Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
File:                     NJI6ntps8kDsh5WeHcONNh951ho.mft (raw, json)
Hash identifier:          ox8Vk8UywX2TNYvffx4I9aN/gW2L+eRwu5TDKj9Zpbo=
Subject key identifier:   C8:15:64:B5:2A:34:0F:42:B6:8E:32:D5:DE:FE:E7:7D:98:3A:27:EA
Authority key identifier: 34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A
Certificate issuer:       /CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
Certificate serial:       0197B7EA84FB03995E5B5105C97682EEAEC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
Manifest number:          03C5
Signing time:             Sat 28 Jun 2025 19:01:29 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:29 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:29 +0000
Files and hashes:         1: NJI6ntps8kDsh5WeHcONNh951ho.crl (hash: hYVSqKX6K9ShF675+ZqNb7DmlvxXFkMY+GscveqlYHE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:84:fb:03:99:5e:5b:51:05:c9:76:82:ee:ae:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
        Validity
            Not Before: Jun 28 19:01:29 2025 GMT
            Not After : Jun 29 19:01:29 2025 GMT
        Subject: CN=c81564b52a340f42b68e32d5defee77d983a27ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ba:f0:bd:86:8d:b0:8d:f3:c7:88:9d:90:0f:
                    d2:78:86:61:cc:ad:54:5e:28:0b:0c:a5:81:7a:04:
                    ca:a7:07:cb:9a:d4:fb:65:f4:f8:69:fd:ba:1d:75:
                    35:11:f6:e8:b6:ff:bf:b2:9e:78:9e:15:20:12:50:
                    a7:a7:52:56:45:61:41:6e:13:bc:6f:e3:2e:05:bc:
                    2d:83:b8:74:02:56:bd:a6:c9:b1:aa:7d:a4:59:c0:
                    a5:fb:f8:98:5b:72:2c:63:88:22:9b:46:b6:19:62:
                    38:f2:12:4b:8f:d0:bb:84:a3:16:3a:a9:a1:e9:30:
                    2b:b1:37:ac:ae:b7:17:c0:b4:51:d1:fb:13:bf:73:
                    3f:8b:e4:0b:d3:04:d9:49:24:96:f1:ee:f2:cf:56:
                    9c:5e:a2:e2:9e:18:98:80:ef:7b:ba:18:b7:d8:42:
                    59:d5:fd:20:15:00:06:14:6f:dc:a0:18:54:81:ca:
                    f5:04:c9:d5:e9:17:f4:e6:fc:e7:8c:68:30:c9:b5:
                    6d:7e:2e:7f:32:8d:d8:48:15:7c:18:7f:6e:eb:f1:
                    56:1a:a9:d5:a2:75:2a:77:d9:d4:c6:e0:4b:58:d4:
                    69:66:67:b2:6e:9d:23:d2:58:73:92:f8:07:85:cf:
                    29:a6:fd:ed:75:f5:a0:e9:ce:78:32:56:a8:80:1f:
                    ff:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:15:64:B5:2A:34:0F:42:B6:8E:32:D5:DE:FE:E7:7D:98:3A:27:EA
            X509v3 Authority Key Identifier:
                keyid:34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:8e:6c:8c:bc:66:91:c4:6f:1f:a1:cf:71:91:4f:db:ec:6f:
         6c:e9:0f:47:72:f0:23:57:72:92:8c:40:7d:78:dd:25:71:7c:
         39:80:e3:38:69:84:4d:fe:0a:3d:ac:3f:1f:b3:43:2c:05:3d:
         e8:6d:01:22:d3:b4:ed:28:5b:e4:dd:0a:18:39:72:96:14:e7:
         5f:15:00:56:84:29:8c:48:44:b7:bd:2e:95:42:a6:e1:a7:bc:
         2f:5e:17:22:37:26:45:85:cf:8f:86:a6:a9:c2:42:6f:60:5d:
         94:06:67:40:a9:43:1e:f5:25:30:8f:07:09:1d:5e:af:af:df:
         7d:a1:22:1f:3f:e0:8f:71:b0:c6:37:e1:f0:dc:47:42:05:63:
         95:08:68:1e:29:40:97:48:f0:f2:57:0c:24:6a:79:10:1d:6a:
         3b:0c:d5:48:9c:f3:50:3e:89:ea:e8:b6:93:4f:6b:29:c2:2e:
         3f:06:87:90:ce:3a:b0:74:a3:24:e1:08:a8:c0:fe:d9:fe:1d:
         f6:15:ae:7e:15:3c:a9:08:3b:a9:5b:b1:44:bb:a8:ef:4e:30:
         25:75:b2:88:95:2c:1e:a2:8d:15:63:b0:0f:8a:99:8f:65:77:
         3d:3e:3a:71:57:de:1f:6e:82:bd:2f:e1:27:de:f9:5e:49:87:
         72:10:c7:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36oT7A5leW1EFyXaC7q7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTIzYTllZGE2Y2YyNDBlYzg3OTU5ZTFkYzM4ZDM2MWY3
OWQ2MWEwHhcNMjUwNjI4MTkwMTI5WhcNMjUwNjI5MTkwMTI5WjAzMTEwLwYDVQQD
EyhjODE1NjRiNTJhMzQwZjQyYjY4ZTMyZDVkZWZlZTc3ZDk4M2EyN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7rwvYaNsI3zx4idkA/SeIZhzK1U
XigLDKWBegTKpwfLmtT7ZfT4af26HXU1Efbotv+/sp54nhUgElCnp1JWRWFBbhO8
b+MuBbwtg7h0Ala9psmxqn2kWcCl+/iYW3IsY4gim0a2GWI48hJLj9C7hKMWOqmh
6TArsTesrrcXwLRR0fsTv3M/i+QL0wTZSSSW8e7yz1acXqLinhiYgO97uhi32EJZ
1f0gFQAGFG/coBhUgcr1BMnV6Rf05vznjGgwybVtfi5/Mo3YSBV8GH9u6/FWGqnV
onUqd9nUxuBLWNRpZmeybp0j0lhzkvgHhc8ppv3tdfWg6c54MlaogB//0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgVZLUqNA9Cto4y1d7+532YOifqMB8GA1UdIwQY
MBaAFDSSOp7abPJA7IeVnh3DjTYfedYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEt
MWY4ZjNhZDA0NjgwLzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEtMWY4ZjNhZDA0Njgw
LzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdo5sjLxm
kcRvH6HPcZFP2+xvbOkPR3LwI1dykoxAfXjdJXF8OYDjOGmETf4KPaw/H7NDLAU9
6G0BItO07Shb5N0KGDlylhTnXxUAVoQpjEhEt70ulUKm4ae8L14XIjcmRYXPj4am
qcJCb2BdlAZnQKlDHvUlMI8HCR1er6/ffaEiHz/gj3Gwxjfh8NxHQgVjlQhoHilA
l0jw8lcMJGp5EB1qOwzVSJzzUD6J6ui2k09rKcIuPwaHkM46sHSjJOEIqMD+2f4d
9hWufhU8qQg7qVuxRLuo704wJXWyiJUsHqKNFWOwD4qZj2V3PT46cVfeH26CvS/h
J975XkmHchDHXw==
-----END CERTIFICATE-----