f3:65:dc:61:9d:64:ce:dd:ee:ea:60:e7:
                    f0:00:c8:86:f0:b9:8a:c0:41:ee:14:ce:d9:dc:a0:
                    01:d9:f3:a4:69:76:11:2a:6d:dd:75:6e:f7:ba:ce:
                    19:4b:75:82:5a:24:7d:7d:7d:fa:34:d2:e3:a6:8f:
                    5d:a4:07:02:01:06:c4:f8:cd:6e:82:e3:5b:8f:a2:
                    19:5c:ad:71:19:2b:4c:ab:44:7d:c8:83:cd:e1:e5:
                    38:d5:dd:ad:52:bc:22:66:28:ce:60:45:fc:0d:6e:
                    82:78:28:f4:55:4f:f2:a5:14:9a:8b:4e:12:98:2a:
                    5a:51:9c:f7:87:a4:86:ef:20:60:b1:9c:38:8a:39:
                    07:c0:31:f0:7c:fb:ab:a6:22:9a:f5:99:eb:36:cc:
                    ea:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:4A:A1:0C:3A:5E:A3:8A:E6:5A:01:3E:2F:70:45:3D:00:B9:D8:BC
            X509v3 Authority Key Identifier:
                keyid:35:FC:74:B5:79:8C:70:5B:30:BD:0E:AF:A9:8F:FD:3D:5B:D4:22:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:32:7a:65:68:e0:ff:ad:85:35:48:b7:c3:e1:72:f5:42:a0:
         07:47:5d:b3:67:5d:ce:6f:9c:b4:ca:cd:d0:dc:8c:50:25:6c:
         dc:3e:74:4f:81:56:78:11:e6:0d:af:fd:05:35:8b:f5:65:0b:
         c4:a6:20:6b:19:bd:e4:63:8c:01:8d:29:b2:1a:c1:e1:0b:52:
         ae:27:ac:8f:60:a3:1e:7d:00:04:80:8b:9f:c7:7c:85:12:61:
         06:85:44:78:24:1c:cf:bf:2d:55:a6:d1:53:95:c5:0a:19:b9:
         5a:fb:3e:de:e0:46:a0:aa:5d:06:3d:55:6c:13:4a:ba:c3:b2:
         fb:85:30:52:4d:e7:82:f4:99:ab:1b:0b:6d:2f:ee:c1:7c:2e:
         6f:63:2b:16:0b:5d:b9:f5:30:d3:2d:b6:90:ba:a8:54:45:fb:
         90:ce:1f:21:28:86:4c:d4:aa:ee:29:ff:51:f7:6f:96:71:20:
         b5:8d:bb:fd:0b:cf:f0:56:d5:0a:d7:24:56:16:ad:15:4a:b0:
         9f:81:36:3f:ef:68:9d:4e:30:41:18:13:aa:d5:03:f1:e1:70:
         b5:f9:24:44:68:e0:f7:fb:c7:22:52:0d:d4:84:c4:a9:07:df:
         36:40:65:46:48:23:d7:66:17:0b:c1:ce:74:94:86:85:25:fb:
         d8:cf:37:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJl0/7c/pYpoG7/e1KO7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZmM3NGI1Nzk4YzcwNWIzMGJkMGVhZmE5OGZmZDNkNWJk
NDIyYjAwHhcNMjUxMTExMDkwMTQ4WhcNMjUxMTEyMDkwMTQ4WjAzMTEwLwYDVQQD
EygwMDRhYTEwYzNhNWVhMzhhZTY1YTAxM2UyZjcwNDUzZDAwYjlkOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwqcINp4H58DvMXVeRoXJ/7XdQAo
ITRCgusStdWoiZ+IZguLfRpEK/HwNK2eUEGV4ttVZpW90R25kUMbuJn+LsD2Qdq8
MYg8Fs/Hj38tDtmEiPOV9AMlNCenU6WGUmqkLNDqgZP1f8wRQ7jzZdxhnWTO3e7q
YOfwAMiG8LmKwEHuFM7Z3KAB2fOkaXYRKm3ddW73us4ZS3WCWiR9fX36NNLjpo9d
pAcCAQbE+M1uguNbj6IZXK1xGStMq0R9yIPN4eU41d2tUrwiZijOYEX8DW6CeCj0
VU/ypRSai04SmCpaUZz3h6SG7yBgsZw4ijkHwDHwfPurpiKa9ZnrNszqBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFABKoQw6XqOK5loBPi9wRT0Audi8MB8GA1UdIwQY
MBaAFDX8dLV5jHBbML0Or6mP/T1b1CKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xMTVjZDAtMDhkZC00N2FjLTk4NDgt
Y2RkY2QxODM1NTE2LzEvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xMTVjZDAtMDhkZC00N2FjLTk4NDgtY2RkY2QxODM1NTE2
LzEvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVzJ6ZWjg
/62FNUi3w+Fy9UKgB0dds2ddzm+ctMrN0NyMUCVs3D50T4FWeBHmDa/9BTWL9WUL
xKYgaxm95GOMAY0pshrB4QtSriesj2CjHn0ABICLn8d8hRJhBoVEeCQcz78tVabR
U5XFChm5Wvs+3uBGoKpdBj1VbBNKusOy+4UwUk3ngvSZqxsLbS/uwXwub2MrFgtd
ufUw0y22kLqoVEX7kM4fISiGTNSq7in/UfdvlnEgtY27/QvP8FbVCtckVhatFUqw
n4E2P+9onU4wQRgTqtUD8eFwtfkkRGjg9/vHIlIN1ITEqQffNkBlRkgj12YXC8HO
dJSGhSX72M836A==
-----END CERTIFICATE-----