Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          TfATFC0/yolBPUzH8H3JKMjYVwahrCugf4VCWk49rc8=
Subject key identifier:   C7:3D:F4:27:14:72:8F:6F:64:45:29:24:DF:57:74:8F:E8:3F:90:AF
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       0198D6CD8910EF8A0BBCB8B2A4E03156D009
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          14F6
Signing time:             Sat 23 Aug 2025 12:00:50 +0000
Manifest this update:     Sat 23 Aug 2025 12:00:50 +0000
Manifest next update:     Sun 24 Aug 2025 12:00:50 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: okD6T0qBJIOZ4NIh8czIRNgKA5WkYkbNUn0528zrb0o=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 12:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d6:cd:89:10:ef:8a:0b:bc:b8:b2:a4:e0:31:56:d0:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: Aug 23 12:00:50 2025 GMT
            Not After : Aug 24 12:00:50 2025 GMT
        Subject: CN=c73df42714728f6f64452924df57748fe83f90af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7f:5c:a2:d4:c2:30:5f:39:23:cf:36:74:55:
                    7d:8c:44:6d:3a:fd:06:80:fb:45:7f:b6:21:23:bb:
                    ed:d1:2d:9c:2c:6b:d8:9e:51:1f:32:06:16:a5:62:
                    4b:fb:28:3d:71:07:15:8a:1e:5a:40:7e:db:80:28:
                    80:08:c4:4a:d2:0a:c8:02:0e:86:14:f2:00:4c:b6:
                    48:17:7d:16:e8:51:6f:6b:18:29:8a:05:48:84:21:
                    d9:e6:bb:51:47:3e:16:6b:35:49:3c:8d:86:ab:ff:
                    58:f7:8d:9a:09:29:d4:a8:ba:49:b8:b3:0b:fa:63:
                    0e:f1:d8:7c:cf:9a:ef:de:72:00:f4:aa:cd:07:af:
                    d7:b1:aa:17:da:c6:60:43:c5:9b:2a:7b:1a:78:df:
                    17:1b:e0:e4:e1:4d:63:97:35:72:62:39:9c:5c:08:
                    ab:da:d9:71:e7:66:9c:42:1a:d2:a2:b8:44:6f:ea:
                    28:ae:69:6a:57:8f:31:bb:70:44:4f:8d:fa:0c:3b:
                    4e:5e:02:65:07:b5:ca:29:45:5e:06:88:3f:57:ca:
                    60:b3:5e:b5:7b:61:ca:0d:7f:c1:1d:60:9b:99:84:
                    90:80:f4:bc:a0:e2:7d:2c:d6:a7:5a:9c:01:f4:89:
                    7d:82:b8:d1:36:29:6f:b6:32:4e:d1:9a:5e:d4:04:
                    47:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:3D:F4:27:14:72:8F:6F:64:45:29:24:DF:57:74:8F:E8:3F:90:AF
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:3a:2b:bc:81:b9:c2:f4:6f:1f:4c:61:22:7b:d7:6d:2f:b5:
         1f:3f:8c:c1:b0:71:d2:08:5d:fc:e4:87:13:35:ba:80:94:3f:
         c6:2b:fd:34:c0:39:a5:03:34:31:03:a2:62:c9:f2:47:ab:67:
         6f:58:42:7b:1b:e6:0f:9a:45:f2:93:df:1e:cc:0e:b5:98:bc:
         c7:8e:98:1f:e1:b7:f3:b4:7a:51:dc:8c:14:cd:3c:3c:53:dd:
         52:76:83:6b:52:41:15:64:67:24:5c:94:54:9b:bb:3c:cb:5b:
         80:7a:12:8a:f6:8a:06:de:3b:f3:ac:dc:b2:5c:03:42:d8:be:
         3e:fc:27:d1:2b:d8:f9:be:3b:ce:e5:08:f4:4c:14:7d:7e:61:
         d1:19:fa:08:a1:d6:51:5f:ec:2f:36:4f:33:60:aa:8c:57:31:
         de:74:87:25:ef:b7:25:00:dd:08:fb:1f:35:f1:d1:a6:75:ec:
         12:2f:bd:af:b9:10:21:33:b4:24:86:85:6c:54:6b:45:48:96:
         40:0c:1d:01:12:c0:ab:f8:af:9b:1e:18:74:84:80:54:23:7f:
         a9:79:fb:de:41:65:e0:be:eb:63:e4:ad:66:c3:76:d2:e8:13:
         86:79:34:67:34:f9:eb:41:9a:03:a5:c4:95:df:03:e9:e4:1d:
         f6:6a:0e:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjWzYkQ74oLvLiypOAxVtAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUwODIzMTIwMDUwWhcNMjUwODI0MTIwMDUwWjAzMTEwLwYDVQQD
EyhjNzNkZjQyNzE0NzI4ZjZmNjQ0NTI5MjRkZjU3NzQ4ZmU4M2Y5MGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn9cotTCMF85I882dFV9jERtOv0G
gPtFf7YhI7vt0S2cLGvYnlEfMgYWpWJL+yg9cQcVih5aQH7bgCiACMRK0grIAg6G
FPIATLZIF30W6FFvaxgpigVIhCHZ5rtRRz4WazVJPI2Gq/9Y942aCSnUqLpJuLML
+mMO8dh8z5rv3nIA9KrNB6/XsaoX2sZgQ8WbKnsaeN8XG+Dk4U1jlzVyYjmcXAir
2tlx52acQhrSorhEb+oormlqV48xu3BET436DDtOXgJlB7XKKUVeBog/V8pgs161
e2HKDX/BHWCbmYSQgPS8oOJ9LNanWpwB9Il9grjRNilvtjJO0Zpe1ARHeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMc99CcUco9vZEUpJN9XdI/oP5CvMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWDorvIG5
wvRvH0xhInvXbS+1Hz+MwbBx0ghd/OSHEzW6gJQ/xiv9NMA5pQM0MQOiYsnyR6tn
b1hCexvmD5pF8pPfHswOtZi8x46YH+G387R6UdyMFM08PFPdUnaDa1JBFWRnJFyU
VJu7PMtbgHoSivaKBt4786zcslwDQti+Pvwn0SvY+b47zuUI9EwUfX5h0Rn6CKHW
UV/sLzZPM2CqjFcx3nSHJe+3JQDdCPsfNfHRpnXsEi+9r7kQITO0JIaFbFRrRUiW
QAwdARLAq/ivmx4YdISAVCN/qXn73kFl4L7rY+StZsN20ugThnk0ZzT560GaA6XE
ld8D6eQd9moOyw==
-----END CERTIFICATE-----