Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          0DXz9tm2KJIW2Me1MCs1mjDfbbexh40NU/4UR6IdNNk=
Subject key identifier:   75:E5:D8:B6:3A:9C:DF:D3:AA:30:9E:71:0C:35:71:18:95:B9:54:BE
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       019A50E436DB67ECADA7E0EC088979C82B0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          1709
Signing time:             Tue 04 Nov 2025 22:02:04 +0000
Manifest this update:     Tue 04 Nov 2025 22:02:04 +0000
Manifest next update:     Wed 05 Nov 2025 22:02:04 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: ovSxVqqZlgsQeN8MYIzV3MozSMOMrV1w1wvwbHmGpJw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 18:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:50:e4:36:db:67:ec:ad:a7:e0:ec:08:89:79:c8:2b:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Nov  4 22:02:04 2025 GMT
            Not After : Nov  5 22:02:04 2025 GMT
        Subject: CN=75e5d8b63a9cdfd3aa309e710c35711895b954be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:35:c8:b3:d5:89:3e:01:f4:ae:4f:7d:17:5c:
                    98:0e:f0:0f:a6:56:4a:5a:13:8c:ab:e9:f0:93:70:
                    f8:31:ee:14:8f:c7:1d:b0:47:0d:b2:cd:1c:60:3b:
                    ef:05:fb:b3:86:2f:09:8d:55:0d:26:7e:a4:ef:72:
                    da:d2:71:b6:2e:96:ec:1f:e5:d7:5d:c4:1c:5a:ce:
                    b0:c1:d2:0b:ef:99:2d:47:19:5d:28:49:a7:b5:8c:
                    ad:84:95:7d:8c:d1:b3:73:61:82:3e:62:26:47:59:
                    05:c3:e0:ab:df:3f:51:cb:1a:89:a8:08:db:a5:e6:
                    55:99:b3:fb:16:d8:3b:3e:96:d6:39:c1:16:2c:03:
                    77:05:28:d0:f2:7e:2f:ff:94:b5:8e:8d:88:63:e2:
                    a2:6b:c4:15:f0:b5:da:06:d2:23:65:25:b0:1c:5e:
                    54:18:3c:27:ff:c8:d7:de:cc:9b:30:e9:5f:96:23:
                    5c:b4:86:41:3f:91:8e:a3:2d:fa:0f:18:24:a9:06:
                    6a:45:7e:87:75:a3:4c:1f:9e:bc:ce:63:6e:6b:c4:
                    55:1b:09:37:02:55:8a:40:33:67:a7:1a:62:43:f8:
                    b4:9e:6a:39:6a:a0:57:bc:9a:cc:f7:08:01:2e:f1:
                    95:63:67:43:44:3c:93:18:ab:0d:7a:0c:5e:c7:b9:
                    92:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:E5:D8:B6:3A:9C:DF:D3:AA:30:9E:71:0C:35:71:18:95:B9:54:BE
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:83:ee:cc:09:88:99:43:f2:c4:28:78:c7:72:5e:18:c4:66:
         e8:d0:b2:f5:dd:17:fa:c3:68:e0:78:1b:20:b6:ab:e4:1a:43:
         1a:b4:8f:4a:31:91:17:97:ed:71:80:1f:36:21:32:f2:16:5b:
         ec:07:a1:63:78:37:b8:f0:1b:21:ee:2d:17:5f:32:d8:d9:ff:
         2b:b0:ae:1d:26:09:8f:4b:44:15:f0:54:35:52:3e:3e:2d:c7:
         73:f4:b3:df:16:f5:2f:98:c9:66:4e:a7:c2:31:b7:93:1c:f7:
         7e:8c:77:2e:18:c9:0d:19:74:24:7d:ec:e0:7b:2a:ba:2c:16:
         62:78:37:c7:a5:1d:56:ad:d0:69:27:c9:72:84:6a:b8:a6:f6:
         34:3a:93:2d:4c:d8:4c:b2:59:00:1f:91:60:fa:81:de:8d:d1:
         1c:47:5f:25:2b:cd:f6:10:64:8e:8e:ad:64:59:d2:d8:6b:b3:
         0b:e3:3f:81:51:41:4b:67:6c:fe:fe:6c:30:7d:1a:4d:08:87:
         26:37:40:ae:bb:32:ac:3f:ff:ba:e5:64:ad:f6:28:5d:34:7b:
         ab:73:bd:bc:00:41:ff:8d:3f:a3:33:d5:20:8a:f0:77:9e:65:
         0b:50:5c:fa:a3:6d:ef:23:2f:97:75:9f:ea:9c:53:91:58:10:
         21:23:80:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ5DbbZ+ytp+DsCIl5yCsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjUxMTA0MjIwMjA0WhcNMjUxMTA1MjIwMjA0WjAzMTEwLwYDVQQD
Eyg3NWU1ZDhiNjNhOWNkZmQzYWEzMDllNzEwYzM1NzExODk1Yjk1NGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDXIs9WJPgH0rk99F1yYDvAPplZK
WhOMq+nwk3D4Me4Uj8cdsEcNss0cYDvvBfuzhi8JjVUNJn6k73La0nG2LpbsH+XX
XcQcWs6wwdIL75ktRxldKEmntYythJV9jNGzc2GCPmImR1kFw+Cr3z9RyxqJqAjb
peZVmbP7Ftg7PpbWOcEWLAN3BSjQ8n4v/5S1jo2IY+Kia8QV8LXaBtIjZSWwHF5U
GDwn/8jX3sybMOlfliNctIZBP5GOoy36DxgkqQZqRX6HdaNMH568zmNua8RVGwk3
AlWKQDNnpxpiQ/i0nmo5aqBXvJrM9wgBLvGVY2dDRDyTGKsNegxex7mSwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHXl2LY6nN/TqjCecQw1cRiVuVS+MB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4PuzAmI
mUPyxCh4x3JeGMRm6NCy9d0X+sNo4HgbILar5BpDGrSPSjGRF5ftcYAfNiEy8hZb
7AehY3g3uPAbIe4tF18y2Nn/K7CuHSYJj0tEFfBUNVI+Pi3Hc/Sz3xb1L5jJZk6n
wjG3kxz3fox3LhjJDRl0JH3s4HsquiwWYng3x6UdVq3QaSfJcoRquKb2NDqTLUzY
TLJZAB+RYPqB3o3RHEdfJSvN9hBkjo6tZFnS2GuzC+M/gVFBS2ds/v5sMH0aTQiH
JjdArrsyrD//uuVkrfYoXTR7q3O9vABB/40/ozPVIIrwd55lC1Bc+qNt7yMvl3Wf
6pxTkVgQISOAJg==
-----END CERTIFICATE-----