Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
File:                     NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json)
Hash identifier:          rh4KGsolekawR+C/kZ6QkU1iTWKKiRBLwzlQmicrPMA=
Subject key identifier:   4A:9E:FF:E4:2F:E5:25:00:91:6F:5C:D8:AB:D9:89:AA:64:14:1F:D6
Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74
Certificate issuer:       /CN=349c4837d939840d5f6c74aac08366ef4bfe4874
Certificate serial:       0199FBEBF2088DE91658822C24C0F6A8469A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
Manifest number:          02CE
Signing time:             Sun 19 Oct 2025 10:02:48 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:48 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:48 +0000
Files and hashes:         1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: HstuZ6r6XgfKwNpwv3cjwt1EcTDpmyGN2CAqZNvAFcY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:f2:08:8d:e9:16:58:82:2c:24:c0:f6:a8:46:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874
        Validity
            Not Before: Oct 19 10:02:48 2025 GMT
            Not After : Oct 20 10:02:48 2025 GMT
        Subject: CN=4a9effe42fe52500916f5cd8abd989aa64141fd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:3b:2e:d6:4a:d9:bb:ef:82:0d:60:ce:c3:9f:
                    e4:a4:71:1b:11:7a:59:d6:54:b1:fb:2a:44:4c:b0:
                    87:7d:93:f1:6f:9d:53:ce:fb:d6:d5:a6:53:55:41:
                    d9:eb:5a:fd:cc:a7:68:69:3a:a3:71:cf:6a:91:e4:
                    ad:23:30:3b:6f:9d:3a:bd:d8:4c:b0:e5:52:1f:aa:
                    c3:41:61:73:db:c3:d6:75:d4:7e:ea:ed:41:fb:77:
                    44:1d:b9:c2:03:77:06:ff:d4:d0:7d:70:2b:fd:dd:
                    65:29:69:d7:2c:86:9f:9e:af:db:05:e9:97:52:f6:
                    16:42:b3:32:43:91:68:66:b0:d6:b7:bb:72:8d:b0:
                    de:b9:8e:30:a4:a5:c7:f2:ab:e8:7e:dd:b7:44:a3:
                    4e:1e:cb:f3:f4:da:4d:bf:1f:1c:11:57:31:9e:49:
                    d3:85:e9:47:31:97:d3:13:5c:f2:0c:b9:be:51:d7:
                    d0:62:a2:6f:d1:c0:14:10:ec:ea:c6:b5:d4:f7:d4:
                    4a:23:3d:2a:6e:5c:bc:6f:60:3a:b7:95:8d:be:dd:
                    73:a8:0a:73:f6:ed:01:ab:bc:e6:5c:55:22:fd:b6:
                    9c:33:23:ed:b3:03:12:48:e5:ae:b5:ab:11:eb:ac:
                    d1:a6:44:85:b1:fe:29:1d:81:78:49:67:94:e6:51:
                    bc:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:9E:FF:E4:2F:E5:25:00:91:6F:5C:D8:AB:D9:89:AA:64:14:1F:D6
            X509v3 Authority Key Identifier:
                keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:96:2f:e4:e9:92:ba:4e:ea:fd:ce:75:73:56:e4:b0:2b:dd:
         56:36:33:4c:f2:f5:86:df:6d:d9:5c:10:71:85:44:a5:b1:dd:
         92:1a:1d:80:ee:88:29:3b:40:13:7a:ba:8c:9c:a2:6a:c4:0f:
         c3:27:1b:34:dc:ff:19:f3:53:61:49:2a:9f:c4:3a:53:74:c2:
         e9:95:5f:66:3e:dd:f0:ed:e6:11:d3:71:f2:93:e0:ae:62:63:
         f5:51:64:72:39:4a:40:48:1e:fa:71:10:24:36:43:9c:a9:41:
         66:10:e6:e3:6f:5e:f8:17:6d:ab:d1:0b:47:aa:30:c0:4b:02:
         1d:2d:55:51:d2:a1:dd:c8:ea:31:7e:36:2b:53:2d:9d:75:c3:
         2b:d8:e6:0d:75:f9:c8:b6:7e:9b:0e:30:a4:47:7f:98:00:05:
         dc:cb:e7:06:64:56:34:1f:c6:23:c7:11:b2:93:54:58:05:34:
         45:91:5c:04:cb:77:e1:f9:c0:0c:86:37:9b:ad:16:ec:f4:23:
         82:83:15:d6:6b:ad:5e:c6:94:1b:d9:63:1f:6a:a1:70:50:a1:
         a2:ff:13:3a:fb:ea:e3:66:d6:9a:d5:0d:d6:67:5b:c9:5f:67:
         71:22:46:4e:f7:10:ed:d4:91:dd:3b:86:57:e1:3e:cd:0b:87:
         42:1e:1f:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76/IIjekWWIIsJMD2qEaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm
ZTQ4NzQwHhcNMjUxMDE5MTAwMjQ4WhcNMjUxMDIwMTAwMjQ4WjAzMTEwLwYDVQQD
Eyg0YTllZmZlNDJmZTUyNTAwOTE2ZjVjZDhhYmQ5ODlhYTY0MTQxZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjsu1krZu++CDWDOw5/kpHEbEXpZ
1lSx+ypETLCHfZPxb51TzvvW1aZTVUHZ61r9zKdoaTqjcc9qkeStIzA7b506vdhM
sOVSH6rDQWFz28PWddR+6u1B+3dEHbnCA3cG/9TQfXAr/d1lKWnXLIafnq/bBemX
UvYWQrMyQ5FoZrDWt7tyjbDeuY4wpKXH8qvoft23RKNOHsvz9NpNvx8cEVcxnknT
helHMZfTE1zyDLm+UdfQYqJv0cAUEOzqxrXU99RKIz0qbly8b2A6t5WNvt1zqApz
9u0Bq7zmXFUi/bacMyPtswMSSOWutasR66zRpkSFsf4pHYF4SWeU5lG86wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqe/+Qv5SUAkW9c2KvZiapkFB/WMB8GA1UdIwQY
MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt
NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0
LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPpYv5OmS
uk7q/c51c1bksCvdVjYzTPL1ht9t2VwQcYVEpbHdkhodgO6IKTtAE3q6jJyiasQP
wycbNNz/GfNTYUkqn8Q6U3TC6ZVfZj7d8O3mEdNx8pPgrmJj9VFkcjlKQEge+nEQ
JDZDnKlBZhDm429e+Bdtq9ELR6owwEsCHS1VUdKh3cjqMX42K1MtnXXDK9jmDXX5
yLZ+mw4wpEd/mAAF3MvnBmRWNB/GI8cRspNUWAU0RZFcBMt34fnADIY3m60W7PQj
goMV1mutXsaUG9ljH2qhcFChov8TOvvq42bWmtUN1mdbyV9ncSJGTvcQ7dSR3TuG
V+E+zQuHQh4fVA==
-----END CERTIFICATE-----