Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File:                     nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier:          vfrh6i67PwHixiqcQSq0x8IGGeT6MIyFcVbrXTAPzdQ=
Subject key identifier:   C5:2B:92:17:94:7D:DA:AE:28:8C:F5:7F:29:57:0C:DE:38:C4:14:78
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer:       /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial:       0198D5BC14D0B446074B8AE76F66D691FA64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number:          12DA
Signing time:             Sat 23 Aug 2025 07:02:09 +0000
Manifest this update:     Sat 23 Aug 2025 07:02:09 +0000
Manifest next update:     Sun 24 Aug 2025 07:02:09 +0000
Files and hashes:         1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: k93X8R4hjtGz2g4/L9Nuvua0drYNEjSbF/oTDVnmEIk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 05:01:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:bc:14:d0:b4:46:07:4b:8a:e7:6f:66:d6:91:fa:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
        Validity
            Not Before: Aug 23 07:02:09 2025 GMT
            Not After : Aug 24 07:02:09 2025 GMT
        Subject: CN=c52b9217947ddaae288cf57f29570cde38c41478
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:8a:27:93:47:3f:e9:15:20:99:09:5c:b2:7f:
                    6a:38:26:bb:d5:49:21:4b:c9:be:d7:97:d5:83:08:
                    22:9b:e7:ae:87:c9:45:a3:8b:5c:ee:7e:16:8e:0a:
                    ff:07:8f:cd:3e:0a:0b:67:4a:e5:38:42:e3:58:e8:
                    57:a9:28:a8:76:6f:58:15:85:f6:64:e4:2f:d1:d3:
                    73:7b:2b:e6:eb:55:8f:a4:02:fa:7e:2e:0b:81:d2:
                    d3:df:5d:eb:a0:21:c1:83:d4:17:8c:31:36:42:bb:
                    5f:ec:da:f0:44:83:34:74:29:a7:e6:51:2b:ac:4f:
                    d2:8b:c6:96:95:b8:ba:7d:77:78:52:d5:1b:36:29:
                    ac:1a:60:ed:26:83:0f:c1:02:04:31:26:ef:c6:9b:
                    98:bb:5a:7e:36:87:3e:f4:20:2c:3c:52:fb:cd:ff:
                    6d:45:8d:c7:42:f4:40:eb:24:49:c8:8e:a0:23:78:
                    7a:20:f9:07:cf:f0:74:b3:49:2f:ac:02:2f:d5:c7:
                    3d:78:34:ff:3d:88:ff:d4:0b:80:53:c8:92:9f:ba:
                    ab:11:02:48:56:af:a9:fd:b8:ba:f4:94:e8:01:53:
                    ec:44:1e:7d:c0:3d:53:e0:d0:a9:6b:41:6b:b6:5d:
                    9f:d8:22:fa:9d:e7:71:c7:3c:de:e4:b6:f9:27:60:
                    5e:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:2B:92:17:94:7D:DA:AE:28:8C:F5:7F:29:57:0C:DE:38:C4:14:78
            X509v3 Authority Key Identifier:
                keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:76:8a:fa:bc:9c:fe:2c:9c:be:df:7a:08:74:8a:ce:e4:de:
         87:66:66:1e:5f:84:3c:c5:98:f7:da:c1:db:a2:90:e2:fd:9b:
         33:c2:5d:4d:68:54:6b:2e:e7:1b:08:54:ef:3e:85:30:5e:eb:
         ba:7d:0c:01:1a:dd:d4:c9:22:96:bd:86:f1:d8:94:82:aa:03:
         9f:b6:8f:b4:af:dd:ad:f4:11:ed:2f:3f:2a:fc:18:8f:dc:f2:
         20:65:d5:be:f0:89:41:7b:d2:3e:03:1a:b8:3f:22:bf:4c:65:
         9e:bd:60:38:a4:5d:cc:d6:d0:de:ac:73:29:92:42:0b:63:35:
         88:1c:46:f8:1c:ed:cc:34:1b:98:26:dc:92:28:20:56:eb:87:
         96:82:c6:ce:4b:c9:79:57:59:fd:c6:3e:8b:de:6d:36:e6:15:
         01:e3:34:76:29:6c:da:6f:4f:b8:23:d5:4e:6b:fe:cd:f1:48:
         aa:69:99:50:ce:7a:4c:a9:c3:b9:0d:9c:c9:59:4b:8c:97:c7:
         21:90:78:09:1a:a1:4a:d9:1c:9e:bb:a8:47:37:e5:9f:a6:b4:
         83:7e:12:77:cd:d1:3b:cf:0a:ff:10:8e:cc:70:a4:01:06:61:
         91:7f:ff:d6:86:b5:71:88:7e:5b:bd:70:47:e8:59:b3:69:fc:
         1d:1c:d3:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVvBTQtEYHS4rnb2bWkfpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjUwODIzMDcwMjA5WhcNMjUwODI0MDcwMjA5WjAzMTEwLwYDVQQD
EyhjNTJiOTIxNzk0N2RkYWFlMjg4Y2Y1N2YyOTU3MGNkZTM4YzQxNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoonk0c/6RUgmQlcsn9qOCa71Ukh
S8m+15fVgwgim+euh8lFo4tc7n4Wjgr/B4/NPgoLZ0rlOELjWOhXqSiodm9YFYX2
ZOQv0dNzeyvm61WPpAL6fi4LgdLT313roCHBg9QXjDE2Qrtf7NrwRIM0dCmn5lEr
rE/Si8aWlbi6fXd4UtUbNimsGmDtJoMPwQIEMSbvxpuYu1p+Noc+9CAsPFL7zf9t
RY3HQvRA6yRJyI6gI3h6IPkHz/B0s0kvrAIv1cc9eDT/PYj/1AuAU8iSn7qrEQJI
Vq+p/bi69JToAVPsRB59wD1T4NCpa0Frtl2f2CL6nedxxzze5Lb5J2Be+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMUrkheUfdquKIz1fylXDN44xBR4MB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL3aK+ryc
/iycvt96CHSKzuTeh2ZmHl+EPMWY99rB26KQ4v2bM8JdTWhUay7nGwhU7z6FMF7r
un0MARrd1Mkilr2G8diUgqoDn7aPtK/drfQR7S8/KvwYj9zyIGXVvvCJQXvSPgMa
uD8iv0xlnr1gOKRdzNbQ3qxzKZJCC2M1iBxG+BztzDQbmCbckiggVuuHloLGzkvJ
eVdZ/cY+i95tNuYVAeM0dils2m9PuCPVTmv+zfFIqmmZUM56TKnDuQ2cyVlLjJfH
IZB4CRqhStkcnruoRzfln6a0g34Sd83RO88K/xCOzHCkAQZhkX//1oa1cYh+W71w
R+hZs2n8HRzTYg==
-----END CERTIFICATE-----