Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
File:                     nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft (raw, json)
Hash identifier:          PBndisnkCBnZO0vOLMglQp7hEtP+8OH8daM6V7mDzcU=
Subject key identifier:   A1:8A:8D:64:83:44:2D:2E:66:F2:F0:C5:7D:8F:46:33:B8:4D:79:B3
Authority key identifier: 9D:76:50:E4:53:B9:8F:6F:4D:D3:33:63:3A:FF:AB:BA:2C:0C:8F:8A
Certificate issuer:       /CN=9d7650e453b98f6f4dd333633affabba2c0c8f8a
Certificate serial:       0197B89057F36F85D40F65D6BE6C1B6FFD00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
Manifest number:          87
Signing time:             Sat 28 Jun 2025 22:02:36 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:36 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:36 +0000
Files and hashes:         1: nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl (hash: wvHk3Zo1CAw37hkl7xuWpIlw38c5Vr2ckIYVdwPfdYk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:57:f3:6f:85:d4:0f:65:d6:be:6c:1b:6f:fd:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d7650e453b98f6f4dd333633affabba2c0c8f8a
        Validity
            Not Before: Jun 28 22:02:36 2025 GMT
            Not After : Jun 29 22:02:36 2025 GMT
        Subject: CN=a18a8d6483442d2e66f2f0c57d8f4633b84d79b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:35:80:99:65:4c:19:e0:e9:47:f9:d9:79:4b:
                    47:12:1b:5c:e9:47:78:8a:cc:d5:c4:1d:dc:0c:4b:
                    aa:5f:49:58:1e:4f:c7:10:03:18:7d:a8:56:6c:6e:
                    47:df:2c:cf:31:19:38:23:8d:05:c2:93:74:34:18:
                    c2:85:04:4b:ed:41:81:fa:11:8c:16:d0:ec:cf:8d:
                    c7:b3:a9:8d:a8:c7:37:c0:59:3c:96:56:1c:e2:6f:
                    0c:2f:81:b6:d5:b6:0e:14:96:d6:01:6d:ee:a4:c3:
                    26:60:0c:25:80:72:67:af:28:d1:0f:21:a6:15:63:
                    c6:28:27:46:d1:8c:c9:e1:b6:83:20:1e:5c:55:8b:
                    ca:da:33:46:df:30:33:ed:db:09:70:cf:e7:e9:67:
                    50:ce:16:26:6e:2c:d7:57:26:dd:80:13:2b:2a:8c:
                    41:a0:1c:28:08:51:8c:41:95:b2:75:ae:dc:75:e5:
                    a3:6b:ed:10:2f:39:39:99:fd:08:9f:27:d6:50:09:
                    40:7c:b8:c0:88:1d:71:39:8f:7f:17:5f:d7:a9:cd:
                    db:1f:a3:41:07:19:39:82:27:8e:1e:93:98:43:51:
                    12:41:64:34:26:51:e9:a1:0f:f4:61:ff:72:53:68:
                    28:22:84:52:0c:81:b6:ef:73:46:fe:5d:ae:78:ce:
                    27:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:8A:8D:64:83:44:2D:2E:66:F2:F0:C5:7D:8F:46:33:B8:4D:79:B3
            X509v3 Authority Key Identifier:
