Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
File:                     NKh-9PEuNt_cafTUydRQ7us_9tU.mft (raw, json)
Hash identifier:          /h1FOa6q/gYOM6xi2GdB0WWET0wQTfUTHUF95EcSuuw=
Subject key identifier:   FD:8D:0A:88:C1:E5:1C:30:3C:28:61:0C:A2:EE:4E:B6:95:6D:80:EF
Authority key identifier: 34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5
Certificate issuer:       /CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
Certificate serial:       0198D850027B42821BADCC389BE7EB0742DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
Manifest number:          0D42
Signing time:             Sat 23 Aug 2025 19:02:58 +0000
Manifest this update:     Sat 23 Aug 2025 19:02:58 +0000
Manifest next update:     Sun 24 Aug 2025 19:02:58 +0000
Files and hashes:         1: NKh-9PEuNt_cafTUydRQ7us_9tU.crl (hash: 2MXvRKxu6mB+hzydKEafK11yVuNGN+0DE/rdCpX9t+c=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 17:19:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d8:50:02:7b:42:82:1b:ad:cc:38:9b:e7:eb:07:42:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
        Validity
            Not Before: Aug 23 19:02:58 2025 GMT
            Not After : Aug 24 19:02:58 2025 GMT
        Subject: CN=fd8d0a88c1e51c303c28610ca2ee4eb6956d80ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7d:8e:b1:1d:96:c2:a5:80:63:e8:d7:a7:80:
                    9a:4d:5e:c5:fb:5c:65:9a:26:41:d2:79:72:80:d1:
                    b0:09:0e:02:1e:bc:64:53:9b:5d:48:77:52:e0:a2:
                    56:bc:14:3c:08:a0:9c:58:f5:51:bb:fc:06:54:9a:
                    bb:07:2b:8d:7e:e8:64:42:1c:3f:f8:12:42:b9:85:
                    14:73:a7:8b:30:3e:dd:65:ae:54:df:72:56:18:a1:
                    e7:de:24:9b:1c:f8:63:ca:1c:76:27:48:7b:f8:5f:
                    6b:00:02:65:ef:84:0a:ab:84:47:df:9d:2c:63:9e:
                    2d:ae:6b:67:13:f5:2f:4a:94:16:6c:da:7b:4c:2a:
                    af:37:62:da:72:f2:8d:bf:64:d8:c1:9a:54:57:bd:
                    d8:59:ee:c5:7d:56:b0:c2:b5:8f:27:d1:e3:84:64:
                    a7:78:1b:bc:b5:fa:31:38:f0:c3:5e:2f:e8:43:6e:
                    22:76:1e:80:b0:6e:ee:e9:d2:5a:77:8a:88:bf:bf:
                    bf:31:93:66:94:01:67:3b:7c:c0:46:d7:98:a5:bf:
                    3e:64:12:4b:95:e1:99:b9:d0:1a:59:63:ed:32:3a:
                    82:81:bb:db:10:a0:95:3d:8c:af:51:f5:b8:91:85:
                    1f:d2:6c:21:c0:a2:da:0f:ca:7e:d3:c5:92:f4:3f:
                    2f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:8D:0A:88:C1:E5:1C:30:3C:28:61:0C:A2:EE:4E:B6:95:6D:80:EF
            X509v3 Authority Key Identifier:
                keyid:34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:ce:d5:eb:45:5c:bb:0d:e8:8b:a3:8a:70:b9:47:40:d7:af:
         64:a1:35:e9:42:72:9c:fc:3c:c1:06:e8:53:b0:c7:27:83:89:
         48:30:3f:79:b1:3d:85:7b:ba:64:b3:f7:f5:b1:9d:e8:bd:43:
         8a:cb:87:eb:c5:f6:0f:b2:99:12:4c:af:d0:ee:33:08:64:21:
         69:0d:9b:a1:fa:89:66:92:c8:c7:8c:cc:1e:7b:e1:65:2b:4e:
         6e:38:d0:7f:62:c9:cb:8e:ba:50:a7:26:b3:6e:24:ea:29:cd:
         ac:64:24:9b:19:df:76:bf:9a:ee:d5:e3:97:c5:8f:76:6f:a8:
         aa:ec:cd:84:0e:d1:22:45:81:c8:80:5b:e3:99:2c:4d:62:01:
         18:cb:1a:e3:52:96:70:75:02:67:5f:b3:73:2d:87:9b:1d:fa:
         5f:58:b2:12:2c:ff:13:3e:f9:99:15:eb:87:0c:5a:d4:2a:15:
         78:aa:8b:c9:4b:15:ea:c7:1c:03:ef:e6:76:73:5f:51:56:a1:
         83:89:78:89:50:da:93:94:0f:49:ce:7a:e5:a5:19:62:53:86:
         83:01:d0:59:49:8f:e9:72:03:2b:72:3f:44:91:90:82:1e:9d:
         39:f7:88:87:79:b6:dd:17:3b:2a:41:6e:ba:f9:96:59:2d:08:
         a6:48:08:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjYUAJ7QoIbrcw4m+frB0LaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTg3ZWY0ZjEyZTM2ZGZkYzY5ZjRkNGM5ZDQ1MGVlZWIz
ZmY2ZDUwHhcNMjUwODIzMTkwMjU4WhcNMjUwODI0MTkwMjU4WjAzMTEwLwYDVQQD
EyhmZDhkMGE4OGMxZTUxYzMwM2MyODYxMGNhMmVlNGViNjk1NmQ4MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH2OsR2WwqWAY+jXp4CaTV7F+1xl
miZB0nlygNGwCQ4CHrxkU5tdSHdS4KJWvBQ8CKCcWPVRu/wGVJq7ByuNfuhkQhw/
+BJCuYUUc6eLMD7dZa5U33JWGKHn3iSbHPhjyhx2J0h7+F9rAAJl74QKq4RH350s
Y54trmtnE/UvSpQWbNp7TCqvN2LacvKNv2TYwZpUV73YWe7FfVawwrWPJ9HjhGSn
eBu8tfoxOPDDXi/oQ24idh6AsG7u6dJad4qIv7+/MZNmlAFnO3zARteYpb8+ZBJL
leGZudAaWWPtMjqCgbvbEKCVPYyvUfW4kYUf0mwhwKLaD8p+08WS9D8vPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP2NCojB5RwwPChhDKLuTraVbYDvMB8GA1UdIwQY
MBaAFDSofvTxLjbf3Gn01MnUUO7rP/bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQt
ZDQ5MGI4MTU1MDNiLzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQtZDQ5MGI4MTU1MDNi
LzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASs7V60Vc
uw3oi6OKcLlHQNevZKE16UJynPw8wQboU7DHJ4OJSDA/ebE9hXu6ZLP39bGd6L1D
isuH68X2D7KZEkyv0O4zCGQhaQ2bofqJZpLIx4zMHnvhZStObjjQf2LJy466UKcm
s24k6inNrGQkmxnfdr+a7tXjl8WPdm+oquzNhA7RIkWByIBb45ksTWIBGMsa41KW
cHUCZ1+zcy2Hmx36X1iyEiz/Ez75mRXrhwxa1CoVeKqLyUsV6sccA+/mdnNfUVah
g4l4iVDak5QPSc565aUZYlOGgwHQWUmP6XIDK3I/RJGQgh6dOfeIh3m23Rc7KkFu
uvmWWS0IpkgIJg==
-----END CERTIFICATE-----