Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
File:                     NHkVOIV45h2IaEmiHXC6B1FJwaE.mft (raw, json)
Hash identifier:          y1LX0XFJ3HL/8YkxhXFoxJZq72+ZaO33+vJA47yE/dg=
Subject key identifier:   2E:AF:60:32:AC:57:6B:A2:1B:16:2B:B8:9F:A9:8E:87:90:D6:B8:28
Authority key identifier: 34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1
Certificate issuer:       /CN=347915388578e61d886849a21d70ba075149c1a1
Certificate serial:       0197B8902BCED783B70E1E320266925DF1A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
Manifest number:          0B42
Signing time:             Sat 28 Jun 2025 22:02:25 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:25 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:25 +0000
Files and hashes:         1: NHkVOIV45h2IaEmiHXC6B1FJwaE.crl (hash: yi2OzD/J4gGN+lqjms7+VxBp2JmDxzqUIDw+27mNKf8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:2b:ce:d7:83:b7:0e:1e:32:02:66:92:5d:f1:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347915388578e61d886849a21d70ba075149c1a1
        Validity
            Not Before: Jun 28 22:02:25 2025 GMT
            Not After : Jun 29 22:02:25 2025 GMT
        Subject: CN=2eaf6032ac576ba21b162bb89fa98e8790d6b828
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a6:a4:04:5e:6f:3e:f7:e1:3f:37:cb:f9:8d:
                    76:64:af:e2:93:f1:a8:cf:82:02:de:ad:e5:11:e4:
                    42:11:77:6b:44:61:6a:5d:89:df:10:01:00:bf:8f:
                    0b:b4:4d:92:79:fd:e4:83:10:b9:bc:b3:d5:48:6c:
                    cc:d5:9d:0b:22:fd:15:41:04:f5:b9:53:88:20:94:
                    d5:88:d3:2b:63:b0:42:62:0d:ce:9a:6f:a2:66:1f:
                    6e:3c:e9:c0:fc:61:8b:20:65:f6:f0:fb:ff:0a:32:
                    78:55:50:28:9d:5e:4b:3c:b7:07:a7:67:06:44:7a:
                    2f:ce:f6:1c:52:58:30:3b:24:2f:b0:bc:cc:b2:77:
                    20:fa:43:ef:5a:b7:ee:ba:ae:83:c0:7c:5d:df:a7:
                    98:8c:51:5c:17:35:60:b9:5d:55:0e:e3:93:15:3f:
                    23:86:9e:22:da:d5:e1:66:11:a7:4b:3f:45:08:58:
                    c0:fd:5e:65:c9:ed:79:37:48:5f:5b:7d:40:50:e5:
                    1b:f8:9c:d3:4c:1c:68:4e:d0:d4:a4:16:f9:11:ab:
                    24:c8:47:5d:f5:37:25:2e:ee:b9:64:ef:98:fe:7f:
                    0d:22:70:20:38:18:79:08:a7:c4:62:a1:54:02:1d:
                    43:4b:41:bc:ec:26:4e:7c:06:71:ef:16:20:9a:4a:
                    c3:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:AF:60:32:AC:57:6B:A2:1B:16:2B:B8:9F:A9:8E:87:90:D6:B8:28
            X509v3 Authority Key Identifier:
