Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File:                     nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier:          AmJ1Aqg4cRRT4feHnhYLetIAgFKZ7Gd5UKopvTcbBXo=
Subject key identifier:   EA:8C:61:0D:BA:E9:B6:85:BD:BA:AD:49:36:DD:6E:F1:C2:DF:88:18
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer:       /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial:       0197B7EAA0DC789FEA5B6663751EDE122E26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number:          1246
Signing time:             Sat 28 Jun 2025 19:01:36 +0000
Manifest this update:     Sat 28 Jun 2025 19:01:36 +0000
Manifest next update:     Sun 29 Jun 2025 19:01:36 +0000
Files and hashes:         1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: tSEdE8jstX18hS4vRBpSCefjGqsvAgF0fEz5i39stQU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:ea:a0:dc:78:9f:ea:5b:66:63:75:1e:de:12:2e:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
        Validity
            Not Before: Jun 28 19:01:36 2025 GMT
            Not After : Jun 29 19:01:36 2025 GMT
        Subject: CN=ea8c610dbae9b685bdbaad4936dd6ef1c2df8818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:01:2e:ba:a4:ba:33:32:09:1e:58:f4:64:19:
                    b6:a3:c0:27:a3:10:79:75:38:e9:4e:c1:32:c2:83:
                    24:35:0a:d6:00:a8:c0:96:8e:5f:54:df:5a:f8:f1:
                    77:60:49:6f:93:59:40:3c:0a:ea:39:7c:58:86:dd:
                    1c:1d:1f:7c:a9:df:45:c2:b1:c0:e7:25:38:b3:62:
                    9f:90:d8:89:2b:1a:57:25:3b:5f:1d:b9:96:2f:53:
                    ed:65:0a:9d:cc:67:5b:30:e0:5a:d7:a6:82:e4:3b:
                    1f:03:43:4b:56:f2:e3:3d:f6:b3:f0:64:06:95:8f:
                    d3:46:9c:39:bf:bb:30:5f:7c:33:71:48:c1:a8:18:
                    8b:94:14:ca:6a:df:0c:7c:ec:aa:90:1d:ea:75:54:
                    59:7f:56:2b:6d:d3:fc:f5:34:3b:24:65:88:bb:11:
                    be:65:5a:63:98:bd:f9:15:ad:c8:39:21:e0:98:d6:
                    b0:31:7c:15:17:98:23:24:d8:f6:15:c7:61:5e:e9:
                    e3:f2:1c:b7:a6:66:b3:5c:e0:67:4c:f6:37:b0:c2:
                    24:6e:99:61:7e:b8:7f:a5:4c:ab:f2:cc:d8:bd:0a:
                    b5:6a:a8:42:1f:33:4e:06:bb:e1:83:37:33:08:f0:
                    0a:59:48:18:06:5b:72:29:77:85:85:26:61:01:cc:
                    52:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:8C:61:0D:BA:E9:B6:85:BD:BA:AD:49:36:DD:6E:F1:C2:DF:88:18
            X509v3 Authority Key Identifier:
                keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:ee:54:c7:76:7e:b5:45:c7:3f:64:66:9d:57:6f:68:cb:11:
         94:53:49:34:4d:4e:13:0c:fb:e4:bc:c2:c3:ec:08:82:7d:a4:
         45:2d:fb:1c:9a:c9:ea:c8:3e:83:9f:a9:d8:e9:a3:61:86:6a:
         09:9c:10:58:78:fa:90:a5:f0:f5:21:60:1c:86:22:bb:85:4a:
         66:bb:cc:c1:27:2c:08:f0:25:d6:aa:69:df:5c:c5:1a:5d:5d:
         bc:e5:af:48:1c:ce:52:24:58:fd:7d:ba:bf:bf:52:87:ef:46:
         07:c9:16:dc:96:d9:e2:bd:8c:9b:87:b3:74:41:a7:51:fb:81:
         6e:0b:06:81:57:f5:98:f0:f0:43:c7:ac:14:12:56:7f:98:c2:
         b3:b6:ab:27:8b:a7:f8:87:1b:e1:5d:8a:22:15:e6:0e:f2:51:
         6b:ea:c7:99:db:20:62:02:2c:b6:73:76:e5:ef:16:f0:18:02:
         3b:7a:7c:a8:29:2c:1a:d9:b4:13:72:6f:32:2f:c5:b4:ca:ab:
         e3:cc:f9:42:29:b7:01:f9:e4:c0:c2:3a:23:1f:93:98:ef:5b:
         fd:70:a7:ab:b1:c3:b4:d5:2d:01:47:09:f8:e8:14:bc:b9:f6:
         d3:63:a8:4c:4d:cc:6e:c2:bd:08:82:33:56:5e:98:1c:60:04:
         c8:f8:91:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe36qDceJ/qW2ZjdR7eEi4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjUwNjI4MTkwMTM2WhcNMjUwNjI5MTkwMTM2WjAzMTEwLwYDVQQD
EyhlYThjNjEwZGJhZTliNjg1YmRiYWFkNDkzNmRkNmVmMWMyZGY4ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwEuuqS6MzIJHlj0ZBm2o8AnoxB5
dTjpTsEywoMkNQrWAKjAlo5fVN9a+PF3YElvk1lAPArqOXxYht0cHR98qd9FwrHA
5yU4s2KfkNiJKxpXJTtfHbmWL1PtZQqdzGdbMOBa16aC5DsfA0NLVvLjPfaz8GQG
lY/TRpw5v7swX3wzcUjBqBiLlBTKat8MfOyqkB3qdVRZf1YrbdP89TQ7JGWIuxG+
ZVpjmL35Fa3IOSHgmNawMXwVF5gjJNj2FcdhXunj8hy3pmazXOBnTPY3sMIkbplh
frh/pUyr8szYvQq1aqhCHzNOBrvhgzczCPAKWUgYBltyKXeFhSZhAcxSAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOqMYQ266baFvbqtSTbdbvHC34gYMB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfu5Ux3Z+
tUXHP2RmnVdvaMsRlFNJNE1OEwz75LzCw+wIgn2kRS37HJrJ6sg+g5+p2OmjYYZq
CZwQWHj6kKXw9SFgHIYiu4VKZrvMwScsCPAl1qpp31zFGl1dvOWvSBzOUiRY/X26
v79Sh+9GB8kW3JbZ4r2Mm4ezdEGnUfuBbgsGgVf1mPDwQ8esFBJWf5jCs7arJ4un
+Icb4V2KIhXmDvJRa+rHmdsgYgIstnN25e8W8BgCO3p8qCksGtm0E3JvMi/FtMqr
48z5Qim3AfnkwMI6Ix+TmO9b/XCnq7HDtNUtAUcJ+OgUvLn202OoTE3MbsK9CIIz
Vl6YHGAEyPiR9Q==
-----END CERTIFICATE-----