Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
File:                     NGbkl-i6koMIR7TYtnEDJdI72oU.mft (raw, json)
Hash identifier:          QBWdkqbb8A8eQD6lXgPCMlfjFUnPxd2AlNRC2p4OQH4=
Subject key identifier:   B3:32:AC:9B:35:AD:87:88:07:A3:62:35:99:3D:58:A9:5D:67:DA:73
Authority key identifier: 34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85
Certificate issuer:       /CN=3466e497e8ba92830847b4d8b6710325d23bda85
Certificate serial:       019A4DAB067A15E14D2AB6D5ACFC7DF13448
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
Manifest number:          076B
Signing time:             Tue 04 Nov 2025 07:00:44 +0000
Manifest this update:     Tue 04 Nov 2025 07:00:44 +0000
Manifest next update:     Wed 05 Nov 2025 07:00:44 +0000
Files and hashes:         1: NGbkl-i6koMIR7TYtnEDJdI72oU.crl (hash: g8UerVZYQDsyi+0KMyws1DmxbglqQZ6QBK9O5lczNpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 07:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4d:ab:06:7a:15:e1:4d:2a:b6:d5:ac:fc:7d:f1:34:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3466e497e8ba92830847b4d8b6710325d23bda85
        Validity
            Not Before: Nov  4 07:00:44 2025 GMT
            Not After : Nov  5 07:00:44 2025 GMT
        Subject: CN=b332ac9b35ad878807a36235993d58a95d67da73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:d5:97:78:68:03:a1:90:69:09:29:d1:95:06:
                    53:0f:62:fb:fb:a3:ab:9e:9f:46:ec:c9:ba:59:3e:
                    e9:0c:7a:32:cb:17:87:4a:59:fb:cb:41:6d:3c:d7:
                    8b:49:7d:ac:e0:e4:39:0d:e1:83:c1:84:f7:6b:aa:
                    42:94:a5:c7:90:ac:8e:4c:a0:bd:4d:f2:cc:16:96:
                    2f:57:6a:2d:79:3e:1f:06:1b:73:24:29:62:b4:8f:
                    0b:e6:bf:ce:d5:e7:67:09:58:c1:f8:ea:9b:75:9f:
                    67:08:d8:76:7a:e4:84:b9:be:1b:1e:94:b3:36:3a:
                    90:49:0e:82:c3:f0:75:45:bb:91:a1:1a:49:ae:24:
                    bd:09:ec:f5:48:e7:6a:94:34:12:1d:06:42:8d:31:
                    e3:21:4d:97:e8:d8:0d:13:89:ff:40:66:cd:da:14:
                    28:90:52:91:7e:db:c7:5d:ed:b6:bd:e8:29:07:a0:
                    97:eb:45:80:3f:82:43:d2:3d:40:a7:db:ab:97:2e:
                    b5:4f:0e:24:45:52:01:80:05:80:28:48:be:17:36:
                    a8:2b:12:f6:f5:40:b5:c9:e2:f0:05:f4:9c:75:fb:
                    c5:36:88:0a:af:20:7c:f6:c5:41:24:85:81:e9:b5:
                    7c:20:6b:f4:33:9a:f6:1b:e7:d1:f0:54:2c:89:a1:
                    f0:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:32:AC:9B:35:AD:87:88:07:A3:62:35:99:3D:58:A9:5D:67:DA:73
            X509v3 Authority Key Identifier:
                keyid:34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:35:d2:e4:1f:1f:a0:d3:9d:e1:cd:87:96:25:1e:16:17:a0:
         4a:b9:6b:f3:72:ba:25:bc:a1:ac:5b:2a:d5:d9:34:13:be:77:
         71:7b:b9:b4:36:53:cb:84:50:ae:0b:a9:d6:a5:13:15:d6:9f:
         a2:fa:cb:80:d2:aa:ff:36:dc:a7:70:03:d8:49:e6:1a:ee:ba:
         92:94:ee:b8:e7:a0:68:89:67:2c:0e:d2:ea:3a:4b:8e:c4:39:
         50:fb:7e:20:c3:40:38:06:d2:82:24:34:cb:70:b5:76:c6:aa:
         57:86:1f:a0:18:8d:33:4b:d7:70:7d:94:1e:ac:bf:5e:c4:19:
         db:9c:32:3d:1c:66:9f:56:b1:1b:22:1f:9e:b1:bf:75:46:8c:
         e0:63:10:f2:97:d0:f7:6e:4f:09:9c:9c:d4:1c:22:d7:d0:65:
         1f:25:9f:04:ac:ff:be:a7:1a:37:08:4e:17:c3:b2:70:1f:db:
         06:1c:a4:cd:ed:1e:22:cf:97:2a:ea:b5:1c:55:4a:c3:91:85:
         3d:2c:23:72:7d:7f:83:33:d4:36:13:54:57:d8:eb:fa:32:f5:
         58:b5:30:51:ac:e8:bb:80:6d:b9:6b:46:23:80:e0:f7:31:09:
         6a:ce:87:75:e9:bb:58:8e:1c:60:6b:3b:2e:67:cb:6f:13:c0:
         6c:ad:95:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqwZ6FeFNKrbVrPx98TRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjZlNDk3ZThiYTkyODMwODQ3YjRkOGI2NzEwMzI1ZDIz
YmRhODUwHhcNMjUxMTA0MDcwMDQ0WhcNMjUxMTA1MDcwMDQ0WjAzMTEwLwYDVQQD
EyhiMzMyYWM5YjM1YWQ4Nzg4MDdhMzYyMzU5OTNkNThhOTVkNjdkYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09WXeGgDoZBpCSnRlQZTD2L7+6Or
np9G7Mm6WT7pDHoyyxeHSln7y0FtPNeLSX2s4OQ5DeGDwYT3a6pClKXHkKyOTKC9
TfLMFpYvV2oteT4fBhtzJClitI8L5r/O1ednCVjB+OqbdZ9nCNh2euSEub4bHpSz
NjqQSQ6Cw/B1RbuRoRpJriS9Cez1SOdqlDQSHQZCjTHjIU2X6NgNE4n/QGbN2hQo
kFKRftvHXe22vegpB6CX60WAP4JD0j1Ap9urly61Tw4kRVIBgAWAKEi+FzaoKxL2
9UC1yeLwBfScdfvFNogKryB89sVBJIWB6bV8IGv0M5r2G+fR8FQsiaHwFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLMyrJs1rYeIB6NiNZk9WKldZ9pzMB8GA1UdIwQY
MBaAFDRm5JfoupKDCEe02LZxAyXSO9qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEt
ZGNhZDA4ZjJmMjNmLzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEtZGNhZDA4ZjJmMjNm
LzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYTXS5B8f
oNOd4c2HliUeFhegSrlr83K6JbyhrFsq1dk0E753cXu5tDZTy4RQrgup1qUTFdaf
ovrLgNKq/zbcp3AD2EnmGu66kpTuuOegaIlnLA7S6jpLjsQ5UPt+IMNAOAbSgiQ0
y3C1dsaqV4YfoBiNM0vXcH2UHqy/XsQZ25wyPRxmn1axGyIfnrG/dUaM4GMQ8pfQ
925PCZyc1Bwi19BlHyWfBKz/vqcaNwhOF8OycB/bBhykze0eIs+XKuq1HFVKw5GF
PSwjcn1/gzPUNhNUV9jr+jL1WLUwUazou4BtuWtGI4Dg9zEJas6Hdem7WI4cYGs7
LmfLbxPAbK2V9Q==
-----END CERTIFICATE-----