Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.mft
File:                     n7jb0z1dO8T6Nknt9_kU6uejiF0.mft (raw, json)
Hash identifier:          0k/Yek5TNsEpoY9FLfRxORL3cC7ZZH/rskALRf1DepQ=
Subject key identifier:   99:F2:1B:EA:53:25:66:DF:E4:89:24:22:2F:9A:62:13:17:2F:F6:D6
Authority key identifier: 9F:B8:DB:D3:3D:5D:3B:C4:FA:36:49:ED:F7:F9:14:EA:E7:A3:88:5D
Certificate issuer:       /CN=9fb8dbd33d5d3bc4fa3649edf7f914eae7a3885d
Certificate serial:       019A50E27B2C18FAC76B42CF21138224CE06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/n7jb0z1dO8T6Nknt9_kU6uejiF0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.mft
Manifest number:          0482
Signing time:             Tue 04 Nov 2025 22:00:11 +0000
Manifest this update:     Tue 04 Nov 2025 22:00:11 +0000
Manifest next update:     Wed 05 Nov 2025 22:00:11 +0000
Files and hashes:         1: n7jb0z1dO8T6Nknt9_kU6uejiF0.crl (hash: eN12kiTkgvy3uwCr7mvBh0G7cGvXFegWbRGr5Xi86G8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/n7jb0z1dO8T6Nknt9_kU6uejiF0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e2:7b:2c:18:fa:c7:6b:42:cf:21:13:82:24:ce:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9fb8dbd33d5d3bc4fa3649edf7f914eae7a3885d
        Validity
            Not Before: Nov  4 22:00:11 2025 GMT
            Not After : Nov  5 22:00:11 2025 GMT
        Subject: CN=99f21bea532566dfe48924222f9a6213172ff6d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ce:81:08:3b:7f:f4:2e:53:c9:9b:20:68:85:
                    23:f5:00:ed:24:82:33:52:85:d0:b1:a2:cc:0b:d3:
                    48:d5:25:ba:81:ff:8a:5d:4c:83:0d:94:3c:bf:bc:
                    3c:5c:8e:73:65:d4:10:cb:91:6b:e5:fd:2f:0a:2e:
                    0a:35:09:f6:23:59:66:3a:11:f6:43:08:f9:0d:7e:
                    31:4a:d9:ee:fe:a4:77:6f:c7:3a:a9:e7:ba:1d:a0:
                    ff:8a:6c:da:d1:8a:4b:fe:fc:60:ad:05:c4:ac:00:
                    e8:19:d4:10:87:9d:ee:ae:36:ef:1b:33:95:d7:57:
                    5e:af:bf:90:4f:d7:8a:e3:99:34:6e:ce:f2:f0:4a:
                    0b:1f:a9:37:71:da:79:67:d8:9b:a6:7d:87:d5:9c:
                    ab:1f:29:dc:f6:38:2b:f2:54:aa:e8:82:25:ac:49:
                    b3:3e:e4:19:3f:f1:32:78:cd:62:8b:ec:2c:c5:f3:
                    9d:5c:7f:70:25:3b:e0:ae:e1:22:29:53:b9:d7:24:
                    95:87:d2:84:87:00:23:ee:da:be:12:17:74:73:c3:
                    2e:6e:a4:3e:b1:96:69:1e:17:27:51:d1:4b:fd:eb:
                    23:4c:17:e6:de:90:88:a4:67:17:30:14:6a:4e:bc:
                    10:5d:19:02:c0:a5:7a:78:45:e2:fd:0b:52:03:b2:
                    1d:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:F2:1B:EA:53:25:66:DF:E4:89:24:22:2F:9A:62:13:17:2F:F6:D6
            X509v3 Authority Key Identifier:
