Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          0h5mkoKvsAKlTHDaL8TcUK/JdVcwd0D8FCs649gjj+8=
Subject key identifier:   7D:2C:7D:AA:FB:70:C0:46:00:45:11:84:21:CB:BB:69:F0:83:E7:2C
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       0198D472C369A6F0F47BBA844B2D937F7226
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          1643
Signing time:             Sat 23 Aug 2025 01:02:27 +0000
Manifest this update:     Sat 23 Aug 2025 01:02:27 +0000
Manifest next update:     Sun 24 Aug 2025 01:02:27 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: vpmgovC4Jt2mRu8ywv3FnR92IrvYyyxo36gq1CyPTG8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:c3:69:a6:f0:f4:7b:ba:84:4b:2d:93:7f:72:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Aug 23 01:02:27 2025 GMT
            Not After : Aug 24 01:02:27 2025 GMT
        Subject: CN=7d2c7daafb70c0460045118421cbbb69f083e72c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9d:93:41:36:a7:e2:3d:91:a2:aa:7f:3c:37:
                    bf:fe:d5:a2:be:f2:a2:12:bf:2f:99:c6:a0:ae:58:
                    79:22:0e:cd:79:c4:c9:50:c5:dc:36:77:06:6f:69:
                    b6:21:7b:fb:74:25:a0:98:03:44:2f:cd:cb:f0:33:
                    5d:37:dd:1b:ab:34:50:83:33:ff:4c:93:ff:0a:63:
                    2e:ef:82:f1:03:42:4a:b5:17:7b:b4:7d:08:60:1b:
                    31:3e:76:b5:16:ef:43:d3:90:d2:a4:60:54:98:f9:
                    1e:b4:ea:35:67:3e:27:83:84:e3:00:45:4f:c7:18:
                    81:68:60:20:a2:65:e5:98:6d:ab:18:b3:6e:96:25:
                    65:75:e4:74:e1:ba:82:9b:85:7c:f2:db:62:34:33:
                    22:f8:40:4b:94:df:d6:97:ca:87:cf:ee:99:5b:d0:
                    7e:f6:1b:9c:aa:36:98:6c:00:da:eb:22:68:90:97:
                    1b:2a:bc:08:a4:0b:09:ca:38:e9:4c:0b:a7:88:60:
                    cd:f5:5b:92:16:61:a5:c6:bc:c2:a9:7d:f2:6d:8d:
                    47:a0:91:94:c5:aa:d5:fc:8a:59:f5:90:08:f2:31:
                    bb:83:08:47:08:0c:c6:54:b0:f6:c3:0d:a1:8c:4a:
                    8a:a2:0c:58:0b:70:6b:46:a9:b4:ab:ce:c8:d8:92:
                    49:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:2C:7D:AA:FB:70:C0:46:00:45:11:84:21:CB:BB:69:F0:83:E7:2C
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3a:5e:09:be:43:53:ca:e4:cd:94:5c:c8:0e:5a:ac:27:86:47:
         f2:89:90:bf:47:e0:53:25:1a:af:44:8f:c1:7b:ab:01:aa:14:
         38:ab:5e:f0:fd:69:37:d7:92:e8:40:ae:98:bd:93:b2:22:b8:
         03:4f:57:bc:3a:a6:7e:65:d2:0f:31:e3:24:bf:91:50:70:d9:
         74:9d:96:84:c6:85:a5:97:98:ac:f8:3b:91:d2:c9:81:f4:20:
         e8:5a:be:d3:28:76:35:a1:83:1f:e9:cc:42:df:6d:47:7a:a7:
         80:e9:28:a0:a9:42:04:96:9e:f8:44:9f:0d:3a:5d:7c:32:81:
         28:2c:21:15:e1:c7:e0:03:af:84:ca:32:c8:13:89:4a:b5:ec:
         ce:be:96:c8:9f:ff:c9:ac:d7:6c:a1:78:8e:5a:89:e9:68:9c:
         75:c4:81:24:a8:83:70:da:09:bd:c5:81:57:04:a9:2a:05:2d:
         0b:89:83:2c:0e:07:6c:3f:3f:fb:02:19:80:ab:30:be:9f:f0:
         14:ef:6c:68:d7:f2:11:fa:f3:ac:d2:bc:08:b4:85:4f:94:f9:
         80:aa:7a:1e:99:70:75:d8:10:68:38:5d:b8:6d:d8:f5:aa:c1:
         8e:d9:8c:f9:ba:d0:a1:3c:84:12:b7:5b:92:ab:a6:b9:3a:80:
         ca:4b:51:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUcsNppvD0e7qESy2Tf3ImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjUwODIzMDEwMjI3WhcNMjUwODI0MDEwMjI3WjAzMTEwLwYDVQQD
Eyg3ZDJjN2RhYWZiNzBjMDQ2MDA0NTExODQyMWNiYmI2OWYwODNlNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp2TQTan4j2Roqp/PDe//tWivvKi
Er8vmcagrlh5Ig7NecTJUMXcNncGb2m2IXv7dCWgmANEL83L8DNdN90bqzRQgzP/
TJP/CmMu74LxA0JKtRd7tH0IYBsxPna1Fu9D05DSpGBUmPketOo1Zz4ng4TjAEVP
xxiBaGAgomXlmG2rGLNuliVldeR04bqCm4V88ttiNDMi+EBLlN/Wl8qHz+6ZW9B+
9hucqjaYbADa6yJokJcbKrwIpAsJyjjpTAuniGDN9VuSFmGlxrzCqX3ybY1HoJGU
xarV/IpZ9ZAI8jG7gwhHCAzGVLD2ww2hjEqKogxYC3BrRqm0q87I2JJJbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0sfar7cMBGAEURhCHLu2nwg+csMB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOl4JvkNT
yuTNlFzIDlqsJ4ZH8omQv0fgUyUar0SPwXurAaoUOKte8P1pN9eS6ECumL2TsiK4
A09XvDqmfmXSDzHjJL+RUHDZdJ2WhMaFpZeYrPg7kdLJgfQg6Fq+0yh2NaGDH+nM
Qt9tR3qngOkooKlCBJae+ESfDTpdfDKBKCwhFeHH4AOvhMoyyBOJSrXszr6WyJ//
yazXbKF4jlqJ6WicdcSBJKiDcNoJvcWBVwSpKgUtC4mDLA4HbD8/+wIZgKswvp/w
FO9saNfyEfrzrNK8CLSFT5T5gKp6HplwddgQaDhduG3Y9arBjtmM+brQoTyEErdb
kqumuTqAyktRww==
-----END CERTIFICATE-----