Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
File:                     NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json)
Hash identifier:          YNdGiVjJTsN22wvd3EncRVvcVEUh0E8YkCo1Mvff0/I=
Subject key identifier:   5C:A5:6B:47:04:A6:11:F5:A8:09:07:33:59:25:4F:51:5A:1A:87:1F
Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
Certificate issuer:       /CN=3432f3546de43ce35c7871c554b8b30ef635c251
Certificate serial:       0198D6CD2078576B9E983050A53E8A769124
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
Manifest number:          01F1
Signing time:             Sat 23 Aug 2025 12:00:24 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:24 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:24 +0000
Files and hashes:         1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: 1ZF7k7m35wDMfteIv4h37yPBScSjJc6HS8uZtSQl7/s=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:20:78:57:6b:9e:98:30:50:a5:3e:8a:76:91:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251
        Validity
            Not Before: Aug 23 12:00:24 2025 GMT
            Not After : Aug 24 12:00:24 2025 GMT
        Subject: CN=5ca56b4704a611f5a809073359254f515a1a871f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f1:d7:bf:58:3a:dc:81:8b:b8:12:4d:dd:f9:
                    78:85:42:65:e5:a5:41:18:d7:34:6a:05:5e:73:95:
                    7b:85:1c:a9:aa:06:18:8e:e7:63:b6:fe:a5:79:36:
                    ad:a4:2c:12:20:ce:3c:e4:4e:af:50:a3:46:08:dc:
                    cf:18:f1:d3:c7:42:d1:dd:81:f1:c0:7a:fa:aa:cc:
                    26:a3:ee:fd:59:ef:ee:ce:09:47:42:e3:39:33:95:
                    c9:a3:cc:41:1b:ed:5c:05:67:25:95:02:10:45:8b:
                    71:5c:bb:4a:25:d7:9e:3e:e6:28:30:af:9d:7a:ea:
                    e4:39:1f:3c:bc:9b:5a:5c:c9:4f:dd:5d:d9:c8:a1:
                    9e:78:0a:21:33:ed:d5:77:5e:46:0a:71:21:ea:63:
                    43:b0:3d:1a:9a:c2:26:f2:c7:42:b2:b0:6d:ed:8b:
                    9f:3a:a2:95:86:ec:5a:39:74:8a:37:39:c4:e9:40:
                    1f:77:3d:e5:8c:b0:cb:bd:58:b8:90:6e:25:99:c1:
                    89:49:88:9c:d6:cf:8a:3a:1e:01:a8:2f:fe:f2:d9:
                    03:62:88:60:38:4f:35:9d:f1:25:20:a3:3f:45:f7:
                    3c:da:4b:18:aa:5b:6f:78:e2:72:e8:e9:bd:08:d1:
                    70:86:a5:58:4b:16:2a:e3:66:95:45:de:45:65:05:
                    90:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:A5:6B:47:04:A6:11:F5:A8:09:07:33:59:25:4F:51:5A:1A:87:1F
            X509v3 Authority Key Identifier:
                keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:86:a6:dd:47:8f:d8:38:b1:30:11:61:f1:82:f7:49:bc:25:
         7d:96:66:7d:10:fe:8b:5f:ae:29:30:23:27:65:9d:7a:7e:31:
         0b:f2:a0:b3:cd:5c:fd:7b:54:51:7c:39:bc:6d:bd:8c:c1:1c:
         a0:63:19:97:70:2d:d1:64:54:86:73:c0:73:79:28:fc:84:11:
         b5:44:9a:11:a9:83:f3:28:13:e0:28:be:45:d9:d8:49:5b:f6:
         29:17:c6:aa:ff:f0:51:94:93:72:0f:f2:4f:77:58:71:a5:02:
         62:7f:1f:75:a4:ec:0a:11:93:42:6c:4b:29:72:c7:ad:36:c6:
         b6:a7:22:1f:1d:fb:c5:1d:95:0f:e0:a5:44:65:f1:38:27:b7:
         a9:bf:5f:b1:fe:b1:af:e7:cd:f1:9c:f0:b4:f5:54:32:51:2d:
         a6:32:54:82:f7:74:cf:05:5d:98:b7:f6:db:15:23:e0:db:00:
         ac:64:31:5d:b4:58:dc:92:17:67:f7:e4:ce:ca:68:ba:44:9c:
         13:9a:69:41:a5:4e:c8:ef:f2:33:1c:c7:b2:b3:7d:00:fd:cc:
         d8:05:f0:e2:07:d8:c0:7c:55:d4:64:87:b7:df:d8:58:86:8d:
         cc:f1:98:cf:88:ff:a4:f5:2d:33:15:43:d7:f3:c3:44:60:1b:
         6c:f3:cf:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzSB4V2uemDBQpT6KdpEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz
NWMyNTEwHhcNMjUwODIzMTIwMDI0WhcNMjUwODI0MTIwMDI0WjAzMTEwLwYDVQQD
Eyg1Y2E1NmI0NzA0YTYxMWY1YTgwOTA3MzM1OTI1NGY1MTVhMWE4NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfHXv1g63IGLuBJN3fl4hUJl5aVB
GNc0agVec5V7hRypqgYYjudjtv6leTatpCwSIM485E6vUKNGCNzPGPHTx0LR3YHx
wHr6qswmo+79We/uzglHQuM5M5XJo8xBG+1cBWcllQIQRYtxXLtKJdeePuYoMK+d
eurkOR88vJtaXMlP3V3ZyKGeeAohM+3Vd15GCnEh6mNDsD0amsIm8sdCsrBt7Yuf
OqKVhuxaOXSKNznE6UAfdz3ljLDLvVi4kG4lmcGJSYic1s+KOh4BqC/+8tkDYohg
OE81nfElIKM/Rfc82ksYqltveOJy6Om9CNFwhqVYSxYq42aVRd5FZQWQ7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyla0cEphH1qAkHM1klT1FaGocfMB8GA1UdIwQY
MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct
NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3
LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL4am3UeP
2DixMBFh8YL3SbwlfZZmfRD+i1+uKTAjJ2Wden4xC/Kgs81c/XtUUXw5vG29jMEc
oGMZl3At0WRUhnPAc3ko/IQRtUSaEamD8ygT4Ci+RdnYSVv2KRfGqv/wUZSTcg/y
T3dYcaUCYn8fdaTsChGTQmxLKXLHrTbGtqciHx37xR2VD+ClRGXxOCe3qb9fsf6x
r+fN8ZzwtPVUMlEtpjJUgvd0zwVdmLf22xUj4NsArGQxXbRY3JIXZ/fkzspoukSc
E5ppQaVOyO/yMxzHsrN9AP3M2AXw4gfYwHxV1GSHt9/YWIaNzPGYz4j/pPUtMxVD
1/PDRGAbbPPPAw==
-----END CERTIFICATE-----