Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
File:                     NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json)
Hash identifier:          e11YPmI0ouBAELZ2knWb3Fpy61jiiMDDJfA1B0znXS4=
Subject key identifier:   B9:54:54:51:25:C4:BB:DC:17:1E:E3:2E:5A:61:B1:1F:BC:D8:D4:E1
Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
Certificate issuer:       /CN=3432f3546de43ce35c7871c554b8b30ef635c251
Certificate serial:       019849D3098A56F215BA65B9EA1BAF5655CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
Manifest number:          01A8
Signing time:             Sun 27 Jul 2025 03:00:23 +0000
Manifest this update:     Sun 27 Jul 2025 03:00:23 +0000
Manifest next update:     Mon 28 Jul 2025 03:00:23 +0000
Files and hashes:         1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: eXa6kJlWD4mcfUblvOY2HtMaEKgvz7lSw5p6id8bxn8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 03:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:49:d3:09:8a:56:f2:15:ba:65:b9:ea:1b:af:56:55:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251
        Validity
            Not Before: Jul 27 03:00:23 2025 GMT
            Not After : Jul 28 03:00:23 2025 GMT
        Subject: CN=b954545125c4bbdc171ee32e5a61b11fbcd8d4e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:50:e2:5c:fa:a2:0f:5f:36:80:15:5e:a2:f1:
                    96:71:89:93:f6:d9:a3:31:fb:8f:94:11:c9:1f:00:
                    19:43:ae:35:0f:1b:39:7d:c2:f2:6c:b8:ad:60:f2:
                    db:26:70:6e:3f:11:9d:52:8a:0f:ca:99:cc:78:ad:
                    36:c0:31:aa:6a:4b:ee:e9:33:10:31:77:d8:f4:66:
                    93:8c:04:82:6b:9e:52:d0:15:c4:af:fe:46:b7:86:
                    72:43:2d:12:8c:11:85:bf:d1:9f:e9:54:ad:52:2d:
                    d3:a6:6d:13:fd:c9:30:a6:23:76:ee:c2:7e:f8:16:
                    2c:f9:e4:f9:5b:43:0e:b9:6e:39:b1:40:f4:0d:bb:
                    84:eb:c7:aa:03:c9:e7:e5:6b:a1:11:f2:08:d3:61:
                    33:78:f5:85:ec:68:ae:f1:9a:aa:8a:a7:83:c0:34:
                    4b:9a:5b:90:af:8b:8a:ab:f3:76:5b:d7:aa:c3:b8:
                    5c:ab:dc:24:6f:eb:4c:fa:8c:04:da:99:31:96:96:
                    6a:99:df:f4:36:ed:91:0f:fe:cd:82:dd:fa:f7:f1:
                    72:09:d5:75:c2:cf:62:28:be:09:c9:79:24:ea:e1:
                    84:fc:cd:5a:0b:03:b8:a1:12:fb:52:12:ea:4b:b5:
                    92:33:1e:a9:f5:5f:b7:33:c8:ed:d5:05:f0:be:9e:
                    bf:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:54:54:51:25:C4:BB:DC:17:1E:E3:2E:5A:61:B1:1F:BC:D8:D4:E1
            X509v3 Authority Key Identifier:
                keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:ac:da:fc:17:06:7a:c1:93:ed:fb:8d:45:87:4f:6e:d3:b5:
         a8:78:71:7a:c4:f2:07:72:be:48:79:91:5f:2e:3a:3f:a1:03:
         ff:b3:3c:37:de:a0:cb:10:f6:45:f6:94:1f:a2:9a:e1:37:86:
         ad:bb:c7:21:16:b4:45:56:10:e8:34:5b:15:f8:6f:a0:98:86:
         a0:71:d5:9b:6f:a3:99:2a:e8:27:29:a8:d2:11:65:3e:03:1a:
         7a:57:d3:02:79:6e:d1:f3:12:0d:74:c7:4e:8c:e4:22:4b:60:
         7e:ca:cc:6b:6d:bb:cd:29:8b:03:bc:a1:23:35:76:2e:0a:4b:
         cf:6b:5f:25:7c:3b:e0:e6:18:39:b4:dc:53:8f:15:6e:6a:1b:
         e8:74:22:55:9d:9e:1c:4c:d4:71:77:41:4f:b5:4d:57:80:23:
         04:9d:63:fb:df:13:c8:06:cb:e2:11:65:51:a7:e8:63:f9:3e:
         6c:2c:57:b5:d7:46:be:40:50:cb:96:42:f3:ee:d0:eb:a9:71:
         82:42:df:01:9e:57:f1:4a:02:25:fd:49:6c:64:25:3f:a1:83:
         ac:82:37:6f:a2:b2:2b:66:d7:ef:d4:73:35:1e:7a:07:65:bc:
         ee:c7:9d:7e:a2:ab:32:ac:4c:a5:38:48:05:53:1b:2c:08:1c:
         d8:ca:7c:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhJ0wmKVvIVumW56huvVlXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz
NWMyNTEwHhcNMjUwNzI3MDMwMDIzWhcNMjUwNzI4MDMwMDIzWjAzMTEwLwYDVQQD
EyhiOTU0NTQ1MTI1YzRiYmRjMTcxZWUzMmU1YTYxYjExZmJjZDhkNGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lDiXPqiD182gBVeovGWcYmT9tmj
MfuPlBHJHwAZQ641Dxs5fcLybLitYPLbJnBuPxGdUooPypnMeK02wDGqakvu6TMQ
MXfY9GaTjASCa55S0BXEr/5Gt4ZyQy0SjBGFv9Gf6VStUi3Tpm0T/ckwpiN27sJ+
+BYs+eT5W0MOuW45sUD0DbuE68eqA8nn5WuhEfII02EzePWF7Giu8ZqqiqeDwDRL
mluQr4uKq/N2W9eqw7hcq9wkb+tM+owE2pkxlpZqmd/0Nu2RD/7Ngt369/FyCdV1
ws9iKL4JyXkk6uGE/M1aCwO4oRL7UhLqS7WSMx6p9V+3M8jt1QXwvp6/OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLlUVFElxLvcFx7jLlphsR+82NThMB8GA1UdIwQY
MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct
NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3
LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJKza/BcG
esGT7fuNRYdPbtO1qHhxesTyB3K+SHmRXy46P6ED/7M8N96gyxD2RfaUH6Ka4TeG
rbvHIRa0RVYQ6DRbFfhvoJiGoHHVm2+jmSroJymo0hFlPgMaelfTAnlu0fMSDXTH
TozkIktgfsrMa227zSmLA7yhIzV2LgpLz2tfJXw74OYYObTcU48Vbmob6HQiVZ2e
HEzUcXdBT7VNV4AjBJ1j+98TyAbL4hFlUafoY/k+bCxXtddGvkBQy5ZC8+7Q66lx
gkLfAZ5X8UoCJf1JbGQlP6GDrII3b6KyK2bX79RzNR56B2W87sedfqKrMqxMpThI
BVMbLAgc2Mp8ag==
-----END CERTIFICATE-----