Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
File:                     nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft (raw, json)
Hash identifier:          cza4mIs+9MVCEs55ebs/aG8OlJR/hBnVWrnaU2wz4aI=
Subject key identifier:   94:03:75:5C:4B:CB:0E:B8:5C:D4:D2:7D:FD:88:2A:03:73:73:70:A5
Authority key identifier: 9C:E8:94:F1:D7:73:1E:99:61:71:9B:E1:ED:99:84:68:FC:BA:BE:A9
Certificate issuer:       /CN=9ce894f1d7731e9961719be1ed998468fcbabea9
Certificate serial:       019A503E51B7FBBFC7BF7E5A48A887C0DD90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
Manifest number:          16F4
Signing time:             Tue 04 Nov 2025 19:00:52 +0000
Manifest this update:     Tue 04 Nov 2025 19:00:52 +0000
Manifest next update:     Wed 05 Nov 2025 19:00:52 +0000
Files and hashes:         1: nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl (hash: qPEHxCtkoISaGiZe64eqMrdkMM8N/zwylyHyJMGVCr4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:49:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:3e:51:b7:fb:bf:c7:bf:7e:5a:48:a8:87:c0:dd:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ce894f1d7731e9961719be1ed998468fcbabea9
        Validity
            Not Before: Nov  4 19:00:52 2025 GMT
            Not After : Nov  5 19:00:52 2025 GMT
        Subject: CN=9403755c4bcb0eb85cd4d27dfd882a03737370a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:51:8e:be:05:b7:35:96:a9:cd:15:d4:cb:cd:
                    53:e4:be:a9:66:40:98:4c:3e:f9:1f:81:35:c7:af:
                    e1:22:0d:1a:81:d5:a3:e3:92:99:15:ad:a2:fb:5b:
                    c3:a1:8c:90:f0:8d:38:f2:00:02:c3:e3:9c:78:16:
                    04:fc:b6:f3:2e:cb:b8:bf:f8:cf:0f:91:16:c2:61:
                    51:8b:fc:dd:4e:18:0f:ff:a5:67:ba:0b:ae:20:06:
                    4f:b4:30:47:0c:43:b6:7c:ab:f2:04:2e:2b:c8:44:
                    b1:d8:a6:16:bf:90:10:8a:30:44:24:a3:1c:09:3f:
                    e6:44:08:39:18:6d:90:47:27:f4:f6:60:01:69:66:
                    cc:94:cb:62:b4:12:8c:b9:f2:93:94:8a:9e:b9:3b:
                    41:ae:b6:fe:a0:9f:2e:99:63:11:19:0f:41:0f:fb:
                    e1:fd:9b:37:1d:e7:e3:0d:61:91:f8:41:a7:f6:65:
                    ce:7e:db:47:99:85:cc:43:c1:0f:b0:28:af:00:26:
                    de:ed:6c:10:72:cb:50:a6:a1:c9:db:1f:33:11:fd:
                    72:3a:9b:7b:2a:b9:cf:d4:14:22:14:44:94:41:db:
                    fd:92:52:4a:58:5b:6a:1b:2d:70:25:4e:7e:25:eb:
                    bf:b6:d7:0c:ae:7a:ee:4a:f9:97:29:eb:1c:aa:6b:
                    4b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:03:75:5C:4B:CB:0E:B8:5C:D4:D2:7D:FD:88:2A:03:73:73:70:A5
            X509v3 Authority Key Identifier:
