Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
File:                     NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json)
Hash identifier:          ner7bcv+3dRAVZNHuHs5Ip1Jdw7w53HQNoQckBPrHYI=
Subject key identifier:   84:77:A6:39:3A:70:55:9D:77:5A:CB:2F:53:F4:12:FB:D2:B5:3C:E7
Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00
Certificate issuer:       /CN=3470523cc59d4f052757e712291e2bb79df92800
Certificate serial:       0197B58E33DC880C059610B68BDD29817301
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
Manifest number:          C3
Signing time:             Sat 28 Jun 2025 08:01:24 +0000
Manifest this update:     Sat 28 Jun 2025 08:01:24 +0000
Manifest next update:     Sun 29 Jun 2025 08:01:24 +0000
Files and hashes:         1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: qPsUBf/+zZfci0ncjAvqKEbOHkqZoNJDMkRLx+rYJdM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 08:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b5:8e:33:dc:88:0c:05:96:10:b6:8b:dd:29:81:73:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800
        Validity
            Not Before: Jun 28 08:01:24 2025 GMT
            Not After : Jun 29 08:01:24 2025 GMT
        Subject: CN=8477a6393a70559d775acb2f53f412fbd2b53ce7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e8:de:40:0d:59:8f:59:73:8d:48:17:07:3b:
                    57:77:b5:44:a1:13:02:0c:28:a2:89:f8:4e:c1:21:
                    57:69:21:c6:46:ab:07:aa:42:09:07:00:03:29:b3:
                    42:72:ad:76:ab:73:f5:0b:32:e7:60:4d:bf:8f:dd:
                    60:7b:ec:2e:aa:d6:37:b4:98:64:54:57:23:bf:5c:
                    e1:91:a2:b4:9e:41:7e:78:39:45:a2:43:06:ac:2f:
                    a3:29:e6:9b:e6:44:49:a3:cf:91:49:5a:fc:24:b9:
                    1c:2f:24:f3:37:2e:18:9b:e0:59:ef:3e:21:c3:30:
                    4a:22:e2:dc:87:70:9a:02:34:49:a4:25:c2:30:89:
                    a5:fd:4a:f3:9f:8f:d7:11:9b:bb:74:05:c2:cc:0e:
                    56:ed:aa:c0:2f:a2:bf:ce:b6:a8:c6:25:3b:3a:32:
                    8a:cc:33:26:ae:50:71:cd:c0:0e:10:74:79:a2:80:
                    92:b0:30:b0:25:44:43:74:82:48:9e:42:06:f7:67:
                    0a:bb:38:73:b3:fd:cb:de:a2:b5:e3:f4:d0:55:4a:
                    92:f9:81:0a:c8:93:97:f6:74:88:df:3f:00:d1:d9:
                    7c:2d:b1:25:c2:0c:cb:5e:32:73:ff:d2:5d:9b:08:
                    a9:3e:53:46:d2:de:99:13:ef:e7:3f:ed:99:e2:c7:
                    f7:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:77:A6:39:3A:70:55:9D:77:5A:CB:2F:53:F4:12:FB:D2:B5:3C:E7
            X509v3 Authority Key Identifier:
                keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:57:3c:dd:68:dd:6d:66:50:b1:09:b5:5d:13:65:a6:b6:99:
         f9:8d:89:90:18:ac:e8:e0:10:06:cd:80:fe:61:54:23:2f:ba:
         60:3d:30:43:d8:31:36:87:6c:52:98:72:21:0f:5c:15:e8:34:
         e7:b5:76:31:ef:a5:97:03:4a:47:50:23:dc:0c:95:08:5c:28:
         37:fa:21:f4:7f:49:57:6e:4f:6e:65:9c:ab:a8:54:09:e0:8f:
         e5:3f:49:63:6f:89:fb:59:c5:1d:30:61:4e:22:bd:6b:23:26:
         b4:8f:47:f2:f5:70:07:19:ea:7c:9b:cf:2e:86:c3:e7:b8:36:
         0b:7f:7b:8d:3d:6c:d7:c9:a1:f8:fe:0b:32:e0:a7:eb:a9:16:
         07:aa:c9:98:9b:9f:f8:f6:61:f5:8e:ee:4a:68:11:45:79:73:
         e4:0e:25:48:07:7c:ac:6e:4e:31:79:eb:8d:90:ea:c3:90:4a:
         76:a5:f1:03:c9:57:da:09:27:e2:bc:80:de:d4:48:b7:7a:ab:
         4c:53:c0:f9:ba:c3:b5:b2:98:d3:7d:5d:a0:26:e6:7b:93:f6:
         a3:04:5c:ed:3c:3a:08:99:9b:8a:97:33:cb:f6:51:84:f1:9f:
         9f:3d:bb:58:e8:16:ff:29:f0:36:d4:50:0f:2e:26:e6:ca:92:
         45:eb:2b:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe1jjPciAwFlhC2i90pgXMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm
OTI4MDAwHhcNMjUwNjI4MDgwMTI0WhcNMjUwNjI5MDgwMTI0WjAzMTEwLwYDVQQD
Eyg4NDc3YTYzOTNhNzA1NTlkNzc1YWNiMmY1M2Y0MTJmYmQyYjUzY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvejeQA1Zj1lzjUgXBztXd7VEoRMC
DCiiifhOwSFXaSHGRqsHqkIJBwADKbNCcq12q3P1CzLnYE2/j91ge+wuqtY3tJhk
VFcjv1zhkaK0nkF+eDlFokMGrC+jKeab5kRJo8+RSVr8JLkcLyTzNy4Ym+BZ7z4h
wzBKIuLch3CaAjRJpCXCMIml/Urzn4/XEZu7dAXCzA5W7arAL6K/zraoxiU7OjKK
zDMmrlBxzcAOEHR5ooCSsDCwJURDdIJInkIG92cKuzhzs/3L3qK14/TQVUqS+YEK
yJOX9nSI3z8A0dl8LbElwgzLXjJz/9JdmwipPlNG0t6ZE+/nP+2Z4sf3oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIR3pjk6cFWdd1rLL1P0EvvStTznMB8GA1UdIwQY
MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt
MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1
LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAglc83Wjd
bWZQsQm1XRNlpraZ+Y2JkBis6OAQBs2A/mFUIy+6YD0wQ9gxNodsUphyIQ9cFeg0
57V2Me+llwNKR1Aj3AyVCFwoN/oh9H9JV25PbmWcq6hUCeCP5T9JY2+J+1nFHTBh
TiK9ayMmtI9H8vVwBxnqfJvPLobD57g2C397jT1s18mh+P4LMuCn66kWB6rJmJuf
+PZh9Y7uSmgRRXlz5A4lSAd8rG5OMXnrjZDqw5BKdqXxA8lX2gkn4ryA3tRIt3qr
TFPA+brDtbKY031doCbme5P2owRc7Tw6CJmbipczy/ZRhPGfnz27WOgW/ynwNtRQ
Dy4m5sqSResrCw==
-----END CERTIFICATE-----