Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
File:                     NKh-9PEuNt_cafTUydRQ7us_9tU.mft (raw, json)
Hash identifier:          DeD4CEtP6SgFO54FR4kH0EPBAx4bnUwYqh1xo41B0ok=
Subject key identifier:   AB:C3:20:07:2A:29:20:2A:6A:5D:0F:3B:9E:9F:4E:70:B0:61:D7:4C
Authority key identifier: 34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5
Certificate issuer:       /CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
Certificate serial:       0197B8901EABBBB6ECEED52290A50B7C9BD3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
Manifest number:          0CAD
Signing time:             Sat 28 Jun 2025 22:02:22 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:22 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:22 +0000
Files and hashes:         1: NKh-9PEuNt_cafTUydRQ7us_9tU.crl (hash: jSRV4PEdLZAMqfHicab7AaFGCan5OMXoGDKrVdLpvIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:1e:ab:bb:b6:ec:ee:d5:22:90:a5:0b:7c:9b:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
        Validity
            Not Before: Jun 28 22:02:22 2025 GMT
            Not After : Jun 29 22:02:22 2025 GMT
        Subject: CN=abc320072a29202a6a5d0f3b9e9f4e70b061d74c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ae:db:54:ff:58:7d:d1:d0:71:69:fe:e7:f3:
                    f7:af:78:b0:a9:ef:19:93:31:23:3c:f5:e8:ea:f9:
                    21:4c:dd:d5:a3:0e:59:cb:95:3e:71:0d:ea:12:3b:
                    08:4f:11:c3:d7:aa:d2:42:0c:88:04:3a:4a:23:de:
                    73:9f:39:b1:4f:3a:b0:4c:3c:92:c4:68:50:65:8e:
                    d8:8f:f4:e4:94:b0:63:cf:a7:99:c3:f9:0c:16:d0:
                    4c:0a:88:35:b9:e6:c5:b5:31:88:9d:78:be:38:e6:
                    4e:5f:a7:a4:c5:82:41:8e:49:e0:2d:af:95:d3:06:
                    a8:d1:5d:f1:96:1b:f3:90:38:44:c2:4e:ca:b3:b8:
                    99:ad:f1:e7:f5:b2:dd:ec:2e:fb:d4:a8:5a:d0:c9:
                    05:51:ef:39:ab:20:7e:72:1d:ba:b2:b7:73:fd:01:
                    cc:af:12:1d:b6:ee:4b:6a:b1:92:ca:f8:d1:91:67:
                    56:03:25:f1:2f:1c:71:8e:e7:84:ee:03:98:c8:63:
                    7c:af:c5:d4:c8:a8:e3:20:75:6c:34:67:68:ad:4b:
                    51:08:79:29:d0:e9:b2:ec:0e:c7:70:45:fa:a1:a5:
                    08:5d:b5:01:78:37:66:19:fc:1c:4a:77:00:37:55:
                    a0:de:85:ba:55:6f:02:87:12:b9:79:13:24:c7:e3:
                    ce:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:C3:20:07:2A:29:20:2A:6A:5D:0F:3B:9E:9F:4E:70:B0:61:D7:4C
            X509v3 Authority Key Identifier:
                keyid:34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:a8:13:24:85:2a:42:81:48:9c:25:98:e2:be:73:fc:81:6e:
         51:aa:25:43:1d:2c:4f:5e:7f:53:42:74:7f:c4:16:b1:0f:bd:
         67:6c:76:ea:86:fd:1c:4b:64:e6:20:f5:52:8c:92:8a:bf:29:
         73:12:cf:cc:68:a4:41:1b:09:e5:83:64:a3:9f:8c:d2:04:b8:
         be:e8:49:48:0b:db:40:74:9b:45:e4:e7:66:20:3d:b8:50:8b:
         d3:44:b8:ea:10:01:30:32:96:09:b1:5f:f1:16:e7:c8:9b:1d:
         b2:9c:5b:76:7a:79:74:b7:2d:55:f1:85:ca:ec:d1:0c:14:96:
         5a:21:78:0a:5e:d7:06:bc:81:11:e2:14:96:c7:d1:5c:f8:e6:
         04:0d:2a:94:a2:f4:ff:f5:70:d8:e4:2e:d9:5e:43:1b:2a:06:
         8e:a8:69:e0:81:0f:f4:ab:13:11:6c:f8:93:c0:2b:8d:a0:96:
         db:0f:9e:cc:53:fa:d3:c4:e6:1f:f1:1a:f8:44:c4:76:6b:04:
         72:92:75:c0:19:ed:b5:e1:02:a1:95:1f:b0:d7:d1:ed:21:cf:
         de:da:82:fa:2c:ba:8c:a2:d5:be:20:6c:f6:42:eb:af:96:8a:
         14:bf:88:2a:40:1c:7f:a8:92:38:6b:8f:e0:b4:f6:20:b8:ef:
         d6:dc:5b:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kB6ru7bs7tUikKULfJvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTg3ZWY0ZjEyZTM2ZGZkYzY5ZjRkNGM5ZDQ1MGVlZWIz
ZmY2ZDUwHhcNMjUwNjI4MjIwMjIyWhcNMjUwNjI5MjIwMjIyWjAzMTEwLwYDVQQD
EyhhYmMzMjAwNzJhMjkyMDJhNmE1ZDBmM2I5ZTlmNGU3MGIwNjFkNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk67bVP9YfdHQcWn+5/P3r3iwqe8Z
kzEjPPXo6vkhTN3Vow5Zy5U+cQ3qEjsITxHD16rSQgyIBDpKI95znzmxTzqwTDyS
xGhQZY7Yj/TklLBjz6eZw/kMFtBMCog1uebFtTGInXi+OOZOX6ekxYJBjkngLa+V
0wao0V3xlhvzkDhEwk7Ks7iZrfHn9bLd7C771Kha0MkFUe85qyB+ch26srdz/QHM
rxIdtu5LarGSyvjRkWdWAyXxLxxxjueE7gOYyGN8r8XUyKjjIHVsNGdorUtRCHkp
0Omy7A7HcEX6oaUIXbUBeDdmGfwcSncAN1Wg3oW6VW8ChxK5eRMkx+POCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvDIAcqKSAqal0PO56fTnCwYddMMB8GA1UdIwQY
MBaAFDSofvTxLjbf3Gn01MnUUO7rP/bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQt
ZDQ5MGI4MTU1MDNiLzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQtZDQ5MGI4MTU1MDNi
LzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWKgTJIUq
QoFInCWY4r5z/IFuUaolQx0sT15/U0J0f8QWsQ+9Z2x26ob9HEtk5iD1UoySir8p
cxLPzGikQRsJ5YNko5+M0gS4vuhJSAvbQHSbReTnZiA9uFCL00S46hABMDKWCbFf
8RbnyJsdspxbdnp5dLctVfGFyuzRDBSWWiF4Cl7XBryBEeIUlsfRXPjmBA0qlKL0
//Vw2OQu2V5DGyoGjqhp4IEP9KsTEWz4k8ArjaCW2w+ezFP608TmH/Ea+ETEdmsE
cpJ1wBntteECoZUfsNfR7SHP3tqC+iy6jKLVviBs9kLrr5aKFL+IKkAcf6iSOGuP
4LT2ILjv1txbLQ==
-----END CERTIFICATE-----