Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
File:                     NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft (raw, json)
Hash identifier:          sxMNiy8YjGF8xAv/93Ltvg7N7nz7T4FgQ/W/Ax7zuO8=
Subject key identifier:   12:9D:D5:42:DD:77:2E:0E:8A:99:CC:2F:53:5F:36:17:33:85:67:EA
Authority key identifier: 36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57
Certificate issuer:       /CN=36d8c1a73b1595109d26067b4291f71dc1db9957
Certificate serial:       0198D54E618702F9788DD09FDCBEB21F3A0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
Manifest number:          1055
Signing time:             Sat 23 Aug 2025 05:02:20 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:20 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:20 +0000
Files and hashes:         1: NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl (hash: +ENmdrdAQrh0xdZYB/8ECsfN7Hbl8jj6fpaqiLjRcg0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:61:87:02:f9:78:8d:d0:9f:dc:be:b2:1f:3a:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36d8c1a73b1595109d26067b4291f71dc1db9957
        Validity
            Not Before: Aug 23 05:02:20 2025 GMT
            Not After : Aug 24 05:02:20 2025 GMT
        Subject: CN=129dd542dd772e0e8a99cc2f535f3617338567ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:04:4e:e8:26:7f:50:3d:53:35:f0:87:e3:46:
                    8b:c7:0d:1f:04:04:5a:10:2b:11:b5:55:1b:05:41:
                    d1:25:42:30:25:f1:77:3a:65:b5:97:4b:28:33:14:
                    eb:7a:12:54:97:5a:38:73:7a:0c:b7:9d:8d:e0:b1:
                    d2:da:44:03:9b:3c:a3:cd:67:04:40:cc:16:79:af:
                    42:25:42:f9:37:67:37:98:7a:e5:05:e0:0e:53:1c:
                    54:32:8c:77:34:50:64:c0:14:da:16:2a:27:ee:c3:
                    61:37:e2:a5:9b:02:2b:66:0f:0a:6b:bb:4f:3a:ec:
                    a5:62:cb:bf:e7:4a:87:00:d8:2b:bd:4b:29:28:31:
                    b9:39:27:75:96:da:b2:0f:eb:9d:84:83:25:8f:3d:
                    7a:7d:b3:0a:db:50:d8:05:8a:d5:88:0b:6b:a1:28:
                    ff:05:3c:71:80:c2:b6:56:a7:aa:cc:4e:ca:86:97:
                    d1:ce:1e:9e:0e:ba:d5:23:23:20:67:8e:f1:b5:03:
                    99:89:a0:f8:41:77:80:82:7a:98:ee:8e:a2:3f:e7:
                    5f:2a:dd:6d:ba:ef:69:2e:f1:94:5a:f0:44:fd:73:
                    61:d2:73:ee:32:9d:af:5e:83:08:f0:70:56:eb:f1:
                    ca:1b:00:b4:46:5f:f1:9c:60:ba:6a:23:d2:bc:d3:
                    1d:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:9D:D5:42:DD:77:2E:0E:8A:99:CC:2F:53:5F:36:17:33:85:67:EA
            X509v3 Authority Key Identifier:
                keyid:36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:e9:f3:1d:9d:8b:9a:e2:4e:b2:70:dd:6c:9d:49:1e:2f:e1:
         cc:d9:f4:eb:7c:f9:d6:a3:37:ef:21:b5:25:33:6c:95:5a:a3:
         e1:47:52:3b:47:30:fd:ed:97:8b:48:15:22:67:4f:83:f3:2f:
         9c:2c:ab:69:54:a7:d9:02:96:6e:10:15:94:a7:12:f1:99:39:
         40:13:2b:7c:dc:4a:55:bd:ea:bf:78:74:5c:06:9c:44:e1:54:
         ed:8b:44:bb:e6:20:c5:07:a4:b0:f4:a0:61:35:8c:a3:19:00:
         0c:e0:e0:c2:ec:51:50:97:d4:d3:92:d9:f6:3b:86:ea:58:c1:
         7a:d1:12:31:07:1f:9b:b2:42:6c:db:b7:c0:64:dc:54:2c:85:
         31:ac:05:9c:36:55:3e:3b:6f:c1:b5:9f:00:3a:60:91:02:00:
         ad:25:12:61:13:af:ae:44:e8:bc:27:e6:a2:eb:e3:cb:7d:02:
         93:f7:77:b3:f4:4b:d5:6d:99:c5:24:b8:3b:4c:c3:30:74:c7:
         51:93:06:da:17:c5:0e:ca:93:40:02:81:3d:5c:ba:a6:3f:4a:
         d9:a1:09:61:52:a5:60:7d:91:54:40:cd:53:21:75:41:36:e4:
         7f:08:5c:7a:69:7a:8a:19:e7:68:16:db:8f:fb:62:87:91:55:
         fd:cd:58:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTmGHAvl4jdCf3L6yHzoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZDhjMWE3M2IxNTk1MTA5ZDI2MDY3YjQyOTFmNzFkYzFk
Yjk5NTcwHhcNMjUwODIzMDUwMjIwWhcNMjUwODI0MDUwMjIwWjAzMTEwLwYDVQQD
EygxMjlkZDU0MmRkNzcyZTBlOGE5OWNjMmY1MzVmMzYxNzMzODU2N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwRO6CZ/UD1TNfCH40aLxw0fBARa
ECsRtVUbBUHRJUIwJfF3OmW1l0soMxTrehJUl1o4c3oMt52N4LHS2kQDmzyjzWcE
QMwWea9CJUL5N2c3mHrlBeAOUxxUMox3NFBkwBTaFion7sNhN+KlmwIrZg8Ka7tP
OuylYsu/50qHANgrvUspKDG5OSd1ltqyD+udhIMljz16fbMK21DYBYrViAtroSj/
BTxxgMK2VqeqzE7KhpfRzh6eDrrVIyMgZ47xtQOZiaD4QXeAgnqY7o6iP+dfKt1t
uu9pLvGUWvBE/XNh0nPuMp2vXoMI8HBW6/HKGwC0Rl/xnGC6aiPSvNMdAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKd1ULddy4OipnML1NfNhczhWfqMB8GA1UdIwQY
MBaAFDbYwac7FZUQnSYGe0KR9x3B25lXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgt
ZjYxZWM4NWQwZjU3LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgtZjYxZWM4NWQwZjU3
LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYenzHZ2L
muJOsnDdbJ1JHi/hzNn063z51qM37yG1JTNslVqj4UdSO0cw/e2Xi0gVImdPg/Mv
nCyraVSn2QKWbhAVlKcS8Zk5QBMrfNxKVb3qv3h0XAacROFU7YtEu+YgxQeksPSg
YTWMoxkADODgwuxRUJfU05LZ9juG6ljBetESMQcfm7JCbNu3wGTcVCyFMawFnDZV
PjtvwbWfADpgkQIArSUSYROvrkTovCfmouvjy30Ck/d3s/RL1W2ZxSS4O0zDMHTH
UZMG2hfFDsqTQAKBPVy6pj9K2aEJYVKlYH2RVEDNUyF1QTbkfwhceml6ihnnaBbb
j/tih5FV/c1Yyg==
-----END CERTIFICATE-----