Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.mft
File:                     nxuJ5urGEf1TMtcOuvUxH61lErg.mft (raw, json)
Hash identifier:          vYIHAzShfNG8rOw6LV/mQKYCWijNU3gyCWAHGmkQvSk=
Subject key identifier:   6D:02:BB:29:DE:6B:1A:92:AE:6F:19:56:19:A5:2F:CC:A3:A9:00:B0
Authority key identifier: 9F:1B:89:E6:EA:C6:11:FD:53:32:D7:0E:BA:F5:31:1F:AD:65:12:B8
Certificate issuer:       /CN=9f1b89e6eac611fd5332d70ebaf5311fad6512b8
Certificate serial:       0198443E9886380A62D9CEFCF36488CC8A57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nxuJ5urGEf1TMtcOuvUxH61lErg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.mft
Manifest number:          0F2C
Signing time:             Sat 26 Jul 2025 01:00:09 +0000
Manifest this update:     Sat 26 Jul 2025 01:00:09 +0000
Manifest next update:     Sun 27 Jul 2025 01:00:09 +0000
Files and hashes:         1: nxuJ5urGEf1TMtcOuvUxH61lErg.crl (hash: rmLss++XtjrG6+bnn710tB9R3SYoFZYN2gF6Yw1RXFE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nxuJ5urGEf1TMtcOuvUxH61lErg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 27 Jul 2025 01:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:44:3e:98:86:38:0a:62:d9:ce:fc:f3:64:88:cc:8a:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f1b89e6eac611fd5332d70ebaf5311fad6512b8
        Validity
            Not Before: Jul 26 01:00:09 2025 GMT
            Not After : Jul 27 01:00:09 2025 GMT
        Subject: CN=6d02bb29de6b1a92ae6f195619a52fcca3a900b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:a0:d5:89:d8:ea:13:6a:98:96:1b:32:90:41:
                    7c:c8:24:40:6f:d7:0f:1f:05:df:28:24:af:2c:bb:
                    ab:51:fa:e7:19:f0:95:73:59:a6:78:0a:46:66:22:
                    a9:ed:16:6b:87:ce:dd:4d:34:d4:db:b6:82:f5:b9:
                    5a:e1:d5:1f:ca:cd:b2:97:2f:c3:20:c8:23:99:76:
                    8e:bc:7e:37:82:c2:53:9e:cb:6b:9f:26:10:4c:b0:
                    cc:76:97:dc:93:9e:c9:42:1d:d0:47:97:0a:c4:61:
                    58:b0:02:69:88:7c:85:c0:4c:77:68:de:87:7a:9e:
                    f6:85:31:01:a4:5e:e5:fc:43:6b:3d:2a:95:87:2e:
                    33:88:fd:11:8d:79:eb:28:53:e2:a5:f4:57:f5:ab:
                    40:a8:4d:aa:2e:17:a8:fe:bf:f1:03:f2:66:25:f1:
                    b6:1e:49:ea:9a:8b:d8:7e:16:bd:f5:fa:62:7e:c9:
                    86:e2:02:90:82:8a:15:ab:28:da:5d:60:a8:ec:a4:
                    c2:19:ca:65:35:4d:40:f5:b7:56:5d:ea:d3:1f:1f:
                    3a:f3:89:53:5f:d5:8b:0a:9e:c5:0c:7c:1e:49:b1:
                    3d:8a:3e:7b:04:01:de:a1:e9:07:c8:d9:ec:4e:65:
                    9f:eb:e9:92:71:13:e5:76:5a:eb:68:20:ce:24:f4:
                    85:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:02:BB:29:DE:6B:1A:92:AE:6F:19:56:19:A5:2F:CC:A3:A9:00:B0
