Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
File:                     NKh-9PEuNt_cafTUydRQ7us_9tU.mft (raw, json)
Hash identifier:          fNjcCk8FNCs69iPZSgYQQUTZIjfEjz/gYKWW7yhXcYY=
Subject key identifier:   23:A0:C8:9B:91:41:5B:7E:35:71:44:11:52:7A:D3:DA:6E:D0:9C:34
Authority key identifier: 34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5
Certificate issuer:       /CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
Certificate serial:       0199FDDA6435FCD110B4309E7AD638AFCCEF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
Manifest number:          0DDA
Signing time:             Sun 19 Oct 2025 19:02:52 +0000
Manifest this update:     Sun 19 Oct 2025 19:02:52 +0000
Manifest next update:     Mon 20 Oct 2025 19:02:52 +0000
Files and hashes:         1: NKh-9PEuNt_cafTUydRQ7us_9tU.crl (hash: Rktij5VE4xGoVdlG9RncOssHqzhnHU3tzBSQe2KXN+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fd:da:64:35:fc:d1:10:b4:30:9e:7a:d6:38:af:cc:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
        Validity
            Not Before: Oct 19 19:02:52 2025 GMT
            Not After : Oct 20 19:02:52 2025 GMT
        Subject: CN=23a0c89b91415b7e35714411527ad3da6ed09c34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:6b:37:d3:37:7a:63:b5:d9:33:53:7b:ea:ce:
                    c3:28:f9:75:d2:09:35:bf:e0:e5:01:21:a1:29:37:
                    39:16:6b:47:35:99:4b:14:7f:d7:2f:ef:b9:97:09:
                    d0:2e:5f:6f:20:4c:c4:9b:f3:92:3d:8b:d6:7b:60:
                    11:1a:c4:24:98:1f:75:eb:11:d6:9a:b1:d9:4c:d1:
                    b7:a7:72:8f:c2:de:5b:25:02:1e:38:4f:6a:89:2b:
                    89:31:ef:7f:b1:75:b3:90:a2:d1:e8:4c:b9:b1:b8:
                    d1:3f:54:f9:9b:de:f2:35:c2:b2:6c:b1:37:6d:41:
                    83:39:2e:a8:7d:a1:c5:1d:c2:c9:50:31:6e:df:fa:
                    7b:fb:52:9f:2a:f8:73:d4:46:36:e4:1c:e6:0e:84:
                    70:68:f1:8b:52:1d:78:69:b0:53:8d:c1:cd:19:e1:
                    3f:fc:93:fa:da:dd:75:8e:31:f4:b6:a6:2b:08:e6:
                    40:8f:74:08:c7:99:d2:57:ec:fd:0d:68:96:38:7b:
                    13:4c:bc:ce:06:17:c4:87:23:3f:12:2f:11:85:2d:
                    34:b3:7b:d9:38:f2:b0:1d:be:34:81:55:9d:48:0c:
                    3f:36:fb:e4:f8:97:68:32:89:4d:75:b3:05:02:13:
                    47:d3:17:d2:05:a6:93:b7:23:9a:16:1a:62:f7:ea:
                    ac:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:A0:C8:9B:91:41:5B:7E:35:71:44:11:52:7A:D3:DA:6E:D0:9C:34
            X509v3 Authority Key Identifier:
                keyid:34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ba:84:98:a0:fa:e1:c1:dc:9d:c5:c8:d6:e7:63:7a:e7:e2:1e:
         51:b8:ec:99:63:63:2a:58:c2:be:09:31:ab:cf:d1:0b:78:af:
         1d:4e:b5:d4:2e:ce:9a:60:43:8e:1a:5f:c6:40:58:13:94:a0:
         da:6a:d1:3e:9c:e6:83:49:78:1b:eb:8f:de:b9:be:5c:b4:84:
         e5:10:bf:2e:ed:17:18:e9:ca:4d:f5:22:73:69:5b:de:3a:11:
         10:3f:35:87:2b:8b:03:97:80:b4:a3:d9:de:63:8a:c6:3a:23:
         c2:a4:93:25:f2:e5:37:fa:1d:b3:b7:11:84:86:39:de:c2:e8:
         7f:92:e3:d2:70:8d:0a:d5:90:8d:d3:32:be:7f:68:c9:28:75:
         fa:05:73:1e:55:71:66:24:cb:d1:ff:76:f8:9e:2f:23:e2:a2:
         9a:15:12:8a:3c:3b:34:3e:c7:7f:31:7f:7e:b1:7e:1f:71:10:
         c7:5b:a0:db:24:ba:00:57:f9:ef:86:d0:d2:64:52:ea:87:57:
         cf:c8:80:24:93:61:16:4d:e4:2b:a2:4e:2f:0b:e2:5f:1f:60:
         3c:f0:18:93:56:77:38:df:5f:26:4f:05:ea:c6:4e:d2:0e:9d:
         0e:16:97:e3:b0:fd:a9:50:0d:8b:8d:9e:8d:18:7d:22:f6:fd:
         a3:42:41:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92mQ1/NEQtDCeetY4r8zvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTg3ZWY0ZjEyZTM2ZGZkYzY5ZjRkNGM5ZDQ1MGVlZWIz
ZmY2ZDUwHhcNMjUxMDE5MTkwMjUyWhcNMjUxMDIwMTkwMjUyWjAzMTEwLwYDVQQD
EygyM2EwYzg5YjkxNDE1YjdlMzU3MTQ0MTE1MjdhZDNkYTZlZDA5YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Gs30zd6Y7XZM1N76s7DKPl10gk1
v+DlASGhKTc5FmtHNZlLFH/XL++5lwnQLl9vIEzEm/OSPYvWe2ARGsQkmB916xHW
mrHZTNG3p3KPwt5bJQIeOE9qiSuJMe9/sXWzkKLR6Ey5sbjRP1T5m97yNcKybLE3
bUGDOS6ofaHFHcLJUDFu3/p7+1KfKvhz1EY25BzmDoRwaPGLUh14abBTjcHNGeE/
/JP62t11jjH0tqYrCOZAj3QIx5nSV+z9DWiWOHsTTLzOBhfEhyM/Ei8RhS00s3vZ
OPKwHb40gVWdSAw/Nvvk+JdoMolNdbMFAhNH0xfSBaaTtyOaFhpi9+qsiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCOgyJuRQVt+NXFEEVJ609pu0Jw0MB8GA1UdIwQY
MBaAFDSofvTxLjbf3Gn01MnUUO7rP/bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQt
ZDQ5MGI4MTU1MDNiLzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQtZDQ5MGI4MTU1MDNi
LzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuoSYoPrh
wdydxcjW52N65+IeUbjsmWNjKljCvgkxq8/RC3ivHU611C7OmmBDjhpfxkBYE5Sg
2mrRPpzmg0l4G+uP3rm+XLSE5RC/Lu0XGOnKTfUic2lb3joRED81hyuLA5eAtKPZ
3mOKxjojwqSTJfLlN/ods7cRhIY53sLof5Lj0nCNCtWQjdMyvn9oySh1+gVzHlVx
ZiTL0f92+J4vI+KimhUSijw7ND7HfzF/frF+H3EQx1ug2yS6AFf574bQ0mRS6odX
z8iAJJNhFk3kK6JOLwviXx9gPPAYk1Z3ON9fJk8F6sZO0g6dDhaX47D9qVANi42e
jRh9Ivb9o0JBCQ==
-----END CERTIFICATE-----