Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
File:                     NJI6ntps8kDsh5WeHcONNh951ho.mft (raw, json)
Hash identifier:          mGRhlIQFS8fErGBf0oY6qd2raMPVMq60xyosC1wKxsY=
Subject key identifier:   98:AB:AE:81:37:8D:21:81:4E:3F:A8:79:3A:EE:2D:7B:2E:C5:DD:72
Authority key identifier: 34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A
Certificate issuer:       /CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
Certificate serial:       0198D5BB837C9E5CDB7EF5D2F9E906B674AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
Manifest number:          0459
Signing time:             Sat 23 Aug 2025 07:01:32 +0000
Manifest this update:     Sat 23 Aug 2025 07:01:32 +0000
Manifest next update:     Sun 24 Aug 2025 07:01:32 +0000
Files and hashes:         1: NJI6ntps8kDsh5WeHcONNh951ho.crl (hash: 4Kmkkh7G3T3VvYKySFQEOpt90xRUiLwSY/oC6gpfiIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 07:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bb:83:7c:9e:5c:db:7e:f5:d2:f9:e9:06:b6:74:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
        Validity
            Not Before: Aug 23 07:01:32 2025 GMT
            Not After : Aug 24 07:01:32 2025 GMT
        Subject: CN=98abae81378d21814e3fa8793aee2d7b2ec5dd72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1d:0d:e2:dc:4b:77:e9:24:92:ec:51:08:b8:
                    e2:d5:49:25:d7:57:04:2a:82:dc:0e:95:3d:52:7b:
                    72:31:64:6b:e8:58:9c:18:d4:9c:b2:4e:c8:8d:71:
                    be:4a:cc:25:6d:44:c8:a8:17:85:d9:88:47:6a:c4:
                    01:e1:9f:01:0d:0e:ab:7d:96:20:c8:28:72:db:f2:
                    13:3c:fa:da:ab:7a:be:8d:73:68:6e:29:35:d5:9d:
                    c9:95:21:0d:59:d4:b0:57:11:0a:ed:27:fb:2e:16:
                    4d:e5:92:bb:1d:60:e7:0c:58:e5:83:19:87:ec:06:
                    0c:b8:6a:c4:4d:b6:21:4f:0e:b9:40:25:73:ae:07:
                    5d:df:81:ad:02:4b:7e:9b:78:f0:78:65:ae:df:88:
                    a5:af:a0:3f:56:d4:bb:3c:cf:e1:f5:ff:32:cd:df:
                    98:50:ae:a1:7c:15:2c:06:b4:01:75:22:8e:17:89:
                    6a:d4:b3:ab:b9:9f:42:78:06:d1:39:c4:f0:61:11:
                    30:2f:a1:66:7c:6f:06:0f:bd:97:d3:2f:23:1f:4a:
                    b1:f2:bb:d8:3a:36:12:b1:0c:46:fe:6d:56:c0:db:
                    32:01:4a:07:1b:92:a4:aa:0b:63:f1:65:17:2e:00:
                    95:bb:36:6e:90:5a:05:93:d9:6c:78:3a:61:91:4a:
                    0c:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:AB:AE:81:37:8D:21:81:4E:3F:A8:79:3A:EE:2D:7B:2E:C5:DD:72
            X509v3 Authority Key Identifier:
                keyid:34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:4b:1e:d6:0d:54:6c:e0:8e:49:fc:ee:7f:01:83:eb:b0:1f:
         7c:3b:9b:5e:44:ae:af:0f:84:e4:31:8a:52:62:62:dd:b8:ca:
         ae:f5:c4:cc:13:d7:2a:7e:0e:0b:9e:d7:04:73:95:83:28:17:
         f4:ab:56:12:a8:d6:38:21:f5:79:b4:8e:bb:a6:e0:8c:58:db:
         9c:a6:a8:6c:0d:25:b2:6e:f2:2b:f8:e5:63:59:af:4e:d3:46:
         ff:9c:c7:9c:1b:de:1d:29:9e:c6:47:0d:ab:1e:ef:82:e3:8d:
         10:bc:e8:d1:3d:ae:34:d7:7b:97:42:6e:ee:a7:82:8a:49:aa:
         44:ee:07:b9:2f:67:fb:e5:22:d5:4f:89:55:b7:99:b6:cf:4b:
         b6:c0:d6:a9:89:f8:3f:73:ff:71:d8:8c:9c:18:fc:07:5d:63:
         aa:4f:74:9c:f3:df:ea:07:8a:7b:fb:f9:d3:4b:a3:6d:e2:87:
         8e:86:7f:7d:2d:b5:7e:22:29:33:ad:04:a9:bc:d5:01:97:e3:
         e0:27:34:74:37:b8:f6:2a:a3:ea:98:10:04:af:5d:fb:a0:38:
         74:04:af:da:2b:f3:3a:70:a9:5c:84:28:cc:d0:ad:ab:1b:24:
         29:9c:a4:a4:4d:dc:b4:47:4a:2b:b9:d1:0a:8b:c8:a1:b6:fb:
         05:38:37:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVu4N8nlzbfvXS+ekGtnStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTIzYTllZGE2Y2YyNDBlYzg3OTU5ZTFkYzM4ZDM2MWY3
OWQ2MWEwHhcNMjUwODIzMDcwMTMyWhcNMjUwODI0MDcwMTMyWjAzMTEwLwYDVQQD
Eyg5OGFiYWU4MTM3OGQyMTgxNGUzZmE4NzkzYWVlMmQ3YjJlYzVkZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB0N4txLd+kkkuxRCLji1Ukl11cE
KoLcDpU9UntyMWRr6FicGNScsk7IjXG+SswlbUTIqBeF2YhHasQB4Z8BDQ6rfZYg
yChy2/ITPPraq3q+jXNobik11Z3JlSENWdSwVxEK7Sf7LhZN5ZK7HWDnDFjlgxmH
7AYMuGrETbYhTw65QCVzrgdd34GtAkt+m3jweGWu34ilr6A/VtS7PM/h9f8yzd+Y
UK6hfBUsBrQBdSKOF4lq1LOruZ9CeAbROcTwYREwL6FmfG8GD72X0y8jH0qx8rvY
OjYSsQxG/m1WwNsyAUoHG5Kkqgtj8WUXLgCVuzZukFoFk9lseDphkUoM5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJirroE3jSGBTj+oeTruLXsuxd1yMB8GA1UdIwQY
MBaAFDSSOp7abPJA7IeVnh3DjTYfedYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEt
MWY4ZjNhZDA0NjgwLzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEtMWY4ZjNhZDA0Njgw
LzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMkse1g1U
bOCOSfzufwGD67AffDubXkSurw+E5DGKUmJi3bjKrvXEzBPXKn4OC57XBHOVgygX
9KtWEqjWOCH1ebSOu6bgjFjbnKaobA0lsm7yK/jlY1mvTtNG/5zHnBveHSmexkcN
qx7vguONELzo0T2uNNd7l0Ju7qeCikmqRO4HuS9n++Ui1U+JVbeZts9LtsDWqYn4
P3P/cdiMnBj8B11jqk90nPPf6geKe/v500ujbeKHjoZ/fS21fiIpM60EqbzVAZfj
4Cc0dDe49iqj6pgQBK9d+6A4dASv2ivzOnCpXIQozNCtqxskKZykpE3ctEdKK7nR
CovIobb7BTg3jg==
-----END CERTIFICATE-----