Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          fZwbDk4179orZj8EJSOLvvgA1DvQSyW9RJfLenMBtWw=
Subject key identifier:   BB:13:EE:8E:CB:DF:F9:4B:BB:64:89:B2:9B:77:65:39:C7:F1:1A:67
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       019A4E190A9598FF70D611262C205BCA6974
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          07E5
Signing time:             Tue 04 Nov 2025 09:00:55 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:55 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:55 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: 4j1+WZ4MEDa26bUA3Q+vrvKHkHk4kFDGzrenPCcFyeY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:19:0a:95:98:ff:70:d6:11:26:2c:20:5b:ca:69:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Nov  4 09:00:55 2025 GMT
            Not After : Nov  5 09:00:55 2025 GMT
        Subject: CN=bb13ee8ecbdff94bbb6489b29b776539c7f11a67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:3e:4e:d2:9e:17:4e:ca:22:36:1c:6c:b6:aa:
                    aa:97:a4:d0:9e:7d:4c:a4:ed:3d:5c:47:89:ee:b2:
                    8a:8b:43:42:f9:10:38:7f:f0:28:2f:e2:12:a6:04:
                    82:47:73:77:f6:08:a4:51:e2:75:a3:6c:bb:bd:39:
                    18:3b:b8:d2:93:2a:bc:23:bb:b7:7a:d0:69:b0:ae:
                    c6:7c:82:4e:30:30:28:99:09:96:d4:03:24:fe:56:
                    d6:05:be:cb:cb:df:a4:1d:af:d2:14:30:af:86:89:
                    d4:41:06:e6:7a:ca:b7:6b:15:33:00:37:8a:d5:2a:
                    07:f6:3b:a7:53:44:f0:96:3e:63:0f:d5:a6:09:75:
                    d2:4d:6b:48:6c:e8:4e:25:c8:da:c1:fa:c8:72:ee:
                    29:f8:05:f2:4b:bd:39:cb:33:fb:5b:ca:07:fc:83:
                    b8:9f:f8:53:ef:a6:cc:e8:12:da:da:f0:15:49:98:
                    39:a4:c5:ea:69:82:bf:80:94:c4:22:30:d4:68:8e:
                    12:1c:76:84:b0:15:6d:cb:08:62:2d:b8:5c:b5:62:
                    97:2a:f4:a6:48:94:03:a2:94:40:c8:6f:4d:e5:04:
                    f7:a6:0b:3c:02:a1:f6:32:49:d0:cc:1a:11:4e:07:
                    5a:f7:99:74:ab:0c:ad:af:34:6d:f7:48:55:75:7b:
                    43:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:13:EE:8E:CB:DF:F9:4B:BB:64:89:B2:9B:77:65:39:C7:F1:1A:67
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:38:d9:29:6e:5d:e6:88:60:b5:12:d5:92:a3:23:b3:97:a7:
         43:5f:d1:e7:70:80:96:f1:0f:8b:d0:81:1d:07:0f:dc:a9:36:
         ef:41:8f:1d:0f:74:a3:54:89:a2:4b:c2:a8:a9:08:c1:57:fc:
         3f:3c:4e:73:00:eb:7d:2b:76:58:b0:45:1d:83:1a:dd:a3:71:
         8c:ef:4e:62:18:c9:51:e5:b2:25:45:51:e7:3b:b4:7c:bf:e0:
         ec:7c:3c:57:38:12:51:55:69:88:0b:8f:89:58:d1:44:c7:3c:
         19:73:e5:8a:4f:b5:32:21:cc:87:34:02:a0:a8:86:a8:f8:29:
         d6:8c:ce:8c:73:f3:ac:a2:67:1c:c1:3b:5c:0f:df:ad:bf:6f:
         75:ec:5a:53:83:62:9f:00:ef:36:5d:54:a0:d5:a2:c1:2e:83:
         2a:8b:ed:21:61:7e:13:ab:7f:bd:81:48:a6:29:c1:9b:22:bb:
         eb:f6:ae:e6:6e:a2:6d:5a:7a:1e:e5:55:d7:ef:c2:6a:0f:6e:
         10:1d:4f:3b:ff:4c:c3:d5:00:0e:3f:18:24:d4:5d:8f:04:d5:
         e3:f6:c6:a5:81:35:16:3e:03:42:e6:cd:cb:b0:0b:11:b8:db:
         2f:43:c8:44:bf:9a:cd:f1:2e:6f:36:15:82:92:98:65:03:f4:
         95:5e:b7:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGQqVmP9w1hEmLCBbyml0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjUxMTA0MDkwMDU1WhcNMjUxMTA1MDkwMDU1WjAzMTEwLwYDVQQD
EyhiYjEzZWU4ZWNiZGZmOTRiYmI2NDg5YjI5Yjc3NjUzOWM3ZjExYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsz5O0p4XTsoiNhxstqqql6TQnn1M
pO09XEeJ7rKKi0NC+RA4f/AoL+ISpgSCR3N39gikUeJ1o2y7vTkYO7jSkyq8I7u3
etBpsK7GfIJOMDAomQmW1AMk/lbWBb7Ly9+kHa/SFDCvhonUQQbmesq3axUzADeK
1SoH9junU0Twlj5jD9WmCXXSTWtIbOhOJcjawfrIcu4p+AXyS705yzP7W8oH/IO4
n/hT76bM6BLa2vAVSZg5pMXqaYK/gJTEIjDUaI4SHHaEsBVtywhiLbhctWKXKvSm
SJQDopRAyG9N5QT3pgs8AqH2MknQzBoRTgda95l0qwytrzRt90hVdXtDlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsT7o7L3/lLu2SJspt3ZTnH8RpnMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnTjZKW5d
5ohgtRLVkqMjs5enQ1/R53CAlvEPi9CBHQcP3Kk270GPHQ90o1SJokvCqKkIwVf8
PzxOcwDrfSt2WLBFHYMa3aNxjO9OYhjJUeWyJUVR5zu0fL/g7Hw8VzgSUVVpiAuP
iVjRRMc8GXPlik+1MiHMhzQCoKiGqPgp1ozOjHPzrKJnHME7XA/frb9vdexaU4Ni
nwDvNl1UoNWiwS6DKovtIWF+E6t/vYFIpinBmyK76/au5m6ibVp6HuVV1+/Cag9u
EB1PO/9Mw9UADj8YJNRdjwTV4/bGpYE1Fj4DQubNy7ALEbjbL0PIRL+azfEubzYV
gpKYZQP0lV63gA==
-----END CERTIFICATE-----