Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          AufwZBFRP8eQPrhGEiIbaEKkBgKWEuaPJ20KiCLNOhk=
Subject key identifier:   D1:8E:84:B1:D2:5A:2F:ED:97:AA:26:E6:B5:62:55:13:EC:0D:30:B3
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       019A4F62C26E5BA4F8DF1E3CB55A6B6C03D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          1708
Signing time:             Tue 04 Nov 2025 15:01:03 +0000
Manifest this update:     Tue 04 Nov 2025 15:01:03 +0000
Manifest next update:     Wed 05 Nov 2025 15:01:03 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: bnKzndNdPiqgAuHn7KTbjq27B6Hd/23TdzVHBBm8FJs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 09:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:4f:62:c2:6e:5b:a4:f8:df:1e:3c:b5:5a:6b:6c:03:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Nov  4 15:01:03 2025 GMT
            Not After : Nov  5 15:01:03 2025 GMT
        Subject: CN=d18e84b1d25a2fed97aa26e6b5625513ec0d30b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:ee:c3:dd:de:93:2c:95:f3:be:e5:0f:5c:04:
                    b7:fd:65:f4:83:10:70:94:1c:ea:3f:f0:cd:79:9b:
                    cb:32:3b:c4:ce:ae:02:cc:47:7f:93:4f:f6:87:8f:
                    ee:42:20:ff:89:ff:1d:cb:8b:83:53:5a:54:49:53:
                    2b:a3:2f:ab:3b:58:83:55:3f:d1:9d:48:23:87:c1:
                    d4:ef:4f:58:16:00:93:70:ff:4b:b1:9b:d1:bd:84:
                    10:39:c1:21:14:9d:06:4d:e9:66:16:0c:fc:b4:84:
                    e7:30:19:92:bd:91:6e:3f:d0:c2:a1:03:9e:f5:a0:
                    b4:20:34:69:34:1b:1c:99:eb:54:0a:a9:4c:4c:86:
                    2f:13:3b:58:65:27:23:91:1a:d7:9a:e1:1d:d0:c5:
                    c8:63:5e:ae:60:66:0b:15:98:2f:8b:a3:76:9b:1e:
                    ae:d2:48:1f:8f:de:ed:e9:db:a8:bc:12:b4:b4:90:
                    ba:de:36:e8:73:7d:32:12:7b:35:46:db:06:8f:2b:
                    17:95:f7:62:32:fd:78:00:2b:09:d0:12:88:98:92:
                    5d:41:05:94:2c:d5:e1:14:05:99:19:bf:ad:61:04:
                    02:65:48:36:b6:6d:3b:61:de:e5:37:cd:da:e8:e1:
                    cf:2f:3d:ee:51:7e:3b:d1:6c:82:73:7b:76:74:a8:
                    8d:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:8E:84:B1:D2:5A:2F:ED:97:AA:26:E6:B5:62:55:13:EC:0D:30:B3
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:01:73:e1:e8:54:a7:98:d3:e2:fe:e1:d3:c1:de:ce:fc:c3:
         18:1b:6c:db:72:a1:c0:31:66:cf:5c:8a:18:1e:60:10:0d:98:
         11:e2:06:9c:86:8f:09:d3:f9:8f:41:7a:12:6e:45:7c:40:d5:
         58:b4:16:99:7a:63:44:c8:d9:b1:99:4b:6b:ad:58:52:7d:22:
         00:3e:b1:94:95:f1:b5:38:6e:28:d3:ea:50:a1:ec:de:cb:6e:
         3e:dc:9a:a3:f4:bf:a5:55:06:81:dd:8e:94:cb:fe:09:77:34:
         67:a7:cc:f2:1e:15:dc:d2:b7:70:ac:0c:9b:91:a1:78:16:af:
         51:f5:25:6a:f5:f7:be:f1:6c:e0:f4:1b:1c:b0:bf:54:cc:e8:
         48:3c:71:88:12:53:7a:8a:8c:41:e4:3c:d4:d5:b0:22:67:17:
         55:9b:82:df:72:3d:85:ff:59:7b:ab:af:30:b2:93:e0:31:e6:
         60:ae:6e:14:53:d1:49:de:e7:45:33:0d:37:20:f4:5a:31:96:
         87:d0:71:9a:48:e0:9d:79:fd:f2:72:20:47:28:36:b2:64:51:
         63:a2:58:ea:9d:e5:b5:d7:c6:4e:bf:53:5b:a7:14:2d:35:87:
         49:1c:9a:21:3a:46:db:94:7b:f9:f5:e8:71:bd:7b:9f:bd:93:
         82:46:66:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYsJuW6T43x48tVprbAPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjUxMTA0MTUwMTAzWhcNMjUxMTA1MTUwMTAzWjAzMTEwLwYDVQQD
EyhkMThlODRiMWQyNWEyZmVkOTdhYTI2ZTZiNTYyNTUxM2VjMGQzMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+7D3d6TLJXzvuUPXAS3/WX0gxBw
lBzqP/DNeZvLMjvEzq4CzEd/k0/2h4/uQiD/if8dy4uDU1pUSVMroy+rO1iDVT/R
nUgjh8HU709YFgCTcP9LsZvRvYQQOcEhFJ0GTelmFgz8tITnMBmSvZFuP9DCoQOe
9aC0IDRpNBscmetUCqlMTIYvEztYZScjkRrXmuEd0MXIY16uYGYLFZgvi6N2mx6u
0kgfj97t6duovBK0tJC63jboc30yEns1RtsGjysXlfdiMv14ACsJ0BKImJJdQQWU
LNXhFAWZGb+tYQQCZUg2tm07Yd7lN83a6OHPLz3uUX470WyCc3t2dKiNPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGOhLHSWi/tl6om5rViVRPsDTCzMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwFz4ehU
p5jT4v7h08HezvzDGBts23KhwDFmz1yKGB5gEA2YEeIGnIaPCdP5j0F6Em5FfEDV
WLQWmXpjRMjZsZlLa61YUn0iAD6xlJXxtThuKNPqUKHs3stuPtyao/S/pVUGgd2O
lMv+CXc0Z6fM8h4V3NK3cKwMm5GheBavUfUlavX3vvFs4PQbHLC/VMzoSDxxiBJT
eoqMQeQ81NWwImcXVZuC33I9hf9Ze6uvMLKT4DHmYK5uFFPRSd7nRTMNNyD0WjGW
h9BxmkjgnXn98nIgRyg2smRRY6JY6p3ltdfGTr9TW6cULTWHSRyaITpG25R7+fXo
cb17n72TgkZmgQ==
-----END CERTIFICATE-----