Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.mft
File:                     ndrXzlnL6NGaA0EfocbJug1CAqI.mft (raw, json)
Hash identifier:          wzVUdgLfx7wmKhnDv0F7ZJMhIm4r9ZyDuXlhkMataQc=
Subject key identifier:   93:07:D8:4A:13:3D:E2:F6:F9:68:1A:67:F9:3B:E7:CE:EA:94:6C:97
Authority key identifier: 9D:DA:D7:CE:59:CB:E8:D1:9A:03:41:1F:A1:C6:C9:BA:0D:42:02:A2
Certificate issuer:       /CN=9ddad7ce59cbe8d19a03411fa1c6c9ba0d4202a2
Certificate serial:       0197B88FE2541C03AA393180C73C7A92A08D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ndrXzlnL6NGaA0EfocbJug1CAqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.mft
Manifest number:          0926
Signing time:             Sat 28 Jun 2025 22:02:06 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:06 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:06 +0000
Files and hashes:         1: ndrXzlnL6NGaA0EfocbJug1CAqI.crl (hash: hl7Y2JrQseZXGsDYGxt9MwTb68SF10efoiD18LhHnHY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ndrXzlnL6NGaA0EfocbJug1CAqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:8f:e2:54:1c:03:aa:39:31:80:c7:3c:7a:92:a0:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ddad7ce59cbe8d19a03411fa1c6c9ba0d4202a2
        Validity
            Not Before: Jun 28 22:02:06 2025 GMT
            Not After : Jun 29 22:02:06 2025 GMT
        Subject: CN=9307d84a133de2f6f9681a67f93be7ceea946c97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:77:e8:44:fb:97:97:06:83:53:de:83:35:d8:
                    f6:7e:d5:1c:55:10:7d:6d:e4:bd:2d:58:a2:67:c2:
                    76:a6:a6:fa:6c:f7:91:fc:f5:fb:5b:ce:fd:54:1f:
                    61:3f:3c:9e:61:85:43:ad:85:a4:5f:f2:e3:36:3f:
                    76:d0:09:02:b0:f7:c7:56:38:08:7c:84:ab:dc:17:
                    1b:6d:03:f1:e2:58:bd:c6:e1:58:c5:77:65:d5:cc:
                    df:17:d6:b0:59:33:b7:c1:74:c8:05:68:36:52:46:
                    18:7f:94:47:08:01:1b:9e:70:82:ec:32:ec:9c:66:
                    3c:4e:51:85:70:ff:a1:d3:7b:ef:19:ee:ff:95:14:
                    c9:69:4b:74:93:e7:a0:6f:4e:da:f7:ee:e9:50:b2:
                    f5:02:58:6d:c8:59:7f:a0:9a:5c:e1:09:b4:06:6b:
                    89:63:6e:21:46:5e:c5:fa:03:9c:6b:98:1b:ab:68:
                    07:37:dd:65:b7:98:30:57:d1:f8:b0:13:2e:6c:f1:
                    f7:1d:cc:ae:41:fc:08:e7:95:75:29:34:ee:b6:25:
                    27:2f:87:30:32:fc:0a:76:bc:14:9e:7d:02:ab:e6:
                    25:f1:e9:75:61:88:11:b6:b9:e2:58:6d:41:2f:6f:
                    c6:a8:60:f7:77:cd:17:8d:d3:cd:f2:b4:3b:d7:b9:
                    cf:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:07:D8:4A:13:3D:E2:F6:F9:68:1A:67:F9:3B:E7:CE:EA:94:6C:97
            X509v3 Authority Key Identifier:
