Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
File:                     NHi9VqAesq4wdvaW0B1P_NFAGp8.mft (raw, json)
Hash identifier:          8jcDcw/3+zkftQ5Jqn0oBxHS95+DYbbW/cMNzd2E9jE=
Subject key identifier:   C1:44:2C:98:C5:86:CE:C7:1E:52:CF:37:19:D5:FF:15:27:60:C0:EB
Authority key identifier: 34:78:BD:56:A0:1E:B2:AE:30:76:F6:96:D0:1D:4F:FC:D1:40:1A:9F
Certificate issuer:       /CN=3478bd56a01eb2ae3076f696d01d4ffcd1401a9f
Certificate serial:       019A4EF4249C96A9DAD9F3AD8398FF480F65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
Manifest number:          170C
Signing time:             Tue 04 Nov 2025 13:00:14 +0000
Manifest this update:     Tue 04 Nov 2025 13:00:14 +0000
Manifest next update:     Wed 05 Nov 2025 13:00:14 +0000
Files and hashes:         1: NHi9VqAesq4wdvaW0B1P_NFAGp8.crl (hash: oQFaASwjm3XyxwIO7/aRjKTbEI1dJU2GQI+V/uYbP9U=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4e:f4:24:9c:96:a9:da:d9:f3:ad:83:98:ff:48:0f:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3478bd56a01eb2ae3076f696d01d4ffcd1401a9f
        Validity
            Not Before: Nov  4 13:00:14 2025 GMT
            Not After : Nov  5 13:00:14 2025 GMT
        Subject: CN=c1442c98c586cec71e52cf3719d5ff152760c0eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:34:e6:e0:48:75:0d:08:e0:80:08:8d:d8:a8:
                    8c:e9:2a:5a:b7:72:de:c7:7d:f2:33:79:14:6b:45:
                    0f:fd:75:49:65:96:d1:63:34:7c:a6:76:54:e7:9d:
                    ab:5f:0d:0c:34:6c:18:2e:cf:7d:29:dd:d3:fd:f9:
                    76:be:3d:f3:bd:50:5b:26:7c:bc:6b:97:e7:43:37:
                    48:61:48:0a:1f:fc:bd:ac:65:0e:38:24:27:48:12:
                    27:7f:9b:4d:3f:fc:9a:8a:c9:06:1a:d0:93:36:21:
                    80:0e:07:b0:ae:e6:a4:0a:82:19:6f:0a:25:01:97:
                    22:db:e7:55:1c:4c:24:42:77:b5:67:86:27:9f:2c:
                    8e:56:2f:a4:46:e8:d5:93:18:7e:6d:7e:bf:e4:bd:
                    a8:e3:21:1a:ef:e8:e7:f7:11:ba:19:c9:d7:e3:85:
                    ad:44:62:ef:37:a6:c8:bc:5e:11:0e:3e:75:b8:2d:
                    47:30:d3:03:12:04:6c:64:9a:d3:64:4e:02:09:4d:
                    bb:d3:ed:3a:9f:2c:6a:64:a3:19:b2:86:11:27:a2:
                    94:d3:8c:29:94:d7:45:f3:6a:69:a6:b9:54:95:36:
                    8d:ce:ce:b8:a5:0f:38:6a:e6:36:33:21:57:13:4a:
                    d8:34:bb:24:7c:5d:2d:55:e5:93:19:08:be:66:72:
                    56:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:44:2C:98:C5:86:CE:C7:1E:52:CF:37:19:D5:FF:15:27:60:C0:EB