                keyid:9C:E8:94:F1:D7:73:1E:99:61:71:9B:E1:ED:99:84:68:FC:BA:BE:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nOiU8ddzHplhcZvh7ZmEaPy6vqk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/1f969c-e387-46fd-8624-dc7f0c094b39/1/nOiU8ddzHplhcZvh7ZmEaPy6vqk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:ba:36:e3:67:ce:53:7a:1b:9a:3c:50:52:2e:8b:68:4e:20:
         ce:70:51:6b:f8:d5:cf:1a:ff:b6:da:43:d3:5e:2b:f3:a6:c1:
         d1:1c:22:37:a3:57:be:de:27:c8:36:cd:a9:1a:f2:59:41:f7:
         d9:f9:9c:f7:64:cb:8a:5b:1a:e8:69:d6:2a:00:bc:0d:d0:0d:
         8f:df:23:f7:00:1c:d6:83:a1:a9:3b:fd:8e:85:75:65:96:f8:
         84:46:90:cb:4f:87:c9:59:4e:5b:eb:91:c1:8b:a5:c4:6d:0b:
         47:ae:90:b7:fa:19:75:df:ee:28:d7:67:6f:f7:9b:dc:37:c1:
         69:37:ec:80:ec:f0:60:59:b4:41:44:78:93:51:08:2f:51:94:
         27:92:ca:49:7b:01:5a:de:86:a9:88:f3:cb:4f:b6:e7:12:e5:
         04:fa:f7:09:96:c3:e2:8c:d5:ea:8f:a1:f6:77:82:7a:73:7a:
         e8:a9:b9:10:00:6f:74:ba:9a:95:0a:4b:57:77:6d:4f:71:32:
         6a:cc:5b:bc:83:b3:59:74:92:33:15:41:57:53:dc:3f:3c:b2:
         a7:55:08:15:f5:6b:29:87:ae:67:89:bf:56:ae:28:fe:a4:1c:
         d7:1d:29:ee:4b:d1:b5:03:a6:e6:c0:c7:f1:34:72:7a:85:dd:
         ec:63:62:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPlG3+7/Hv35aSKiHwN2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZTg5NGYxZDc3MzFlOTk2MTcxOWJlMWVkOTk4NDY4ZmNi
YWJlYTkwHhcNMjUxMTA0MTkwMDUyWhcNMjUxMTA1MTkwMDUyWjAzMTEwLwYDVQQD
Eyg5NDAzNzU1YzRiY2IwZWI4NWNkNGQyN2RmZDg4MmEwMzczNzM3MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FGOvgW3NZapzRXUy81T5L6pZkCY
TD75H4E1x6/hIg0agdWj45KZFa2i+1vDoYyQ8I048gACw+OceBYE/LbzLsu4v/jP
D5EWwmFRi/zdThgP/6VnuguuIAZPtDBHDEO2fKvyBC4ryESx2KYWv5AQijBEJKMc
CT/mRAg5GG2QRyf09mABaWbMlMtitBKMufKTlIqeuTtBrrb+oJ8umWMRGQ9BD/vh
/Zs3HefjDWGR+EGn9mXOfttHmYXMQ8EPsCivACbe7WwQcstQpqHJ2x8zEf1yOpt7
KrnP1BQiFESUQdv9klJKWFtqGy1wJU5+Jeu/ttcMrnruSvmXKescqmtLowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQDdVxLyw64XNTSff2IKgNzc3ClMB8GA1UdIwQY
MBaAFJzolPHXcx6ZYXGb4e2ZhGj8ur6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xZjk2OWMtZTM4Ny00NmZkLTg2MjQt
ZGM3ZjBjMDk0YjM5LzEvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xZjk2OWMtZTM4Ny00NmZkLTg2MjQtZGM3ZjBjMDk0YjM5
LzEvbk9pVThkZHpIcGxoY1p2aDdabUVhUHk2dnFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAibo242fO
U3obmjxQUi6LaE4gznBRa/jVzxr/ttpD014r86bB0RwiN6NXvt4nyDbNqRryWUH3
2fmc92TLilsa6GnWKgC8DdANj98j9wAc1oOhqTv9joV1ZZb4hEaQy0+HyVlOW+uR
wYulxG0LR66Qt/oZdd/uKNdnb/eb3DfBaTfsgOzwYFm0QUR4k1EIL1GUJ5LKSXsB
Wt6GqYjzy0+25xLlBPr3CZbD4ozV6o+h9neCenN66Km5EABvdLqalQpLV3dtT3Ey
asxbvIOzWXSSMxVBV1PcPzyyp1UIFfVrKYeuZ4m/Vq4o/qQc1x0p7kvRtQOm5sDH
8TRyeoXd7GNi5w==
-----END CERTIFICATE-----