Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
File:                     NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json)
Hash identifier:          b8FhMKGcU7VqFCazdUp9B33+zAsAv6fn30lhA0luwTY=
Subject key identifier:   CC:1D:08:64:96:59:ED:AF:96:C9:95:21:2F:09:FF:AA:86:89:C7:02
Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00
Certificate issuer:       /CN=3470523cc59d4f052757e712291e2bb79df92800
Certificate serial:       0198D54E1F57A1E4B73074DBB0A92016D3E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
Manifest number:          0158
Signing time:             Sat 23 Aug 2025 05:02:03 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:03 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:03 +0000
Files and hashes:         1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: qKFly0N+5PyhY/L0PUc9PoVVj7PdBf62eX1eCNzDGto=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:1f:57:a1:e4:b7:30:74:db:b0:a9:20:16:d3:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800
        Validity
            Not Before: Aug 23 05:02:03 2025 GMT
            Not After : Aug 24 05:02:03 2025 GMT
        Subject: CN=cc1d08649659edaf96c995212f09ffaa8689c702
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:24:1c:48:48:e0:b2:6e:ec:35:3d:5d:2c:f8:
                    31:c7:2c:27:15:a3:19:88:58:17:ab:07:97:0b:a2:
                    36:d6:a0:04:1c:60:39:a1:50:13:fc:8a:48:49:be:
                    2e:78:e3:05:d8:2f:db:77:22:e6:d2:65:cc:e9:29:
                    82:c8:e6:9c:ee:0c:c4:98:92:b5:41:4f:0f:9f:9e:
                    13:95:6e:94:44:ee:a6:b4:31:47:ef:1b:9a:33:73:
                    93:2d:a2:70:a6:b8:6c:f4:bd:5a:d2:64:6c:7c:6b:
                    d8:6e:30:37:1f:87:ae:22:d1:3a:65:da:95:5f:19:
                    50:09:24:0d:8d:64:c2:19:24:af:09:11:9a:97:b9:
                    25:1d:87:6f:0e:3b:6b:87:d6:82:bf:d2:a2:14:d9:
                    9b:63:d3:de:87:df:2d:26:17:65:d5:c3:7c:0f:9d:
                    a1:9a:ae:62:ca:4a:38:c0:01:17:99:9b:b8:70:c4:
                    39:4b:2a:e2:af:a1:7f:72:91:60:23:0f:11:d4:ba:
                    b0:b8:04:9f:aa:3b:0d:bb:3b:f7:ce:7b:ab:f2:d1:
                    b0:83:f6:33:ef:f2:08:85:43:77:6a:f7:ae:d1:91:
                    07:ab:e9:90:a0:e4:60:dd:03:24:9e:43:e5:9b:58:
                    98:32:9d:d1:ef:e3:60:f2:1a:db:b1:7e:18:78:c3:
                    a2:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:1D:08:64:96:59:ED:AF:96:C9:95:21:2F:09:FF:AA:86:89:C7:02
            X509v3 Authority Key Identifier:
                keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:ed:50:e4:7b:6a:75:5a:50:96:06:a0:96:bf:08:11:21:47:
         15:87:5b:23:c6:fd:d6:00:1a:57:6c:3a:3d:e0:85:e6:21:d6:
         7f:61:72:6f:6b:0e:12:7f:e0:4a:5e:19:89:be:8e:54:fa:e8:
         5d:5c:7f:ba:2c:69:a6:38:0d:4e:f2:1c:01:15:15:29:eb:1d:
         4b:22:d9:45:08:e7:43:63:1e:f9:47:4e:59:25:ac:18:14:ec:
         61:d4:75:90:48:7e:50:dd:da:93:1d:7b:a1:c5:65:30:0a:f5:
         61:d7:c9:2c:e3:6c:27:43:31:f6:27:9d:6e:79:a2:2e:53:96:
         7d:f3:83:d8:87:15:60:b7:2e:43:a7:65:3c:61:94:d7:f4:dd:
         8c:ad:bd:22:69:c0:d5:2c:07:9e:ba:2b:08:1d:83:e6:01:63:
         6e:2e:7f:cc:f4:4d:a4:78:a8:d2:04:72:20:36:61:15:5e:89:
         15:fc:cd:dc:bb:e5:93:e7:5d:48:9a:9f:78:39:aa:0d:b3:86:
         c4:90:3e:21:1e:90:db:15:b1:90:c1:63:8a:ac:8e:59:a1:98:
         06:e3:0c:f1:dc:5d:a1:4f:12:e8:f2:e7:fc:f8:c8:92:d3:01:
         79:6c:70:58:de:2e:1a:5c:cc:af:d3:2e:10:85:fa:b9:3d:a5:
         21:96:5b:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTh9XoeS3MHTbsKkgFtPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm
OTI4MDAwHhcNMjUwODIzMDUwMjAzWhcNMjUwODI0MDUwMjAzWjAzMTEwLwYDVQQD
EyhjYzFkMDg2NDk2NTllZGFmOTZjOTk1MjEyZjA5ZmZhYTg2ODljNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyQcSEjgsm7sNT1dLPgxxywnFaMZ
iFgXqweXC6I21qAEHGA5oVAT/IpISb4ueOMF2C/bdyLm0mXM6SmCyOac7gzEmJK1
QU8Pn54TlW6URO6mtDFH7xuaM3OTLaJwprhs9L1a0mRsfGvYbjA3H4euItE6ZdqV
XxlQCSQNjWTCGSSvCRGal7klHYdvDjtrh9aCv9KiFNmbY9Peh98tJhdl1cN8D52h
mq5iyko4wAEXmZu4cMQ5Syrir6F/cpFgIw8R1LqwuASfqjsNuzv3znur8tGwg/Yz
7/IIhUN3aveu0ZEHq+mQoORg3QMknkPlm1iYMp3R7+Ng8hrbsX4YeMOiwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwdCGSWWe2vlsmVIS8J/6qGiccCMB8GA1UdIwQY
MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt
MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1
LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+1Q5Htq
dVpQlgaglr8IESFHFYdbI8b91gAaV2w6PeCF5iHWf2Fyb2sOEn/gSl4Zib6OVPro
XVx/uixppjgNTvIcARUVKesdSyLZRQjnQ2Me+UdOWSWsGBTsYdR1kEh+UN3akx17
ocVlMAr1YdfJLONsJ0Mx9iedbnmiLlOWffOD2IcVYLcuQ6dlPGGU1/TdjK29ImnA
1SwHnrorCB2D5gFjbi5/zPRNpHio0gRyIDZhFV6JFfzN3Lvlk+ddSJqfeDmqDbOG
xJA+IR6Q2xWxkMFjiqyOWaGYBuMM8dxdoU8S6PLn/PjIktMBeWxwWN4uGlzMr9Mu
EIX6uT2lIZZbBw==
-----END CERTIFICATE-----