Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
File:                     NWlXUM1GUx3eil-yZyzcgw09DG4.mft (raw, json)
Hash identifier:          hSeHhw2VNf5F+MX31u1OPzDLtj8W0ADydxEo2npPFvE=
Subject key identifier:   9C:1B:AC:3F:3E:FC:67:77:19:A8:BC:6B:DE:EE:2F:23:4E:F4:66:2F
Authority key identifier: 35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E
Certificate issuer:       /CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
Certificate serial:       0198469AF6E7671E10D4AC84E3732BBA4A96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
Manifest number:          041C
Signing time:             Sat 26 Jul 2025 12:00:17 +0000
Manifest this update:     Sat 26 Jul 2025 12:00:17 +0000
Manifest next update:     Sun 27 Jul 2025 12:00:17 +0000
Files and hashes:         1: NWlXUM1GUx3eil-yZyzcgw09DG4.crl (hash: zDZTi/k5GfgAqkYDVxlcUqbSsrsZzTLA0kGQlWOcy64=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 06:00:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:46:9a:f6:e7:67:1e:10:d4:ac:84:e3:73:2b:ba:4a:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
        Validity
            Not Before: Jul 26 12:00:17 2025 GMT
            Not After : Jul 27 12:00:17 2025 GMT
        Subject: CN=9c1bac3f3efc677719a8bc6bdeee2f234ef4662f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e8:96:e2:0a:a1:62:9e:bf:62:bd:37:a0:4c:
                    21:2b:4f:72:ee:8b:68:75:4d:b4:79:03:ca:bf:85:
                    7d:ae:b7:55:76:ca:e0:e5:e2:5d:92:8a:05:4d:b0:
                    30:b6:d6:fe:d9:51:72:f9:f8:a3:38:49:18:d4:29:
                    10:09:99:fc:6d:cf:9b:e8:04:35:46:5d:73:d4:51:
                    03:0a:08:73:c1:06:71:3e:37:12:a3:63:f1:52:e6:
                    a0:30:40:9f:fc:19:22:67:1f:83:92:5d:45:9a:52:
                    78:10:62:b9:86:a3:b8:c6:c1:9b:a8:79:a0:f8:8b:
                    7c:b9:95:00:a5:26:85:b4:5c:1a:55:ae:1a:8f:7e:
                    f1:bb:61:b9:5d:48:2a:af:37:11:d6:c7:e3:79:34:
                    03:aa:04:a5:45:62:18:69:db:77:b1:58:1d:b6:60:
                    f6:64:07:d1:54:3c:87:36:10:0f:05:bd:d5:33:28:
                    79:8a:fb:b2:13:0a:89:41:23:ee:90:4a:77:44:ff:
                    08:da:f4:1c:6c:25:4e:eb:65:a5:6e:1b:51:f3:f4:
                    f8:eb:df:50:02:a7:61:38:93:dc:63:3f:eb:63:96:
                    27:6c:9a:27:40:f2:c4:a7:8e:01:14:42:08:cf:3e:
                    59:73:08:fa:cc:56:50:86:35:9d:15:80:3c:8c:4e:
                    5b:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:1B:AC:3F:3E:FC:67:77:19:A8:BC:6B:DE:EE:2F:23:4E:F4:66:2F
            X509v3 Authority Key Identifier:
                keyid:35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:52:d0:f0:e9:58:81:72:22:51:36:ae:f3:9e:b0:d2:18:69:
         64:44:f9:7d:ef:5b:90:6e:df:61:f1:46:fe:0d:b2:d7:e7:a4:
         51:33:d0:0a:e1:4d:1d:2b:fe:da:1b:ed:a8:ad:2f:f0:a0:70:
         96:38:3f:dc:98:d7:30:3e:f5:4d:4a:6f:36:cd:9d:31:d8:90:
         48:a7:c1:dc:ee:9c:65:0c:92:42:38:b9:71:03:f4:4e:e5:f6:
         a2:7a:a2:b7:75:38:cf:02:aa:c8:51:53:47:77:14:21:b5:3f:
         3a:c8:dc:45:e4:de:62:ea:5c:ae:5e:0f:f9:fa:13:a6:64:b3:
         c0:60:1d:b8:c0:87:be:39:30:9a:2c:d7:b1:ea:86:e3:0c:ea:
         43:eb:64:08:35:6b:a6:7b:d9:df:12:d0:b6:db:e7:df:e8:4e:
         d2:a3:cb:2d:44:8a:db:4c:af:14:4a:c2:cd:2d:3a:e8:71:58:
         e5:3a:0a:5c:31:fd:d1:61:21:0b:f8:a6:09:66:08:71:d9:69:
         f1:54:ca:4b:66:aa:6e:3d:89:55:a4:10:0d:06:fa:f0:b8:14:
         37:42:6b:e7:da:12:f4:a4:e1:e2:0a:87:48:da:6a:2e:25:09:
         e1:7a:87:cb:ea:65:16:cf:bc:fd:36:e0:08:2c:28:cc:1d:18:
         c2:56:4f:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhGmvbnZx4Q1KyE43MrukqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Njk1NzUwY2Q0NjUzMWRkZThhNWZiMjY3MmNkYzgzMGQz
ZDBjNmUwHhcNMjUwNzI2MTIwMDE3WhcNMjUwNzI3MTIwMDE3WjAzMTEwLwYDVQQD
Eyg5YzFiYWMzZjNlZmM2Nzc3MTlhOGJjNmJkZWVlMmYyMzRlZjQ2NjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuiW4gqhYp6/Yr03oEwhK09y7oto
dU20eQPKv4V9rrdVdsrg5eJdkooFTbAwttb+2VFy+fijOEkY1CkQCZn8bc+b6AQ1
Rl1z1FEDCghzwQZxPjcSo2PxUuagMECf/BkiZx+Dkl1FmlJ4EGK5hqO4xsGbqHmg
+It8uZUApSaFtFwaVa4aj37xu2G5XUgqrzcR1sfjeTQDqgSlRWIYadt3sVgdtmD2
ZAfRVDyHNhAPBb3VMyh5ivuyEwqJQSPukEp3RP8I2vQcbCVO62WlbhtR8/T4699Q
AqdhOJPcYz/rY5YnbJonQPLEp44BFEIIzz5Zcwj6zFZQhjWdFYA8jE5b2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJwbrD8+/Gd3Gai8a97uLyNO9GYvMB8GA1UdIwQY
MBaAFDVpV1DNRlMd3opfsmcs3IMNPQxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDct
NzdiZmEzN2ZhMDcxLzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDctNzdiZmEzN2ZhMDcx
LzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQlLQ8OlY
gXIiUTau856w0hhpZET5fe9bkG7fYfFG/g2y1+ekUTPQCuFNHSv+2hvtqK0v8KBw
ljg/3JjXMD71TUpvNs2dMdiQSKfB3O6cZQySQji5cQP0TuX2onqit3U4zwKqyFFT
R3cUIbU/OsjcReTeYupcrl4P+foTpmSzwGAduMCHvjkwmizXseqG4wzqQ+tkCDVr
pnvZ3xLQttvn3+hO0qPLLUSK20yvFErCzS066HFY5ToKXDH90WEhC/imCWYIcdlp
8VTKS2aqbj2JVaQQDQb68LgUN0Jr59oS9KTh4gqHSNpqLiUJ4XqHy+plFs+8/Tbg
CCwozB0YwlZP0g==
-----END CERTIFICATE-----