Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
File:                     ndVRnFTz4jtOEhKogIM58pXaSzQ.mft (raw, json)
Hash identifier:          QOQcjICNB7a0MM12eDEW7/dyJzBNsuopxlcpWuV8BoE=
Subject key identifier:   C6:C6:B3:2A:97:68:53:10:7F:DE:D8:2E:00:6F:9F:29:33:BA:5C:E2
Authority key identifier: 9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34
Certificate issuer:       /CN=9dd5519c54f3e23b4e1212a8808339f295da4b34
Certificate serial:       0198D70581D36ED4FF291AE9C4405B7D76A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
Manifest number:          1647
Signing time:             Sat 23 Aug 2025 13:01:58 +0000
Manifest this update:     Sat 23 Aug 2025 13:01:58 +0000
Manifest next update:     Sun 24 Aug 2025 13:01:58 +0000
Files and hashes:         1: ndVRnFTz4jtOEhKogIM58pXaSzQ.crl (hash: Wcw6YlgxzlUmlyt6+t/yz8bfIdjUzzfTb0gOe4qTcYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:50:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d7:05:81:d3:6e:d4:ff:29:1a:e9:c4:40:5b:7d:76:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dd5519c54f3e23b4e1212a8808339f295da4b34
        Validity
            Not Before: Aug 23 13:01:58 2025 GMT
            Not After : Aug 24 13:01:58 2025 GMT
        Subject: CN=c6c6b32a976853107fded82e006f9f2933ba5ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:9b:06:35:6d:21:d7:6d:41:20:7a:54:07:bc:
                    29:8e:33:14:63:4c:19:25:94:96:d8:e0:68:cb:f3:
                    a2:f2:21:45:f1:dc:02:51:a4:f8:ea:f6:42:bd:96:
                    67:50:31:ed:7b:b6:a2:21:8b:a4:90:28:26:fc:a9:
                    f8:2f:98:ff:59:de:22:1a:5c:30:30:26:0c:6d:8d:
                    39:8a:82:e5:1b:ae:08:35:86:f8:4c:bc:57:d9:37:
                    3d:b4:13:03:ca:9b:d3:b9:30:b8:d2:2a:9b:be:6f:
                    7b:20:46:c3:17:4d:1a:dd:89:55:e0:6e:6b:32:8c:
                    13:f2:08:11:24:00:64:fd:f0:22:3e:be:3f:da:15:
                    9e:4c:e6:cc:ee:ee:d9:b9:ad:e3:1b:a2:a4:29:0e:
                    8c:fb:81:d7:5f:dc:c5:34:09:f2:60:9f:35:6c:6e:
                    70:94:76:10:95:59:09:9f:2b:00:b4:bd:30:e1:cc:
                    d1:41:cd:0d:54:c4:84:d6:8a:9b:75:86:af:0e:d4:
                    48:ba:c1:0d:69:65:d6:b7:18:5b:b0:4a:6a:ac:8f:
                    d5:ba:c7:3f:c5:33:a5:3c:a1:25:8a:98:e8:ed:94:
                    81:81:64:b6:5c:88:73:42:79:35:37:49:de:be:4b:
                    b9:8f:ca:cc:e9:f8:70:74:6b:9b:98:3a:b7:67:7e:
                    d3:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:C6:B3:2A:97:68:53:10:7F:DE:D8:2E:00:6F:9F:29:33:BA:5C:E2
            X509v3 Authority Key Identifier:
                keyid:9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:8f:b1:42:ea:ad:43:0d:72:d1:ca:b0:5d:a9:3b:2d:d6:b9:
         3b:72:6c:a9:18:1f:29:1f:37:91:92:04:13:1e:c0:26:83:e7:
         c1:89:62:92:d7:9b:e6:ae:fd:95:65:93:1c:df:2e:e7:da:35:
         65:66:31:62:22:32:eb:40:87:7a:dc:a1:16:aa:5d:6f:1a:5a:
         52:b0:8c:74:f9:e4:34:b2:d3:8c:18:ff:61:30:22:a6:41:b9:
         db:3b:fe:70:12:1c:8d:72:6d:cf:cc:0e:d2:cf:14:01:35:a9:
         0e:bb:0e:77:b4:7b:10:4a:15:05:c5:ac:3e:82:3c:8d:a1:5a:
         e4:f2:5d:0e:2d:bb:ad:c6:5c:e1:cf:a2:08:de:4a:13:2c:dc:
         33:43:d1:e8:8c:3b:66:64:b5:bb:b4:39:68:df:f4:c4:f8:6f:
         3a:3a:3d:f6:da:36:e8:04:23:90:2a:a2:de:1a:b3:d1:dd:ff:
         35:a6:68:5b:85:5e:44:66:17:01:33:6a:1d:9c:da:da:9b:4f:
         ea:83:e0:02:55:9a:a3:02:fc:94:d5:22:01:f0:80:13:1e:80:
         2b:fd:c2:5d:54:45:13:24:79:73:69:d2:28:3e:32:34:6b:04:
         5c:f7:67:1b:4d:12:fc:2e:cb:4f:52:47:a1:8c:3e:6d:18:06:
         2b:cb:1d:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjXBYHTbtT/KRrpxEBbfXaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZDU1MTljNTRmM2UyM2I0ZTEyMTJhODgwODMzOWYyOTVk
YTRiMzQwHhcNMjUwODIzMTMwMTU4WhcNMjUwODI0MTMwMTU4WjAzMTEwLwYDVQQD
EyhjNmM2YjMyYTk3Njg1MzEwN2ZkZWQ4MmUwMDZmOWYyOTMzYmE1Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZsGNW0h121BIHpUB7wpjjMUY0wZ
JZSW2OBoy/Oi8iFF8dwCUaT46vZCvZZnUDHte7aiIYukkCgm/Kn4L5j/Wd4iGlww
MCYMbY05ioLlG64INYb4TLxX2Tc9tBMDypvTuTC40iqbvm97IEbDF00a3YlV4G5r
MowT8ggRJABk/fAiPr4/2hWeTObM7u7Zua3jG6KkKQ6M+4HXX9zFNAnyYJ81bG5w
lHYQlVkJnysAtL0w4czRQc0NVMSE1oqbdYavDtRIusENaWXWtxhbsEpqrI/Vusc/
xTOlPKElipjo7ZSBgWS2XIhzQnk1N0nevku5j8rM6fhwdGubmDq3Z37TyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMbGsyqXaFMQf97YLgBvnykzulziMB8GA1UdIwQY
MBaAFJ3VUZxU8+I7ThISqICDOfKV2ks0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYt
OGY4YTc3MTE3MTdmLzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYtOGY4YTc3MTE3MTdm
LzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC4+xQuqt
Qw1y0cqwXak7Lda5O3JsqRgfKR83kZIEEx7AJoPnwYlikteb5q79lWWTHN8u59o1
ZWYxYiIy60CHetyhFqpdbxpaUrCMdPnkNLLTjBj/YTAipkG52zv+cBIcjXJtz8wO
0s8UATWpDrsOd7R7EEoVBcWsPoI8jaFa5PJdDi27rcZc4c+iCN5KEyzcM0PR6Iw7
ZmS1u7Q5aN/0xPhvOjo99to26AQjkCqi3hqz0d3/NaZoW4VeRGYXATNqHZza2ptP
6oPgAlWaowL8lNUiAfCAEx6AK/3CXVRFEyR5c2nSKD4yNGsEXPdnG00S/C7LT1JH
oYw+bRgGK8sdpg==
-----END CERTIFICATE-----