Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
File:                     NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json)
Hash identifier:          MHCyv2PSpRpS0QfTOF1I+WGObVCAdlqQc8aaZTHDGZU=
Subject key identifier:   E7:BB:19:54:14:72:69:7C:1E:C6:E7:DD:1F:FC:86:D5:03:44:83:E0
Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74
Certificate issuer:       /CN=349c4837d939840d5f6c74aac08366ef4bfe4874
Certificate serial:       0198D47243FA35C363F9245A178839185463
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
Manifest number:          0235
Signing time:             Sat 23 Aug 2025 01:01:54 +0000
Manifest this update:     Sat 23 Aug 2025 01:01:54 +0000
Manifest next update:     Sun 24 Aug 2025 01:01:54 +0000
Files and hashes:         1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: hF3XNTKpKHisezSh80CXsgoW5/I9866eySKdVKxFtVQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 01:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d4:72:43:fa:35:c3:63:f9:24:5a:17:88:39:18:54:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874
        Validity
            Not Before: Aug 23 01:01:54 2025 GMT
            Not After : Aug 24 01:01:54 2025 GMT
        Subject: CN=e7bb19541472697c1ec6e7dd1ffc86d5034483e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:37:e3:c0:ce:3c:4b:9d:8f:c6:6a:57:0e:a9:
                    10:74:b5:08:83:d7:53:0b:c6:09:19:c2:72:de:63:
                    16:1d:76:ab:5b:08:a1:d1:bc:74:5d:da:6a:63:d0:
                    40:06:e2:51:55:43:cf:ee:b6:54:f9:74:d1:5a:cc:
                    f4:79:2c:56:fe:d1:e5:f0:3a:ba:e0:09:3e:33:4b:
                    14:7b:a5:d7:3c:bc:ec:22:ef:f6:eb:8c:1f:63:f0:
                    ab:a1:63:91:f1:52:34:47:30:08:57:44:d8:0b:4c:
                    b2:c0:08:1d:bb:84:c0:c9:cf:e5:cb:d8:94:af:e6:
                    ee:8f:85:cd:28:c9:e4:c9:b6:68:2e:e0:fb:39:03:
                    b5:59:2d:d6:52:81:6d:db:9b:e3:04:72:9e:26:b8:
                    4c:8c:ce:aa:d0:df:25:d8:f4:f3:4a:3f:7b:4b:3a:
                    27:fe:0c:7b:40:09:21:d7:75:9a:3f:85:15:85:eb:
                    0b:f2:35:82:69:8b:7c:a7:9e:ff:ff:5d:fc:9c:eb:
                    54:06:92:0d:76:fb:6b:5e:25:99:a0:09:34:bb:9d:
                    ef:ed:36:00:a2:78:ed:ab:7c:c4:84:54:d0:03:29:
                    07:c8:0c:5e:ec:86:3d:fd:ff:56:de:90:40:66:1f:
                    eb:a9:3c:4e:90:09:30:c8:2f:12:30:9f:5e:12:8f:
                    7a:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:BB:19:54:14:72:69:7C:1E:C6:E7:DD:1F:FC:86:D5:03:44:83:E0
            X509v3 Authority Key Identifier:
                keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:da:fd:5a:e3:1b:e1:20:7c:7b:5e:19:32:8e:8d:85:18:82:
         10:9b:95:8f:50:59:cb:44:cc:0c:70:e2:6d:10:18:63:4c:13:
         aa:ec:06:4d:aa:4a:7b:bc:6a:33:df:fe:6a:a8:4c:30:dd:b4:
         61:9c:30:3c:f5:7d:6b:33:12:07:86:eb:88:b8:b6:a4:b8:8d:
         02:3e:b0:ef:4a:c5:c4:65:8c:fc:dc:c6:a9:b5:49:e5:39:14:
         85:3d:75:3a:fb:81:3b:60:db:ea:f1:f8:92:36:6e:27:65:c7:
         88:80:8d:25:c5:22:b7:dc:9b:2c:8d:9f:83:72:4f:ed:82:45:
         3c:b1:00:7d:e8:1a:83:40:8c:cb:9a:31:90:38:b3:5b:84:19:
         9d:03:c4:48:ad:b0:50:75:7d:4b:d5:d8:f9:ec:89:d7:fc:ea:
         ee:e9:11:95:a8:b4:37:1e:0d:88:71:12:3a:50:0e:b8:15:91:
         fb:c7:cf:7f:bd:d3:37:f8:35:e2:b2:57:cf:1f:eb:81:40:42:
         cf:dc:3e:41:f0:32:22:3b:ae:8d:f2:4c:e4:73:e3:0a:10:64:
         01:f9:ef:8e:58:7c:a0:e2:f4:d3:bb:c0:d2:00:dc:53:41:1c:
         e2:30:e0:d5:c9:57:a3:6b:38:74:c8:7b:9d:c5:4b:9e:6f:50:
         50:47:23:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjUckP6NcNj+SRaF4g5GFRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm
ZTQ4NzQwHhcNMjUwODIzMDEwMTU0WhcNMjUwODI0MDEwMTU0WjAzMTEwLwYDVQQD
EyhlN2JiMTk1NDE0NzI2OTdjMWVjNmU3ZGQxZmZjODZkNTAzNDQ4M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozfjwM48S52PxmpXDqkQdLUIg9dT
C8YJGcJy3mMWHXarWwih0bx0XdpqY9BABuJRVUPP7rZU+XTRWsz0eSxW/tHl8Dq6
4Ak+M0sUe6XXPLzsIu/264wfY/CroWOR8VI0RzAIV0TYC0yywAgdu4TAyc/ly9iU
r+buj4XNKMnkybZoLuD7OQO1WS3WUoFt25vjBHKeJrhMjM6q0N8l2PTzSj97Szon
/gx7QAkh13WaP4UVhesL8jWCaYt8p57//138nOtUBpINdvtrXiWZoAk0u53v7TYA
onjtq3zEhFTQAykHyAxe7IY9/f9W3pBAZh/rqTxOkAkwyC8SMJ9eEo96xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOe7GVQUcml8Hsbn3R/8htUDRIPgMB8GA1UdIwQY
MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt
NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0
LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATNr9WuMb
4SB8e14ZMo6NhRiCEJuVj1BZy0TMDHDibRAYY0wTquwGTapKe7xqM9/+aqhMMN20
YZwwPPV9azMSB4briLi2pLiNAj6w70rFxGWM/NzGqbVJ5TkUhT11OvuBO2Db6vH4
kjZuJ2XHiICNJcUit9ybLI2fg3JP7YJFPLEAfegag0CMy5oxkDizW4QZnQPESK2w
UHV9S9XY+eyJ1/zq7ukRlai0Nx4NiHESOlAOuBWR+8fPf73TN/g14rJXzx/rgUBC
z9w+QfAyIjuujfJM5HPjChBkAfnvjlh8oOL007vA0gDcU0Ec4jDg1clXo2s4dMh7
ncVLnm9QUEcj4g==
-----END CERTIFICATE-----