Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/9521f6-184e-430a-b667-524f3a2f68b3/1/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.mft
File:                     NYrlgLL3tFw9Kunxnzwb6X6Dmqo.mft (raw, json)
Hash identifier:          1IP/OaPYEZdmBfmDWfBzl0lV/XuO6NEsHz8UTn/cnGc=
Subject key identifier:   19:F7:D0:9B:0A:5E:00:D5:E6:1C:9D:16:4B:67:F6:B0:12:EA:16:07
Authority key identifier: 35:8A:E5:80:B2:F7:B4:5C:3D:2A:E9:F1:9F:3C:1B:E9:7E:83:9A:AA
Certificate issuer:       /CN=358ae580b2f7b45c3d2ae9f19f3c1be97e839aaa
Certificate serial:       0198D706218137714F026BA683989EC637D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/9521f6-184e-430a-b667-524f3a2f68b3/1/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.mft
Manifest number:          1282
Signing time:             Sat 23 Aug 2025 13:02:39 +0000
Manifest this update:     Sat 23 Aug 2025 13:02:39 +0000
Manifest next update:     Sun 24 Aug 2025 13:02:39 +0000
Files and hashes:         1: NYrlgLL3tFw9Kunxnzwb6X6Dmqo.crl (hash: O1kkfS8jpldMzEnsdC4hNrWcePcPW6hzVAmgjwWhRaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/36/9521f6-184e-430a-b667-524f3a2f68b3/1/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/36/9521f6-184e-430a-b667-524f3a2f68b3/1/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 13:02:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:06:21:81:37:71:4f:02:6b:a6:83:98:9e:c6:37:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=358ae580b2f7b45c3d2ae9f19f3c1be97e839aaa
        Validity
            Not Before: Aug 23 13:02:39 2025 GMT
            Not After : Aug 24 13:02:39 2025 GMT
        Subject: CN=19f7d09b0a5e00d5e61c9d164b67f6b012ea1607
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:5b:0f:f7:74:f2:ff:12:d6:1d:81:9c:68:90:
                    de:18:61:01:cd:98:66:76:2c:74:b2:96:25:0f:e9:
                    d7:98:42:51:26:6e:f3:cf:bd:62:c4:e7:b9:84:f4:
                    22:25:ba:43:75:59:9d:68:01:0e:eb:8e:d9:b0:07:
                    7a:de:48:bd:57:22:5b:41:23:51:96:63:54:e7:32:
                    3f:e4:4d:2d:a5:57:8f:3c:3c:ef:ea:50:12:c7:03:
                    5e:a1:99:42:9e:9b:ee:02:bb:ab:b6:b4:1a:7b:04:
                    9a:48:57:5d:29:e7:59:d7:aa:5d:5e:d7:a8:07:81:
                    f3:df:91:21:dd:bc:56:35:84:3a:7a:e6:0c:5a:23:
                    81:1e:6c:1e:8a:81:5a:86:76:1e:a7:45:78:64:43:
                    67:77:f4:76:33:5c:8a:61:c0:a3:a3:8d:49:dd:05:
                    55:06:75:e5:f2:06:89:c5:ef:72:24:2d:e1:c6:6a:
                    88:6f:33:7e:76:16:8c:8a:a1:99:d5:c5:f7:ba:24:
                    21:56:69:28:d9:6c:97:08:77:9d:0c:b5:f9:c1:23:
                    d0:e8:f7:2d:00:6a:37:ea:eb:e4:9b:e7:ac:17:41:
                    02:a0:cf:61:54:fb:9f:b4:0f:3c:96:9c:58:1c:e6:
                    a1:57:50:49:c4:9f:21:69:66:21:d7:6f:c3:0b:4f:
                    3a:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:F7:D0:9B:0A:5E:00:D5:E6:1C:9D:16:4B:67:F6:B0:12:EA:16:07
