Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          YePweTc8BRQ1P7MuvTTWAhuGJiz67VaGuP6XDDUtO6Y=
Subject key identifier:   47:70:DC:46:20:A5:86:69:47:61:D1:A6:06:E3:6F:A4:81:6F:9B:6B
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       0197B70E8332EFDDD02F0F581683EA522BAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0A17
Signing time:             Sat 28 Jun 2025 15:01:10 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:10 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:10 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: /hoqnaFfR1FJHATchqOE7Xit/NCSYq5EgNV5jnTEhF8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:83:32:ef:dd:d0:2f:0f:58:16:83:ea:52:2b:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Jun 28 15:01:10 2025 GMT
            Not After : Jun 29 15:01:10 2025 GMT
        Subject: CN=4770dc4620a586694761d1a606e36fa4816f9b6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:2f:dd:97:28:c5:5d:4d:ee:c1:46:a7:7e:c8:
                    06:72:b4:e7:ac:d3:00:8e:76:f8:83:0b:c6:ad:96:
                    59:85:b7:a7:8c:87:b6:55:7a:0f:47:c7:4b:e8:a7:
                    d6:f5:b6:f2:6d:cf:d5:47:20:39:fc:0a:1a:4c:7b:
                    74:28:54:3b:05:24:5d:cf:8c:58:a4:2a:ff:7e:14:
                    0c:50:08:f6:0b:cc:75:29:3f:a7:a9:db:04:8f:3a:
                    b9:f6:b0:ae:63:e2:c9:6a:c6:1b:05:ce:28:0b:39:
                    8c:93:80:10:f8:63:8c:79:b2:0b:2e:4f:49:3a:9b:
                    fb:03:0c:85:28:36:24:eb:42:65:b0:32:82:0b:30:
                    71:fc:8d:d2:87:52:40:8b:85:c0:df:a2:ee:63:1c:
                    7f:53:e6:2f:3e:43:32:fc:87:ea:e3:5e:18:27:a6:
                    a5:a5:3d:38:33:7b:2b:8b:e6:1c:6a:54:7e:6d:48:
                    18:e5:22:1c:3b:67:3a:a9:ba:20:a8:36:14:a8:0a:
                    53:65:d2:b2:96:75:e5:5d:b5:f1:28:52:c2:19:e8:
                    6f:57:55:44:cc:92:b1:c7:9b:89:d3:71:b9:b6:af:
                    76:54:2e:38:84:6e:2c:51:3d:27:3b:f5:0f:44:0b:
                    1d:f5:c0:1e:76:83:99:c2:ff:a8:c8:6e:8d:ef:34:
                    1e:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:70:DC:46:20:A5:86:69:47:61:D1:A6:06:E3:6F:A4:81:6F:9B:6B
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:66:8a:07:12:6f:44:59:55:40:5c:b6:9b:ee:5c:3b:0c:ae:
         8d:05:44:49:00:42:8d:b1:33:ee:55:57:45:60:6b:f0:bc:76:
         f0:d8:77:20:25:69:5a:85:8d:98:bd:37:69:e6:b9:6c:ec:06:
         e5:03:e4:29:fb:5d:1f:2a:01:fb:f0:83:27:74:0b:f3:e7:f7:
         8e:ae:ae:26:10:0f:6b:28:3a:0a:1f:fc:10:bf:c8:32:ab:a9:
         90:fe:48:a1:85:1e:d8:f9:dc:15:c8:e4:4f:24:06:ab:74:8d:
         bb:be:8b:8d:b2:64:2a:ed:d0:45:38:79:83:aa:87:c3:e9:96:
         d2:a8:e6:12:5d:44:14:a3:93:33:ca:f9:7a:89:39:b9:51:22:
         b7:14:d6:2a:e5:68:49:45:69:64:4c:28:e1:0e:56:54:a6:34:
         bb:33:b3:10:de:26:a6:38:ec:d3:38:c2:9d:f7:d9:70:a1:f4:
         44:f8:2a:a7:86:63:3a:a0:e7:05:8b:e4:f3:3e:df:54:85:d1:
         47:1c:8f:b7:97:5b:24:48:69:e8:44:0b:ef:4b:c7:97:76:9c:
         2c:9d:eb:2d:9a:1c:c1:b8:8d:88:8b:d0:de:0a:f6:11:33:52:
         2d:2e:2b:5d:43:b0:09:30:cd:7c:ac:b6:29:4a:00:f2:93:f2:
         f4:db:fc:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DoMy793QLw9YFoPqUiutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjUwNjI4MTUwMTEwWhcNMjUwNjI5MTUwMTEwWjAzMTEwLwYDVQQD
Eyg0NzcwZGM0NjIwYTU4NjY5NDc2MWQxYTYwNmUzNmZhNDgxNmY5YjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiC/dlyjFXU3uwUanfsgGcrTnrNMA
jnb4gwvGrZZZhbenjIe2VXoPR8dL6KfW9bbybc/VRyA5/AoaTHt0KFQ7BSRdz4xY
pCr/fhQMUAj2C8x1KT+nqdsEjzq59rCuY+LJasYbBc4oCzmMk4AQ+GOMebILLk9J
Opv7AwyFKDYk60JlsDKCCzBx/I3Sh1JAi4XA36LuYxx/U+YvPkMy/Ifq414YJ6al
pT04M3sri+YcalR+bUgY5SIcO2c6qbogqDYUqApTZdKylnXlXbXxKFLCGehvV1VE
zJKxx5uJ03G5tq92VC44hG4sUT0nO/UPRAsd9cAedoOZwv+oyG6N7zQe0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEdw3EYgpYZpR2HRpgbjb6SBb5trMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYGaKBxJv
RFlVQFy2m+5cOwyujQVESQBCjbEz7lVXRWBr8Lx28Nh3ICVpWoWNmL03aea5bOwG
5QPkKftdHyoB+/CDJ3QL8+f3jq6uJhAPayg6Ch/8EL/IMqupkP5IoYUe2PncFcjk
TyQGq3SNu76LjbJkKu3QRTh5g6qHw+mW0qjmEl1EFKOTM8r5eok5uVEitxTWKuVo
SUVpZEwo4Q5WVKY0uzOzEN4mpjjs0zjCnffZcKH0RPgqp4ZjOqDnBYvk8z7fVIXR
RxyPt5dbJEhp6EQL70vHl3acLJ3rLZocwbiNiIvQ3gr2ETNSLS4rXUOwCTDNfKy2
KUoA8pPy9Nv8og==
-----END CERTIFICATE-----