                keyid:9F:B8:DB:D3:3D:5D:3B:C4:FA:36:49:ED:F7:F9:14:EA:E7:A3:88:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7jb0z1dO8T6Nknt9_kU6uejiF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/ad0f8d-a5e7-40b3-b8a8-7362b19de73e/1/n7jb0z1dO8T6Nknt9_kU6uejiF0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b0:13:bc:5a:87:12:2e:eb:cf:e5:bb:7c:98:31:8c:8e:28:7c:
         07:d3:0e:57:a5:eb:5f:da:39:d7:e8:5d:b2:65:36:ba:bc:6a:
         e1:0f:c8:c8:f2:78:ad:72:78:fa:e9:1c:b9:dc:26:9f:5c:c0:
         da:05:71:21:8c:b5:d8:df:81:16:10:9e:d3:2a:d1:c5:8d:3e:
         e4:eb:fa:02:3b:c2:77:43:94:ce:3d:d3:7b:f6:19:8e:bd:d2:
         36:23:65:1d:2f:aa:ba:6a:34:22:c9:89:f6:a3:bb:0d:0f:24:
         84:87:1e:95:ab:d8:04:ff:60:00:44:df:71:59:73:d2:10:4b:
         f4:ec:58:e6:e1:dd:c5:fe:ba:4f:ff:04:59:24:cd:ab:54:e6:
         c4:d1:bb:96:54:82:33:53:5a:b4:81:99:9a:10:65:7d:62:65:
         8c:9c:47:20:dc:5a:04:a7:d4:24:d9:c5:e6:d2:6b:a8:f1:4b:
         a4:a5:61:0d:52:1f:76:68:ca:b4:e8:0d:56:97:76:91:66:08:
         a8:0b:a9:b9:86:da:1c:fc:57:5f:68:2a:07:01:43:36:46:fe:
         7d:4e:cf:57:27:fa:00:7b:e2:78:e6:88:ac:d1:cd:31:cd:3d:
         4f:8a:b6:cd:31:10:3f:b0:3f:8b:19:e4:c9:3b:bb:9a:43:d7:
         62:67:db:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4nssGPrHa0LPIROCJM4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjhkYmQzM2Q1ZDNiYzRmYTM2NDllZGY3ZjkxNGVhZTdh
Mzg4NWQwHhcNMjUxMTA0MjIwMDExWhcNMjUxMTA1MjIwMDExWjAzMTEwLwYDVQQD
Eyg5OWYyMWJlYTUzMjU2NmRmZTQ4OTI0MjIyZjlhNjIxMzE3MmZmNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc6BCDt/9C5TyZsgaIUj9QDtJIIz
UoXQsaLMC9NI1SW6gf+KXUyDDZQ8v7w8XI5zZdQQy5Fr5f0vCi4KNQn2I1lmOhH2
Qwj5DX4xStnu/qR3b8c6qee6HaD/imza0YpL/vxgrQXErADoGdQQh53urjbvGzOV
11der7+QT9eK45k0bs7y8EoLH6k3cdp5Z9ibpn2H1ZyrHync9jgr8lSq6IIlrEmz
PuQZP/EyeM1ii+wsxfOdXH9wJTvgruEiKVO51ySVh9KEhwAj7tq+Ehd0c8MubqQ+
sZZpHhcnUdFL/esjTBfm3pCIpGcXMBRqTrwQXRkCwKV6eEXi/QtSA7IdZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnyG+pTJWbf5IkkIi+aYhMXL/bWMB8GA1UdIwQY
MBaAFJ+429M9XTvE+jZJ7ff5FOrno4hdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdqYjB6MWRPOFQ2TmtudDlfa1U2dWVqaUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hZDBmOGQtYTVlNy00MGIzLWI4YTgt
NzM2MmIxOWRlNzNlLzEvbjdqYjB6MWRPOFQ2TmtudDlfa1U2dWVqaUYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hZDBmOGQtYTVlNy00MGIzLWI4YTgtNzM2MmIxOWRlNzNl
LzEvbjdqYjB6MWRPOFQ2TmtudDlfa1U2dWVqaUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsBO8WocS
LuvP5bt8mDGMjih8B9MOV6XrX9o51+hdsmU2urxq4Q/IyPJ4rXJ4+ukcudwmn1zA
2gVxIYy12N+BFhCe0yrRxY0+5Ov6AjvCd0OUzj3Te/YZjr3SNiNlHS+qumo0IsmJ
9qO7DQ8khIcelavYBP9gAETfcVlz0hBL9OxY5uHdxf66T/8EWSTNq1TmxNG7llSC
M1NatIGZmhBlfWJljJxHINxaBKfUJNnF5tJrqPFLpKVhDVIfdmjKtOgNVpd2kWYI
qAupuYbaHPxXX2gqBwFDNkb+fU7PVyf6AHvieOaIrNHNMc09T4q2zTEQP7A/ixnk
yTu7mkPXYmfbZQ==
-----END CERTIFICATE-----