            X509v3 Authority Key Identifier:
                keyid:35:8A:E5:80:B2:F7:B4:5C:3D:2A:E9:F1:9F:3C:1B:E9:7E:83:9A:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/9521f6-184e-430a-b667-524f3a2f68b3/1/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/9521f6-184e-430a-b667-524f3a2f68b3/1/NYrlgLL3tFw9Kunxnzwb6X6Dmqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:41:dc:37:1b:71:7b:30:b8:78:f3:ac:eb:69:6d:18:49:f7:
         11:3b:35:be:d7:e1:67:48:78:9a:dc:99:fc:4c:89:65:9e:2c:
         3a:05:4a:dc:4f:a9:47:f6:68:68:2f:55:7b:e3:d0:67:e7:d4:
         bc:18:f1:a6:67:8b:a4:8f:e3:68:96:32:ab:09:54:f6:4c:43:
         10:38:44:a5:2f:41:bb:2e:96:4b:20:93:10:2c:bf:d8:8a:c1:
         60:c3:f9:6b:fb:43:b7:a7:21:1f:e6:9b:a8:f1:10:56:67:b7:
         3c:3a:79:4d:48:85:73:98:0f:9d:02:dc:35:c1:23:af:b0:ab:
         10:c2:fa:79:6e:56:24:d7:a5:c7:d9:23:b1:f0:09:b1:52:2e:
         84:da:71:ff:9e:9d:67:51:dc:db:98:6b:e8:c5:66:e7:54:53:
         0e:ee:7b:ad:3c:c3:ff:51:57:58:3c:f2:27:c7:02:1e:f2:be:
         08:06:c9:e5:b9:3a:7d:12:75:6e:75:f3:cf:6b:61:dc:9c:23:
         3c:f8:59:4d:1f:d6:d0:34:43:22:46:b9:de:3e:e1:83:69:45:
         ac:9b:ab:df:f0:90:05:0f:9a:0c:32:7f:f3:93:4a:74:e1:59:
         bd:f3:31:f9:8e:59:79:6b:f8:b1:65:a2:57:35:e4:cc:2c:6c:
         51:c3:bb:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBiGBN3FPAmumg5iexjfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OGFlNTgwYjJmN2I0NWMzZDJhZTlmMTlmM2MxYmU5N2U4
MzlhYWEwHhcNMjUwODIzMTMwMjM5WhcNMjUwODI0MTMwMjM5WjAzMTEwLwYDVQQD
EygxOWY3ZDA5YjBhNWUwMGQ1ZTYxYzlkMTY0YjY3ZjZiMDEyZWExNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01sP93Ty/xLWHYGcaJDeGGEBzZhm
dix0spYlD+nXmEJRJm7zz71ixOe5hPQiJbpDdVmdaAEO647ZsAd63ki9VyJbQSNR
lmNU5zI/5E0tpVePPDzv6lASxwNeoZlCnpvuArurtrQaewSaSFddKedZ16pdXteo
B4Hz35Eh3bxWNYQ6euYMWiOBHmweioFahnYep0V4ZENnd/R2M1yKYcCjo41J3QVV
BnXl8gaJxe9yJC3hxmqIbzN+dhaMiqGZ1cX3uiQhVmko2WyXCHedDLX5wSPQ6Pct
AGo36uvkm+esF0ECoM9hVPuftA88lpxYHOahV1BJxJ8haWYh12/DC086PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBn30JsKXgDV5hydFktn9rAS6hYHMB8GA1UdIwQY
MBaAFDWK5YCy97RcPSrp8Z88G+l+g5qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTllybGdMTDN0Rnc5S3VueG56d2I2WDZEbXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi85NTIxZjYtMTg0ZS00MzBhLWI2Njct
NTI0ZjNhMmY2OGIzLzEvTllybGdMTDN0Rnc5S3VueG56d2I2WDZEbXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi85NTIxZjYtMTg0ZS00MzBhLWI2NjctNTI0ZjNhMmY2OGIz
LzEvTllybGdMTDN0Rnc5S3VueG56d2I2WDZEbXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJkHcNxtx
ezC4ePOs62ltGEn3ETs1vtfhZ0h4mtyZ/EyJZZ4sOgVK3E+pR/ZoaC9Ve+PQZ+fU
vBjxpmeLpI/jaJYyqwlU9kxDEDhEpS9Buy6WSyCTECy/2IrBYMP5a/tDt6chH+ab
qPEQVme3PDp5TUiFc5gPnQLcNcEjr7CrEML6eW5WJNelx9kjsfAJsVIuhNpx/56d
Z1Hc25hr6MVm51RTDu57rTzD/1FXWDzyJ8cCHvK+CAbJ5bk6fRJ1bnXzz2th3Jwj
PPhZTR/W0DRDIka53j7hg2lFrJur3/CQBQ+aDDJ/85NKdOFZvfMx+Y5ZeWv4sWWi
VzXkzCxsUcO7TQ==
-----END CERTIFICATE-----