                keyid:9D:76:50:E4:53:B9:8F:6F:4D:D3:33:63:3A:FF:AB:BA:2C:0C:8F:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXZQ5FO5j29N0zNjOv-ruiwMj4o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6bfe53-80c3-4a35-9ecb-d241f9ec5041/1/nXZQ5FO5j29N0zNjOv-ruiwMj4o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:2e:34:96:69:0b:ed:07:b4:1f:3d:1b:c0:a4:6d:db:c7:d2:
         b8:e4:e2:cb:be:3d:f6:25:84:7c:7d:36:d9:d7:7d:2f:bd:11:
         98:c5:43:1f:2e:19:74:c8:0b:05:17:f4:76:83:34:19:4b:49:
         af:38:ec:a0:08:16:f3:00:28:76:42:da:a6:fe:dc:7e:58:15:
         cf:c7:72:a6:e8:5d:ca:a9:84:89:5b:40:eb:0d:59:5d:42:2c:
         47:0a:7d:6c:4f:26:9d:67:5d:4d:89:04:40:53:e2:02:1c:3b:
         c1:c1:3e:76:8f:63:a5:ce:5b:b1:39:78:f4:21:c9:02:48:d8:
         c2:e6:42:b0:56:67:17:8c:9c:8a:06:1b:92:83:1f:13:c7:f2:
         e1:4f:e0:57:cd:a3:31:50:d4:85:c4:6b:1d:dd:06:39:23:f2:
         3f:20:40:47:4d:94:19:ff:fd:1c:30:d1:90:0b:47:26:e5:4f:
         69:77:26:c1:cd:f1:16:d3:b9:cd:6b:db:62:84:65:1a:7c:59:
         2f:e9:26:af:1e:73:2a:8c:d1:65:ee:7b:72:c6:aa:fc:d0:57:
         9e:59:6d:22:11:6a:1b:52:31:06:e5:f7:cd:47:15:57:1e:eb:
         ff:4a:f3:20:65:ec:49:d4:ea:eb:5e:d2:50:9d:64:cd:bf:15:
         24:df:81:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kFfzb4XUD2XWvmwbb/0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNzY1MGU0NTNiOThmNmY0ZGQzMzM2MzNhZmZhYmJhMmMw
YzhmOGEwHhcNMjUwNjI4MjIwMjM2WhcNMjUwNjI5MjIwMjM2WjAzMTEwLwYDVQQD
EyhhMThhOGQ2NDgzNDQyZDJlNjZmMmYwYzU3ZDhmNDYzM2I4NGQ3OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzWAmWVMGeDpR/nZeUtHEhtc6Ud4
iszVxB3cDEuqX0lYHk/HEAMYfahWbG5H3yzPMRk4I40FwpN0NBjChQRL7UGB+hGM
FtDsz43Hs6mNqMc3wFk8llYc4m8ML4G21bYOFJbWAW3upMMmYAwlgHJnryjRDyGm
FWPGKCdG0YzJ4baDIB5cVYvK2jNG3zAz7dsJcM/n6WdQzhYmbizXVybdgBMrKoxB
oBwoCFGMQZWyda7cdeWja+0QLzk5mf0InyfWUAlAfLjAiB1xOY9/F1/Xqc3bH6NB
Bxk5gieOHpOYQ1ESQWQ0JlHpoQ/0Yf9yU2goIoRSDIG273NG/l2ueM4nlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGKjWSDRC0uZvLwxX2PRjO4TXmzMB8GA1UdIwQY
MBaAFJ12UORTuY9vTdMzYzr/q7osDI+KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82YmZlNTMtODBjMy00YTM1LTllY2It
ZDI0MWY5ZWM1MDQxLzEvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82YmZlNTMtODBjMy00YTM1LTllY2ItZDI0MWY5ZWM1MDQx
LzEvblhaUTVGTzVqMjlOMHpOak92LXJ1aXdNajRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvC40lmkL
7Qe0Hz0bwKRt28fSuOTiy7499iWEfH022dd9L70RmMVDHy4ZdMgLBRf0doM0GUtJ
rzjsoAgW8wAodkLapv7cflgVz8dypuhdyqmEiVtA6w1ZXUIsRwp9bE8mnWddTYkE
QFPiAhw7wcE+do9jpc5bsTl49CHJAkjYwuZCsFZnF4ycigYbkoMfE8fy4U/gV82j
MVDUhcRrHd0GOSPyPyBAR02UGf/9HDDRkAtHJuVPaXcmwc3xFtO5zWvbYoRlGnxZ
L+kmrx5zKozRZe57csaq/NBXnlltIhFqG1IxBuX3zUcVVx7r/0rzIGXsSdTq617S
UJ1kzb8VJN+B3A==
-----END CERTIFICATE-----