            X509v3 Authority Key Identifier:
                keyid:34:78:BD:56:A0:1E:B2:AE:30:76:F6:96:D0:1D:4F:FC:D1:40:1A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:3f:5a:fb:b4:7f:c6:c4:d4:b1:2a:a5:c5:50:7d:6e:7c:83:
         ae:35:c1:f2:37:03:7e:11:aa:65:ac:80:60:05:ff:3a:59:00:
         1d:08:63:6e:ab:50:30:5b:19:fc:8d:eb:58:3f:45:64:43:37:
         97:4e:8a:d9:19:78:c5:3f:f2:4e:0b:96:f2:84:62:44:87:3a:
         45:b0:05:75:9b:8d:98:78:95:0d:3d:9d:73:f3:07:e5:fe:ef:
         b3:38:72:9a:88:5c:e4:41:3d:be:d7:00:9e:e4:7d:fe:f6:4b:
         92:e0:59:f8:f2:5e:ca:f6:3f:df:5f:b8:f0:61:bf:dd:1c:c6:
         62:55:1a:d9:71:a6:a4:c0:e7:1f:35:19:e4:73:2d:df:6a:32:
         c0:0c:8c:b5:ca:72:5a:8b:b9:1d:9d:31:9c:87:12:7e:2e:58:
         03:2d:36:e3:e8:cf:e9:56:7f:25:04:01:9e:6d:ac:c4:da:ff:
         d5:96:83:6d:b3:11:22:d8:c5:bb:bd:6f:d4:48:19:5a:90:e7:
         0d:59:e7:b6:4e:24:57:7b:71:68:f6:78:27:72:73:51:e8:aa:
         55:f2:8d:c8:66:01:83:cf:9a:b9:ae:94:ef:6d:af:b8:b8:36:
         f9:67:56:78:34:85:ab:ba:5e:68:0d:67:5e:20:7d:17:6c:5c:
         e2:7e:c6:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9CSclqna2fOtg5j/SA9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzhiZDU2YTAxZWIyYWUzMDc2ZjY5NmQwMWQ0ZmZjZDE0
MDFhOWYwHhcNMjUxMTA0MTMwMDE0WhcNMjUxMTA1MTMwMDE0WjAzMTEwLwYDVQQD
EyhjMTQ0MmM5OGM1ODZjZWM3MWU1MmNmMzcxOWQ1ZmYxNTI3NjBjMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDTm4Eh1DQjggAiN2KiM6Spat3Le
x33yM3kUa0UP/XVJZZbRYzR8pnZU552rXw0MNGwYLs99Kd3T/fl2vj3zvVBbJny8
a5fnQzdIYUgKH/y9rGUOOCQnSBInf5tNP/yaiskGGtCTNiGADgewruakCoIZbwol
AZci2+dVHEwkQne1Z4YnnyyOVi+kRujVkxh+bX6/5L2o4yEa7+jn9xG6GcnX44Wt
RGLvN6bIvF4RDj51uC1HMNMDEgRsZJrTZE4CCU270+06nyxqZKMZsoYRJ6KU04wp
lNdF82ppprlUlTaNzs64pQ84auY2MyFXE0rYNLskfF0tVeWTGQi+ZnJW0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMFELJjFhs7HHlLPNxnV/xUnYMDrMB8GA1UdIwQY
MBaAFDR4vVagHrKuMHb2ltAdT/zRQBqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wZmM3ZDgtMmE1Zi00YjM4LWEyMzAt
ODM5NmY4YzYyNTVhLzEvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wZmM3ZDgtMmE1Zi00YjM4LWEyMzAtODM5NmY4YzYyNTVh
LzEvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYD9a+7R/
xsTUsSqlxVB9bnyDrjXB8jcDfhGqZayAYAX/OlkAHQhjbqtQMFsZ/I3rWD9FZEM3
l06K2Rl4xT/yTguW8oRiRIc6RbAFdZuNmHiVDT2dc/MH5f7vszhymohc5EE9vtcA
nuR9/vZLkuBZ+PJeyvY/31+48GG/3RzGYlUa2XGmpMDnHzUZ5HMt32oywAyMtcpy
Wou5HZ0xnIcSfi5YAy024+jP6VZ/JQQBnm2sxNr/1ZaDbbMRItjFu71v1EgZWpDn
DVnntk4kV3txaPZ4J3JzUeiqVfKNyGYBg8+aua6U722vuLg2+WdWeDSFq7peaA1n
XiB9F2xc4n7GAA==
-----END CERTIFICATE-----