Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
File:                     NWlXUM1GUx3eil-yZyzcgw09DG4.mft (raw, json)
Hash identifier:          U3jDFx4KyhslD6XcTG2FAisjM/z+FDr6PZl+InJKuKY=
Subject key identifier:   77:B0:44:CD:64:3B:F2:D9:6F:8E:89:5B:87:C7:E3:37:6E:D2:54:BA
Authority key identifier: 35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E
Certificate issuer:       /CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
Certificate serial:       019A4E191B7AA0F05E68BDEBF92C36B21108
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
Manifest number:          0529
Signing time:             Tue 04 Nov 2025 09:00:59 +0000
Manifest this update:     Tue 04 Nov 2025 09:00:59 +0000
Manifest next update:     Wed 05 Nov 2025 09:00:59 +0000
Files and hashes:         1: NWlXUM1GUx3eil-yZyzcgw09DG4.crl (hash: EcYgtdEscvdgeiHuJzkzydvmElIy8tQlHubowc6uEE4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:19:1b:7a:a0:f0:5e:68:bd:eb:f9:2c:36:b2:11:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
        Validity
            Not Before: Nov  4 09:00:59 2025 GMT
            Not After : Nov  5 09:00:59 2025 GMT
        Subject: CN=77b044cd643bf2d96f8e895b87c7e3376ed254ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:5b:95:2c:8d:ee:d9:a7:9e:f6:a0:75:ad:e6:
                    ea:ee:44:04:45:d9:59:89:fb:7b:8c:81:5d:e0:72:
                    e2:86:df:7c:7c:04:a3:c1:80:b2:6d:e8:4d:29:92:
                    20:b9:5f:33:c7:17:35:47:ca:91:a8:2c:c8:ce:9c:
                    85:d8:44:22:31:e7:0a:4b:30:c8:f1:92:20:c4:0f:
                    51:b9:d9:75:ea:a8:d1:bf:ac:61:83:7c:13:c7:f2:
                    44:30:5e:0d:3f:aa:bf:a4:1b:5d:53:87:50:82:36:
                    0a:67:da:69:0b:9c:e0:e2:b5:e6:4b:10:f6:6d:fc:
                    4e:0f:8b:13:6d:9e:ce:61:41:96:9b:7e:92:6f:a3:
                    0a:56:54:5a:a1:56:8a:80:39:dd:78:ef:ff:5f:86:
                    2a:fa:f4:01:fe:22:3f:26:82:40:76:d5:e0:79:a3:
                    db:66:66:b9:ff:f6:3a:d9:e2:9b:7d:9b:c7:49:31:
                    0b:09:b8:1a:25:d8:6e:7f:4f:c4:e9:9a:7c:ca:98:
                    94:e0:56:1c:a9:6f:15:a1:5f:81:44:76:31:05:bb:
                    f3:9a:ff:ed:01:13:eb:8f:5d:84:16:50:78:d6:af:
                    d5:07:e4:2a:c7:3a:4d:6e:b5:c3:f8:de:6a:84:17:
                    c0:7d:78:c6:18:b8:0e:0a:74:e7:50:21:5a:8d:8c:
                    22:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:B0:44:CD:64:3B:F2:D9:6F:8E:89:5B:87:C7:E3:37:6E:D2:54:BA
            X509v3 Authority Key Identifier:
                keyid:35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:0a:78:2c:ab:2f:a8:7f:c2:0d:b4:a4:1b:b5:86:0f:c6:85:
         d7:63:a2:94:3f:0b:41:49:0c:04:7d:d1:04:3a:62:ac:80:17:
         fc:44:fb:17:3e:8a:ae:49:3b:06:a3:ed:45:80:4c:a2:08:93:
         33:75:92:ee:27:e1:5a:f5:dc:4c:60:c2:7d:26:41:ab:cf:63:
         49:71:a7:72:85:19:9a:44:36:55:1c:cf:21:f3:6b:58:07:ff:
         6d:5e:2a:aa:67:5a:a0:fd:30:da:be:ab:a3:81:76:5a:09:9a:
         b2:46:14:44:d5:9b:c7:93:24:86:fc:97:93:cb:4d:fb:cf:e1:
         c2:3b:2d:7d:5b:67:78:aa:84:a5:04:8b:ee:91:70:20:ef:4a:
         60:ad:7f:cf:80:11:93:58:3c:59:1c:92:2a:71:1f:82:98:9e:
         ad:e7:2c:7e:a6:23:5a:d3:e7:5a:47:88:d6:7c:23:1b:a4:67:
         11:79:57:af:18:72:14:20:1d:77:59:ce:de:c5:b4:e5:d2:16:
         3a:83:18:da:03:3f:15:4b:b6:4d:10:aa:fe:4f:77:cd:7d:21:
         52:85:36:46:b2:cf:6c:0d:a4:37:13:17:51:ee:e3:0b:3a:7a:
         af:35:83:c6:4c:5a:5f:8a:5e:08:dd:8c:2c:2d:a0:f3:b4:92:
         6c:b6:2e:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGRt6oPBeaL3r+Sw2shEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Njk1NzUwY2Q0NjUzMWRkZThhNWZiMjY3MmNkYzgzMGQz
ZDBjNmUwHhcNMjUxMTA0MDkwMDU5WhcNMjUxMTA1MDkwMDU5WjAzMTEwLwYDVQQD
Eyg3N2IwNDRjZDY0M2JmMmQ5NmY4ZTg5NWI4N2M3ZTMzNzZlZDI1NGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFuVLI3u2aee9qB1rebq7kQERdlZ
ift7jIFd4HLiht98fASjwYCybehNKZIguV8zxxc1R8qRqCzIzpyF2EQiMecKSzDI
8ZIgxA9Rudl16qjRv6xhg3wTx/JEMF4NP6q/pBtdU4dQgjYKZ9ppC5zg4rXmSxD2
bfxOD4sTbZ7OYUGWm36Sb6MKVlRaoVaKgDndeO//X4Yq+vQB/iI/JoJAdtXgeaPb
Zma5//Y62eKbfZvHSTELCbgaJdhuf0/E6Zp8ypiU4FYcqW8VoV+BRHYxBbvzmv/t
ARPrj12EFlB41q/VB+QqxzpNbrXD+N5qhBfAfXjGGLgOCnTnUCFajYwi6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHewRM1kO/LZb46JW4fH4zdu0lS6MB8GA1UdIwQY
MBaAFDVpV1DNRlMd3opfsmcs3IMNPQxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDct
NzdiZmEzN2ZhMDcxLzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDctNzdiZmEzN2ZhMDcx
LzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHwp4LKsv
qH/CDbSkG7WGD8aF12OilD8LQUkMBH3RBDpirIAX/ET7Fz6Krkk7BqPtRYBMogiT
M3WS7ifhWvXcTGDCfSZBq89jSXGncoUZmkQ2VRzPIfNrWAf/bV4qqmdaoP0w2r6r
o4F2WgmaskYURNWbx5MkhvyXk8tN+8/hwjstfVtneKqEpQSL7pFwIO9KYK1/z4AR
k1g8WRySKnEfgpierecsfqYjWtPnWkeI1nwjG6RnEXlXrxhyFCAdd1nO3sW05dIW
OoMY2gM/FUu2TRCq/k93zX0hUoU2RrLPbA2kNxMXUe7jCzp6rzWDxkxaX4peCN2M
LC2g87SSbLYuBA==
-----END CERTIFICATE-----