Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          o6UB8Yg32/5MKulK+2tVM8u0CnRrdpvteZYzKFTJRDM=
Subject key identifier:   1E:3A:F2:CD:BD:93:9B:E5:A0:9D:20:72:CE:0D:2A:7E:4E:38:95:BA
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       0198D4E0A0BEC255070E98AB1E76E6367EAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0AAB
Signing time:             Sat 23 Aug 2025 03:02:27 +0000
Manifest this update:     Sat 23 Aug 2025 03:02:27 +0000
Manifest next update:     Sun 24 Aug 2025 03:02:27 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: GP1DqYhQkbJbe1M/FGIuhyvv+0KXDJFg2TLuUkZ74vU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 03:02:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:e0:a0:be:c2:55:07:0e:98:ab:1e:76:e6:36:7e:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Aug 23 03:02:27 2025 GMT
            Not After : Aug 24 03:02:27 2025 GMT
        Subject: CN=1e3af2cdbd939be5a09d2072ce0d2a7e4e3895ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:7d:23:cb:14:dd:8d:5f:be:50:87:9a:a8:0e:
                    d3:42:d3:bd:a8:37:08:db:84:b2:ad:f7:5e:01:a9:
                    74:6a:60:a3:a1:2c:bb:ad:70:40:b8:57:c3:53:18:
                    cf:3c:b4:5e:31:11:08:83:c3:3a:db:e7:5c:53:87:
                    85:66:4f:41:5f:29:7c:14:75:1a:20:79:d7:e8:90:
                    6d:8d:39:6d:be:3e:59:47:62:16:9a:e5:32:e5:31:
                    18:e0:e3:f3:e9:55:a5:79:b8:a2:44:bb:f9:1a:a5:
                    f3:64:d5:35:35:d3:11:ee:06:c6:d8:ee:bf:58:c1:
                    25:12:0c:af:92:a1:6b:7b:52:60:24:5d:a2:1a:43:
                    50:03:1f:43:c5:00:34:dc:c1:69:b5:a5:3f:ae:56:
                    e4:f5:37:20:84:2c:2f:32:fd:10:d1:2f:61:dc:79:
                    42:3e:58:e0:d8:fb:99:b8:7d:7b:ff:b5:78:39:32:
                    bf:d6:71:56:4c:93:b3:8e:db:ba:1b:ca:29:19:a5:
                    43:18:cc:84:11:2d:51:ae:74:af:6c:a9:b0:a3:78:
                    04:93:2b:49:76:2a:a6:5a:1d:d3:42:de:14:c3:7b:
                    a0:0a:3a:91:6e:89:57:2e:a7:67:5f:51:67:d3:b9:
                    45:e9:9d:d8:d2:e6:25:4a:a2:28:c8:59:69:01:a5:
                    98:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:3A:F2:CD:BD:93:9B:E5:A0:9D:20:72:CE:0D:2A:7E:4E:38:95:BA
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:97:74:ee:67:41:66:41:59:b3:f2:21:02:12:72:32:36:b4:
         5d:e9:6e:3c:5e:9b:a8:2c:ac:ab:7a:89:56:df:51:1a:22:cf:
         d5:25:84:4d:4c:75:12:c1:62:f9:69:1a:c9:d4:14:46:a0:79:
         39:7d:cf:26:35:2d:2f:fc:e4:6c:67:d7:7c:81:50:25:36:88:
         cf:0d:58:95:cc:59:c8:72:0d:48:8e:f2:e4:3e:af:b9:e5:ff:
         79:67:f0:18:87:4a:1a:68:0d:4a:5d:f9:7d:21:49:02:86:d1:
         62:34:1b:8a:fc:9b:cd:39:1e:f4:22:53:c1:66:b7:6b:cf:3f:
         2d:59:2b:c4:25:14:3a:41:a8:96:51:94:46:c3:38:02:f7:84:
         21:a0:70:04:8d:fb:52:24:e3:09:ff:62:fc:2f:aa:43:ff:e6:
         be:0b:62:25:69:83:0f:07:0d:e6:54:13:07:29:ec:b2:d8:7e:
         68:2d:6a:bf:3f:5b:8b:64:71:57:0d:37:86:fd:01:a8:ca:49:
         1b:74:51:28:54:70:db:4f:75:29:20:05:7d:cf:2c:a6:6a:1e:
         8a:0a:e5:ed:af:be:1b:c6:06:d7:15:72:3e:18:de:68:eb:19:
         0a:04:2d:c3:88:6d:b9:30:98:35:85:d7:d8:a0:d5:82:14:96:
         f2:06:24:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjU4KC+wlUHDpirHnbmNn6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjUwODIzMDMwMjI3WhcNMjUwODI0MDMwMjI3WjAzMTEwLwYDVQQD
EygxZTNhZjJjZGJkOTM5YmU1YTA5ZDIwNzJjZTBkMmE3ZTRlMzg5NWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx30jyxTdjV++UIeaqA7TQtO9qDcI
24SyrfdeAal0amCjoSy7rXBAuFfDUxjPPLReMREIg8M62+dcU4eFZk9BXyl8FHUa
IHnX6JBtjTltvj5ZR2IWmuUy5TEY4OPz6VWlebiiRLv5GqXzZNU1NdMR7gbG2O6/
WMElEgyvkqFre1JgJF2iGkNQAx9DxQA03MFptaU/rlbk9TcghCwvMv0Q0S9h3HlC
Pljg2PuZuH17/7V4OTK/1nFWTJOzjtu6G8opGaVDGMyEES1RrnSvbKmwo3gEkytJ
diqmWh3TQt4Uw3ugCjqRbolXLqdnX1Fn07lF6Z3Y0uYlSqIoyFlpAaWYwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB468s29k5vloJ0gcs4NKn5OOJW6MB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAJd07mdB
ZkFZs/IhAhJyMja0XeluPF6bqCysq3qJVt9RGiLP1SWETUx1EsFi+WkaydQURqB5
OX3PJjUtL/zkbGfXfIFQJTaIzw1YlcxZyHINSI7y5D6vueX/eWfwGIdKGmgNSl35
fSFJAobRYjQbivybzTke9CJTwWa3a88/LVkrxCUUOkGollGURsM4AveEIaBwBI37
UiTjCf9i/C+qQ//mvgtiJWmDDwcN5lQTBynssth+aC1qvz9bi2RxVw03hv0BqMpJ
G3RRKFRw2091KSAFfc8spmoeigrl7a++G8YG1xVyPhjeaOsZCgQtw4htuTCYNYXX
2KDVghSW8gYkiA==
-----END CERTIFICATE-----