            X509v3 Authority Key Identifier:
                keyid:9F:1B:89:E6:EA:C6:11:FD:53:32:D7:0E:BA:F5:31:1F:AD:65:12:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxuJ5urGEf1TMtcOuvUxH61lErg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:71:33:61:09:1e:46:58:0b:2d:b0:12:b3:91:57:2b:75:2f:
         19:f3:4e:b9:9e:7e:ad:e3:57:bf:82:ae:d7:ef:e7:d3:2b:a1:
         12:10:82:41:99:f7:ff:0e:ec:f8:1c:56:38:53:c7:fa:09:df:
         a0:41:7c:67:1d:e8:64:70:26:19:79:3a:81:ee:95:eb:7c:dc:
         6f:bc:30:55:03:0b:39:cc:6a:2a:c4:3b:25:d2:76:af:a2:70:
         c3:a7:46:87:df:10:eb:e7:aa:40:58:07:b5:de:d2:f1:73:93:
         ec:42:84:22:01:8e:dd:a4:0b:52:58:ab:63:b0:b9:51:68:18:
         d7:3f:ff:26:27:f0:47:17:49:40:08:40:5e:c6:5f:b9:45:72:
         82:03:24:dc:0f:e7:3b:10:35:ee:97:ec:28:59:73:f5:1f:9f:
         9d:79:86:c8:c7:c6:8b:34:89:f5:48:1f:4a:95:5c:29:41:12:
         a0:13:09:e9:0b:08:6a:48:a3:f8:ac:1f:09:22:41:07:96:8c:
         65:1f:52:7d:ed:95:47:16:c9:fe:bb:5d:c3:0d:31:a3:3d:ee:
         87:8c:f4:a8:64:db:bc:43:3f:a2:86:50:dd:5b:01:54:01:cf:
         87:09:97:a0:07:8f:e2:ab:77:49:44:fc:d1:6a:1e:be:57:e2:
         fb:f2:ac:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhEPpiGOApi2c7882SIzIpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMWI4OWU2ZWFjNjExZmQ1MzMyZDcwZWJhZjUzMTFmYWQ2
NTEyYjgwHhcNMjUwNzI2MDEwMDA5WhcNMjUwNzI3MDEwMDA5WjAzMTEwLwYDVQQD
Eyg2ZDAyYmIyOWRlNmIxYTkyYWU2ZjE5NTYxOWE1MmZjY2EzYTkwMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6DVidjqE2qYlhsykEF8yCRAb9cP
HwXfKCSvLLurUfrnGfCVc1mmeApGZiKp7RZrh87dTTTU27aC9bla4dUfys2yly/D
IMgjmXaOvH43gsJTnstrnyYQTLDMdpfck57JQh3QR5cKxGFYsAJpiHyFwEx3aN6H
ep72hTEBpF7l/ENrPSqVhy4ziP0RjXnrKFPipfRX9atAqE2qLheo/r/xA/JmJfG2
HknqmovYfha99fpifsmG4gKQgooVqyjaXWCo7KTCGcplNU1A9bdWXerTHx8684lT
X9WLCp7FDHweSbE9ij57BAHeoekHyNnsTmWf6+mScRPldlrraCDOJPSF0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0CuyneaxqSrm8ZVhmlL8yjqQCwMB8GA1UdIwQY
MBaAFJ8biebqxhH9UzLXDrr1MR+tZRK4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnh1SjV1ckdFZjFUTXRjT3V2VXhINjFsRXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hMTg0MWUtMDEwNi00N2RlLTkyM2It
NzQ0ZmIyMWI1NTk4LzEvbnh1SjV1ckdFZjFUTXRjT3V2VXhINjFsRXJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hMTg0MWUtMDEwNi00N2RlLTkyM2ItNzQ0ZmIyMWI1NTk4
LzEvbnh1SjV1ckdFZjFUTXRjT3V2VXhINjFsRXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY3EzYQke
RlgLLbASs5FXK3UvGfNOuZ5+reNXv4Ku1+/n0yuhEhCCQZn3/w7s+BxWOFPH+gnf
oEF8Zx3oZHAmGXk6ge6V63zcb7wwVQMLOcxqKsQ7JdJ2r6Jww6dGh98Q6+eqQFgH
td7S8XOT7EKEIgGO3aQLUlirY7C5UWgY1z//JifwRxdJQAhAXsZfuUVyggMk3A/n
OxA17pfsKFlz9R+fnXmGyMfGizSJ9UgfSpVcKUESoBMJ6QsIakij+KwfCSJBB5aM
ZR9Sfe2VRxbJ/rtdww0xoz3uh4z0qGTbvEM/ooZQ3VsBVAHPhwmXoAeP4qt3SUT8
0Woevlfi+/Ksxg==
-----END CERTIFICATE-----