Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft
File:                     nGCyJ8t1doofV4Vuw1M8loSCYZw.mft (raw, json)
Hash identifier:          G7YzwbOodVhhnWfTZ7r6Y05WxHKM99OHpDqde3Nmbvk=
Subject key identifier:   EE:A5:2A:7D:C5:52:33:E0:91:59:1B:BF:3E:29:EC:63:C0:42:DB:E8
Authority key identifier: 9C:60:B2:27:CB:75:76:8A:1F:57:85:6E:C3:53:3C:96:84:82:61:9C
Certificate issuer:       /CN=9c60b227cb75768a1f57856ec3533c968482619c
Certificate serial:       019A7225FB2482A75A0A1EAA0F8C66F0E06B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft
Manifest number:          15D1
Signing time:             Tue 11 Nov 2025 09:01:22 +0000
Manifest this update:     Tue 11 Nov 2025 09:01:22 +0000
Manifest next update:     Wed 12 Nov 2025 09:01:22 +0000
Files and hashes:         1: nGCyJ8t1doofV4Vuw1M8loSCYZw.crl (hash: OHxp0vdShLUC7GNNVHYu9fvz61h75Oi4lACrhTXIX+c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 09:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:72:25:fb:24:82:a7:5a:0a:1e:aa:0f:8c:66:f0:e0:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c60b227cb75768a1f57856ec3533c968482619c
        Validity
            Not Before: Nov 11 09:01:22 2025 GMT
            Not After : Nov 12 09:01:22 2025 GMT
        Subject: CN=eea52a7dc55233e091591bbf3e29ec63c042dbe8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7c:12:31:43:00:c7:f9:91:c2:d0:8b:7a:ae:
                    cd:bc:46:28:a0:d9:e4:f2:e8:90:af:d5:73:cf:8a:
                    5e:7c:9c:b1:51:5b:74:60:93:42:42:48:ef:ba:99:
                    00:1d:94:dd:70:2c:9d:eb:b3:f5:dc:00:00:3a:a0:
                    04:0f:24:aa:74:b4:40:c2:1a:44:9e:04:db:c0:ea:
                    7b:14:84:69:f6:62:1c:d3:ec:91:30:3a:0f:b4:4b:
                    aa:8f:90:58:e9:bd:36:6e:9f:50:43:21:88:1d:c9:
                    1c:dd:1f:7c:c2:dd:e1:cf:71:59:73:72:7f:c4:1b:
                    c9:86:60:87:19:79:53:0f:9f:82:0f:1c:c6:83:c7:
                    9b:6e:1d:f3:da:1c:da:32:45:6e:6c:4f:b3:ca:b3:
                    cd:dc:3a:30:2e:ab:a4:29:74:bd:e3:f3:02:9a:eb:
                    9a:9a:73:bc:78:70:46:3a:f3:8b:ff:1b:c3:df:44:
                    09:4b:79:a5:52:2d:b3:1e:54:7c:19:aa:d9:cf:59:
                    6c:5f:c6:c5:43:8b:50:7d:6d:3d:08:20:7b:ff:b4:
                    f9:d2:8b:64:90:c0:8b:b1:e5:47:84:e7:ec:80:ea:
                    39:7e:b1:e9:48:9d:fd:9b:73:a5:d8:4d:3e:cf:38:
                    5a:11:76:43:d7:3c:b4:54:e2:33:67:93:6d:59:60:
                    22:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:A5:2A:7D:C5:52:33:E0:91:59:1B:BF:3E:29:EC:63:C0:42:DB:E8