                keyid:34:79:15:38:85:78:E6:1D:88:68:49:A2:1D:70:BA:07:51:49:C1:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHkVOIV45h2IaEmiHXC6B1FJwaE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4ef69e-9978-436d-90c9-82d97c069566/1/NHkVOIV45h2IaEmiHXC6B1FJwaE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:f6:f0:57:7b:30:54:3d:70:4c:ac:fd:6d:f6:b0:c4:16:de:
         60:25:0d:21:bd:5f:81:c5:d7:2d:2c:4c:9e:42:a7:2a:3d:71:
         9d:55:f6:25:26:67:ab:a3:ed:ad:b2:c9:9d:b3:b8:5a:af:00:
         d1:5d:23:49:a4:e1:6f:f0:ad:72:77:fd:7e:47:bb:42:22:71:
         df:a8:20:2e:3d:8c:d4:c7:69:d1:a9:bf:75:a8:58:4a:ca:49:
         e4:18:31:a2:a6:f5:39:cd:38:95:5f:40:ca:ce:8d:14:28:88:
         14:77:dd:f9:25:29:76:aa:6a:fa:76:d9:70:bf:af:de:5d:df:
         aa:92:db:93:71:5b:50:44:3e:04:a3:b5:57:c7:e7:8b:7d:eb:
         3c:8d:bc:60:f2:55:7c:18:f9:c0:eb:bf:a9:ec:01:b0:ab:48:
         2a:62:2a:ec:d9:74:ba:82:2d:c9:29:64:82:30:77:1c:ab:bb:
         c6:1c:be:ae:43:30:8f:8b:fa:4e:c4:9e:fe:37:b3:7c:5c:bd:
         25:ff:1e:89:b8:dd:b6:56:b3:34:7f:63:f0:ce:ab:ef:44:51:
         e8:2e:63:ad:b6:59:7d:a2:f3:1c:50:81:bd:78:d2:37:6a:48:
         fb:14:33:73:11:ed:8b:0a:c9:7f:75:30:c5:ed:34:9f:14:ee:
         e9:59:1a:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kCvO14O3Dh4yAmaSXfGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzkxNTM4ODU3OGU2MWQ4ODY4NDlhMjFkNzBiYTA3NTE0
OWMxYTEwHhcNMjUwNjI4MjIwMjI1WhcNMjUwNjI5MjIwMjI1WjAzMTEwLwYDVQQD
EygyZWFmNjAzMmFjNTc2YmEyMWIxNjJiYjg5ZmE5OGU4NzkwZDZiODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6akBF5vPvfhPzfL+Y12ZK/ik/Go
z4IC3q3lEeRCEXdrRGFqXYnfEAEAv48LtE2Sef3kgxC5vLPVSGzM1Z0LIv0VQQT1
uVOIIJTViNMrY7BCYg3Omm+iZh9uPOnA/GGLIGX28Pv/CjJ4VVAonV5LPLcHp2cG
RHovzvYcUlgwOyQvsLzMsncg+kPvWrfuuq6DwHxd36eYjFFcFzVguV1VDuOTFT8j
hp4i2tXhZhGnSz9FCFjA/V5lye15N0hfW31AUOUb+JzTTBxoTtDUpBb5EaskyEdd
9TclLu65ZO+Y/n8NInAgOBh5CKfEYqFUAh1DS0G87CZOfAZx7xYgmkrDOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6vYDKsV2uiGxYruJ+pjoeQ1rgoMB8GA1UdIwQY
MBaAFDR5FTiFeOYdiGhJoh1wugdRScGhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzkt
ODJkOTdjMDY5NTY2LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80ZWY2OWUtOTk3OC00MzZkLTkwYzktODJkOTdjMDY5NTY2
LzEvTkhrVk9JVjQ1aDJJYUVtaUhYQzZCMUZKd2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtfbwV3sw
VD1wTKz9bfawxBbeYCUNIb1fgcXXLSxMnkKnKj1xnVX2JSZnq6PtrbLJnbO4Wq8A
0V0jSaThb/Ctcnf9fke7QiJx36ggLj2M1Mdp0am/dahYSspJ5Bgxoqb1Oc04lV9A
ys6NFCiIFHfd+SUpdqpq+nbZcL+v3l3fqpLbk3FbUEQ+BKO1V8fni33rPI28YPJV
fBj5wOu/qewBsKtIKmIq7Nl0uoItySlkgjB3HKu7xhy+rkMwj4v6TsSe/jezfFy9
Jf8eibjdtlazNH9j8M6r70RR6C5jrbZZfaLzHFCBvXjSN2pI+xQzcxHtiwrJf3Uw
xe00nxTu6VkaiA==
-----END CERTIFICATE-----