Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
File:                     nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft (raw, json)
Hash identifier:          VUIpOLjyIMfdf+dM02YJ6z0Y6J8zi//cOOjyJ01tAYY=
Subject key identifier:   8B:6B:AE:73:7B:28:80:5E:C0:1C:37:33:3F:52:A6:96:B1:48:67:88
Authority key identifier: 9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA
Certificate issuer:       /CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa
Certificate serial:       0198D5156F73ECFBB03C056792685AC167A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
Manifest number:          04D6
Signing time:             Sat 23 Aug 2025 04:00:08 +0000
Manifest this update:     Sat 23 Aug 2025 04:00:08 +0000
Manifest next update:     Sun 24 Aug 2025 04:00:08 +0000
Files and hashes:         1: nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl (hash: ZGmxaqCmWc3jXFFDwBVBZdTT0rYNKDNvQHO69LdLPpY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 04:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:15:6f:73:ec:fb:b0:3c:05:67:92:68:5a:c1:67:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa
        Validity
            Not Before: Aug 23 04:00:08 2025 GMT
            Not After : Aug 24 04:00:08 2025 GMT
        Subject: CN=8b6bae737b28805ec01c37333f52a696b1486788
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e1:4f:77:9c:97:1e:ce:6d:65:b7:64:a9:31:
                    8e:0c:ce:4f:97:5c:fd:be:ad:3d:09:6d:5a:ba:11:
                    0e:a5:b6:01:50:75:ff:e6:b6:8c:3b:bd:6b:33:be:
                    40:06:47:3f:b3:5d:03:5e:1a:ad:ae:6b:ad:b2:96:
                    39:b9:00:2b:5b:75:7d:4e:ad:c6:dd:4a:11:8e:ed:
                    46:3a:f2:9c:0f:61:7a:46:88:c3:23:2d:74:63:0a:
                    ba:f0:89:72:df:0e:b8:17:7b:13:5b:30:58:03:db:
                    80:69:b4:97:67:14:ba:f4:01:d5:ba:e2:d3:9e:b0:
                    b9:c3:6e:39:30:a9:c4:58:99:80:8a:07:38:85:30:
                    e1:ae:b0:91:a9:72:54:12:c9:d4:c9:bd:e1:f1:b1:
                    7c:64:bc:72:68:6a:f7:64:db:0b:33:b5:c4:5b:2d:
                    0f:43:cc:2f:93:38:b2:43:56:0a:12:3f:7e:71:90:
                    fe:ae:3d:df:90:89:19:af:4a:c3:ac:69:4d:96:2e:
                    e3:7c:d1:92:a6:9f:43:24:5c:a4:fa:ed:bd:a7:6a:
                    91:42:47:5e:9b:f6:4b:a1:2e:16:e9:9c:e3:5d:fc:
                    be:66:53:94:2e:f7:13:52:99:9a:6a:90:ec:9d:78:
                    52:46:db:66:f5:78:28:cb:01:20:af:f2:7b:6d:fc:
                    d5:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:6B:AE:73:7B:28:80:5E:C0:1C:37:33:3F:52:A6:96:B1:48:67:88
            X509v3 Authority Key Identifier:
                keyid:9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:e5:9e:d0:9c:93:93:ff:dd:40:ee:b2:56:01:cc:1e:d5:99:
         ca:3b:f5:00:9a:a3:a5:b1:62:d7:1f:57:59:57:2e:07:bd:79:
         84:07:ba:86:ef:d5:9d:f4:2b:9d:5f:81:9f:0c:58:e4:6a:14:
         1d:44:7e:75:02:d2:1f:6a:9b:01:4b:66:11:a0:ca:57:34:50:
         e7:45:e3:00:b2:53:03:41:09:0e:a8:e9:8c:fe:b4:b8:25:15:
         f5:5a:5d:9a:0a:28:d0:0b:eb:46:f6:ed:8b:34:28:da:55:d3:
         58:6a:9c:71:be:ab:d0:db:5f:90:e9:c9:fc:3b:61:d0:e1:7c:
         f2:c6:d8:33:19:18:df:02:8b:1b:4f:2e:49:6d:2a:c4:22:ec:
         03:1a:08:c4:db:e6:2f:ee:9f:2c:96:05:db:21:96:95:9b:17:
         2f:18:ec:1b:d2:eb:a7:16:e9:03:81:31:e4:e0:e9:fd:9d:31:
         07:05:d1:23:fd:8e:61:a5:4a:1f:59:01:7b:28:cc:df:c3:c1:
         a5:7c:1e:f5:3f:18:09:b3:95:ae:b2:0d:b7:54:ff:4e:1c:e1:
         d9:b9:f7:0f:2f:dd:7d:9b:55:e6:84:87:93:17:45:cf:e3:ee:
         85:01:c5:c6:25:63:21:a1:90:a4:54:e4:8f:cf:71:60:92:c9:
         20:d7:8b:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVFW9z7PuwPAVnkmhawWekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZjA1ZDRiZDVkNDJiNDE3NWFjYzYzNGFjY2YwZmZhMTg3
M2YwYWEwHhcNMjUwODIzMDQwMDA4WhcNMjUwODI0MDQwMDA4WjAzMTEwLwYDVQQD
Eyg4YjZiYWU3MzdiMjg4MDVlYzAxYzM3MzMzZjUyYTY5NmIxNDg2Nzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveFPd5yXHs5tZbdkqTGODM5Pl1z9
vq09CW1auhEOpbYBUHX/5raMO71rM75ABkc/s10DXhqtrmutspY5uQArW3V9Tq3G
3UoRju1GOvKcD2F6RojDIy10Ywq68Ily3w64F3sTWzBYA9uAabSXZxS69AHVuuLT
nrC5w245MKnEWJmAigc4hTDhrrCRqXJUEsnUyb3h8bF8ZLxyaGr3ZNsLM7XEWy0P
Q8wvkziyQ1YKEj9+cZD+rj3fkIkZr0rDrGlNli7jfNGSpp9DJFyk+u29p2qRQkde
m/ZLoS4W6ZzjXfy+ZlOULvcTUpmaapDsnXhSRttm9XgoywEgr/J7bfzVzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItrrnN7KIBewBw3Mz9SppaxSGeIMB8GA1UdIwQY
MBaAFJzwXUvV1CtBdazGNKzPD/oYc/CqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEt
OGJiYTVmYTNjMzE3LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEtOGJiYTVmYTNjMzE3
LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg+We0JyT
k//dQO6yVgHMHtWZyjv1AJqjpbFi1x9XWVcuB715hAe6hu/VnfQrnV+BnwxY5GoU
HUR+dQLSH2qbAUtmEaDKVzRQ50XjALJTA0EJDqjpjP60uCUV9Vpdmgoo0AvrRvbt
izQo2lXTWGqccb6r0NtfkOnJ/Dth0OF88sbYMxkY3wKLG08uSW0qxCLsAxoIxNvm
L+6fLJYF2yGWlZsXLxjsG9LrpxbpA4Ex5ODp/Z0xBwXRI/2OYaVKH1kBeyjM38PB
pXwe9T8YCbOVrrINt1T/Thzh2bn3Dy/dfZtV5oSHkxdFz+PuhQHFxiVjIaGQpFTk
j89xYJLJINeLGg==
-----END CERTIFICATE-----