                keyid:9D:DA:D7:CE:59:CB:E8:D1:9A:03:41:1F:A1:C6:C9:BA:0D:42:02:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndrXzlnL6NGaA0EfocbJug1CAqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:bc:da:a4:f2:12:0b:94:4c:d0:90:ad:12:18:b0:2b:19:c8:
         3f:1b:55:cf:07:a2:b8:f3:e4:4c:43:d9:2d:d5:19:63:a3:65:
         be:b4:e2:1e:8d:dc:c2:bc:ec:6a:e2:8b:7d:e2:db:20:c1:82:
         a0:3e:55:46:64:33:58:a4:9e:ec:2f:18:57:3f:8d:c6:52:e0:
         af:c3:8a:cc:0e:13:5f:97:2d:49:b5:0d:34:7b:1e:c1:a7:c2:
         41:6e:3a:1b:f1:99:da:74:74:9b:b8:ac:5a:da:a7:2e:ee:71:
         18:61:e4:f1:54:3a:49:7d:57:4d:fd:15:82:d4:78:8f:64:bf:
         1f:b0:2e:1b:c5:ef:94:80:99:99:e6:d5:d7:37:c1:80:83:8b:
         05:2e:76:d7:74:d7:98:ed:81:77:51:96:14:04:80:6e:5a:a1:
         07:93:39:14:ce:39:b9:82:ed:56:dd:55:2a:58:71:5b:8a:18:
         e4:85:cd:38:90:f6:3b:06:a4:12:86:eb:4e:13:70:8c:04:c5:
         33:8a:47:17:16:c0:04:c8:1b:a6:a6:bc:6d:1f:94:0d:8a:45:
         c7:f4:5e:38:8a:55:4c:6f:6c:dc:8a:35:63:98:96:23:33:a6:
         31:61:cf:4a:e3:09:b4:fa:4a:07:51:c3:85:33:3a:4a:d4:8b:
         a5:a6:76:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4j+JUHAOqOTGAxzx6kqCNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZGFkN2NlNTljYmU4ZDE5YTAzNDExZmExYzZjOWJhMGQ0
MjAyYTIwHhcNMjUwNjI4MjIwMjA2WhcNMjUwNjI5MjIwMjA2WjAzMTEwLwYDVQQD
Eyg5MzA3ZDg0YTEzM2RlMmY2Zjk2ODFhNjdmOTNiZTdjZWVhOTQ2Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XfoRPuXlwaDU96DNdj2ftUcVRB9
beS9LViiZ8J2pqb6bPeR/PX7W879VB9hPzyeYYVDrYWkX/LjNj920AkCsPfHVjgI
fISr3BcbbQPx4li9xuFYxXdl1czfF9awWTO3wXTIBWg2UkYYf5RHCAEbnnCC7DLs
nGY8TlGFcP+h03vvGe7/lRTJaUt0k+egb07a9+7pULL1AlhtyFl/oJpc4Qm0BmuJ
Y24hRl7F+gOca5gbq2gHN91lt5gwV9H4sBMubPH3HcyuQfwI55V1KTTutiUnL4cw
MvwKdrwUnn0Cq+Yl8el1YYgRtrniWG1BL2/GqGD3d80XjdPN8rQ717nPMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJMH2EoTPeL2+WgaZ/k7587qlGyXMB8GA1UdIwQY
MBaAFJ3a185Zy+jRmgNBH6HGyboNQgKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRyWHpsbkw2TkdhQTBFZm9jYkp1ZzFDQXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MDYzNWEtNjMwZC00ZjY0LWFjNDMt
Y2NhMzUyOGUyMGUyLzEvbmRyWHpsbkw2TkdhQTBFZm9jYkp1ZzFDQXFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MDYzNWEtNjMwZC00ZjY0LWFjNDMtY2NhMzUyOGUyMGUy
LzEvbmRyWHpsbkw2TkdhQTBFZm9jYkp1ZzFDQXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACrzapPIS
C5RM0JCtEhiwKxnIPxtVzweiuPPkTEPZLdUZY6NlvrTiHo3cwrzsauKLfeLbIMGC
oD5VRmQzWKSe7C8YVz+NxlLgr8OKzA4TX5ctSbUNNHsewafCQW46G/GZ2nR0m7is
WtqnLu5xGGHk8VQ6SX1XTf0VgtR4j2S/H7AuG8XvlICZmebV1zfBgIOLBS5213TX
mO2Bd1GWFASAblqhB5M5FM45uYLtVt1VKlhxW4oY5IXNOJD2OwakEobrThNwjATF
M4pHFxbABMgbpqa8bR+UDYpFx/ReOIpVTG9s3Io1Y5iWIzOmMWHPSuMJtPpKB1HD
hTM6StSLpaZ2Wg==
-----END CERTIFICATE-----