            X509v3 Authority Key Identifier:
                keyid:9C:60:B2:27:CB:75:76:8A:1F:57:85:6E:C3:53:3C:96:84:82:61:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:11:5f:c6:6d:94:29:e0:0a:9f:30:56:00:1d:54:b3:2c:f9:
         1f:f6:06:eb:e1:a4:78:84:8e:6b:ba:d2:a9:a6:09:48:1b:8d:
         52:68:35:f9:13:9b:b5:c9:f4:4e:83:3d:d1:c2:4b:26:a8:c2:
         e9:66:44:70:e1:de:ba:d6:05:48:e4:32:39:76:d2:31:16:0e:
         6d:89:6b:da:57:d6:4d:3c:c2:4e:d8:67:21:64:fb:1c:88:2b:
         3e:11:02:aa:c1:5a:f8:58:46:60:b2:83:e5:72:28:4e:e2:51:
         f1:60:e3:e4:ae:42:70:21:ed:c2:90:3c:21:71:7c:b1:1b:4c:
         ec:ae:4f:9d:b0:c3:a9:23:a5:32:0a:de:28:1d:87:fe:66:4a:
         a1:ab:1c:45:12:f1:40:7a:0d:e4:2e:66:8b:ef:f5:d1:d5:08:
         fb:e2:cf:17:a0:d3:8f:86:27:87:f8:8a:6a:43:89:e7:aa:1b:
         16:90:50:05:8e:75:0d:37:b3:d0:1e:d6:e5:c7:ea:d8:ab:4f:
         c2:4b:2e:d6:f4:cc:37:18:95:9a:42:91:1c:7e:05:0f:39:5d:
         f7:41:03:7b:ca:17:0c:90:29:15:80:94:09:20:b6:20:00:78:
         c9:b2:dc:dd:b1:61:44:e4:e6:27:b9:a3:c1:7e:ba:82:49:7b:
         e3:10:34:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJfskgqdaCh6qD4xm8OBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjBiMjI3Y2I3NTc2OGExZjU3ODU2ZWMzNTMzYzk2ODQ4
MjYxOWMwHhcNMjUxMTExMDkwMTIyWhcNMjUxMTEyMDkwMTIyWjAzMTEwLwYDVQQD
EyhlZWE1MmE3ZGM1NTIzM2UwOTE1OTFiYmYzZTI5ZWM2M2MwNDJkYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXwSMUMAx/mRwtCLeq7NvEYooNnk
8uiQr9Vzz4pefJyxUVt0YJNCQkjvupkAHZTdcCyd67P13AAAOqAEDySqdLRAwhpE
ngTbwOp7FIRp9mIc0+yRMDoPtEuqj5BY6b02bp9QQyGIHckc3R98wt3hz3FZc3J/
xBvJhmCHGXlTD5+CDxzGg8ebbh3z2hzaMkVubE+zyrPN3DowLqukKXS94/MCmuua
mnO8eHBGOvOL/xvD30QJS3mlUi2zHlR8GarZz1lsX8bFQ4tQfW09CCB7/7T50otk
kMCLseVHhOfsgOo5frHpSJ39m3Ol2E0+zzhaEXZD1zy0VOIzZ5NtWWAi7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6lKn3FUjPgkVkbvz4p7GPAQtvoMB8GA1UdIwQY
MBaAFJxgsifLdXaKH1eFbsNTPJaEgmGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xMWM5OWYtNGZkNS00NTIyLTg1YzQt
ODkxOGEyOGM0ZjdjLzEvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8xMWM5OWYtNGZkNS00NTIyLTg1YzQtODkxOGEyOGM0Zjdj
LzEvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEBFfxm2U
KeAKnzBWAB1Usyz5H/YG6+GkeISOa7rSqaYJSBuNUmg1+RObtcn0ToM90cJLJqjC
6WZEcOHeutYFSOQyOXbSMRYObYlr2lfWTTzCTthnIWT7HIgrPhECqsFa+FhGYLKD
5XIoTuJR8WDj5K5CcCHtwpA8IXF8sRtM7K5PnbDDqSOlMgreKB2H/mZKoascRRLx
QHoN5C5mi+/10dUI++LPF6DTj4Ynh/iKakOJ56obFpBQBY51DTez0B7W5cfq2KtP
wksu1vTMNxiVmkKRHH4FDzld90EDe8oXDJApFYCUCSC2IAB4ybLc3bFhROTmJ7mj
wX66gkl74xA0yA==
-----END CERTIFICATE-----