Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
File:                     NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json)
Hash identifier:          YPZANB9bR1dTXtFKesn1KscgeNw2YlcBWgKULuwg5BQ=
Subject key identifier:   E9:AE:64:AC:E8:E8:6B:BD:88:51:AE:71:FC:30:4A:91:85:D1:1F:04
Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00
Certificate issuer:       /CN=3470523cc59d4f052757e712291e2bb79df92800
Certificate serial:       0199228C984A04EF58AE2AD3344710B57536
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
Manifest number:          0180
Signing time:             Sun 07 Sep 2025 05:01:03 +0000
Manifest this update:     Sun 07 Sep 2025 05:01:03 +0000
Manifest next update:     Mon 08 Sep 2025 05:01:03 +0000
Files and hashes:         1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: 9SjeefwgQPMjucPSzK0v6AZAegsEd9tqsNvQSJxtMrw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:8c:98:4a:04:ef:58:ae:2a:d3:34:47:10:b5:75:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800
        Validity
            Not Before: Sep  7 05:01:03 2025 GMT
            Not After : Sep  8 05:01:03 2025 GMT
        Subject: CN=e9ae64ace8e86bbd8851ae71fc304a9185d11f04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:37:a5:a8:d5:d2:61:e8:80:3e:c1:6b:6e:73:
                    c5:c3:91:c8:9d:8b:41:61:9a:dd:ad:62:e9:1c:3c:
                    7f:b7:68:2f:91:46:95:a7:bc:62:6a:1e:c1:5f:0a:
                    46:b6:8b:9b:ca:3a:fe:b6:47:69:68:23:d2:0e:ad:
                    2e:75:16:4b:80:92:0a:cd:7c:69:d7:70:6f:7d:0a:
                    dd:60:e2:f0:3f:10:35:41:6d:e0:97:c9:25:ea:ba:
                    20:fa:25:33:ad:b0:9e:da:d4:ba:97:f0:36:6b:bd:
                    18:8f:6c:8c:ef:66:ec:41:44:d5:5d:13:85:cb:ca:
                    81:4a:d8:aa:b1:af:6d:49:78:17:cd:28:b6:04:5d:
                    bb:69:01:e8:a7:c4:a3:8e:fd:f7:c5:56:05:7b:68:
                    2e:ae:f7:86:50:bc:d3:6d:f0:b6:32:d6:dc:b5:d8:
                    a8:fb:a4:bb:b2:89:67:d7:91:fb:1e:9d:10:63:6e:
                    52:46:74:13:df:31:74:6b:56:04:d2:d7:0a:bf:72:
                    d3:23:07:34:71:0e:57:17:10:b8:7f:e7:48:d6:62:
                    10:af:99:da:35:ea:e4:44:dc:40:09:d0:06:ed:85:
                    72:35:47:52:47:93:e2:ec:e0:02:20:df:8f:88:de:
                    c8:a8:1f:e0:df:7c:10:f0:db:de:39:58:5b:79:8b:
                    ff:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:AE:64:AC:E8:E8:6B:BD:88:51:AE:71:FC:30:4A:91:85:D1:1F:04
            X509v3 Authority Key Identifier:
                keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:fb:dd:7f:e8:3d:bf:92:7e:9e:72:f1:27:2e:0c:e7:c0:c7:
         bd:86:b8:58:bb:13:bf:e0:31:8d:e7:81:6c:99:70:ff:1c:d3:
         d7:ad:33:25:8e:ba:5d:9e:6e:f8:4b:82:e5:6e:ee:4a:e4:3b:
         b6:48:7e:32:0a:c1:6a:99:c4:e9:5f:e9:41:a8:e3:43:90:e7:
         2a:ac:2f:75:ac:3d:14:97:ab:9c:88:75:6d:50:91:58:c3:41:
         12:2f:54:1b:1f:92:c5:ca:26:66:3c:05:e4:08:83:0e:52:bc:
         5f:7b:6f:b5:cd:72:f2:39:25:a6:ce:26:1b:27:de:b5:33:67:
         97:a8:61:0c:a8:2f:48:41:51:7a:fc:83:d6:86:11:1c:9c:63:
         4c:4f:f3:1d:1f:6f:ab:da:17:54:80:98:7b:84:27:4b:2b:4e:
         f8:88:30:69:5a:17:40:71:fa:96:b9:90:86:f0:7a:f2:07:08:
         84:af:8d:ed:15:d2:99:4c:e2:51:2d:55:78:91:fc:d3:c3:68:
         b2:51:31:f3:65:fa:e2:b1:6c:91:27:d8:4d:dc:db:37:d3:9e:
         79:3b:35:fa:4b:e2:a0:77:5f:0f:d9:df:03:e1:79:06:e5:13:
         c8:df:aa:55:79:cb:a4:66:7d:9c:04:9b:10:c7:de:f4:68:4f:
         28:6d:d8:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijJhKBO9YrirTNEcQtXU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm
OTI4MDAwHhcNMjUwOTA3MDUwMTAzWhcNMjUwOTA4MDUwMTAzWjAzMTEwLwYDVQQD
EyhlOWFlNjRhY2U4ZTg2YmJkODg1MWFlNzFmYzMwNGE5MTg1ZDExZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTelqNXSYeiAPsFrbnPFw5HInYtB
YZrdrWLpHDx/t2gvkUaVp7xiah7BXwpGtoubyjr+tkdpaCPSDq0udRZLgJIKzXxp
13BvfQrdYOLwPxA1QW3gl8kl6rog+iUzrbCe2tS6l/A2a70Yj2yM72bsQUTVXROF
y8qBStiqsa9tSXgXzSi2BF27aQHop8Sjjv33xVYFe2gurveGULzTbfC2Mtbctdio
+6S7soln15H7Hp0QY25SRnQT3zF0a1YE0tcKv3LTIwc0cQ5XFxC4f+dI1mIQr5na
NerkRNxACdAG7YVyNUdSR5Pi7OACIN+PiN7IqB/g33wQ8NveOVhbeYv/RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmuZKzo6Gu9iFGucfwwSpGF0R8EMB8GA1UdIwQY
MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt
MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1
LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHPvdf+g9
v5J+nnLxJy4M58DHvYa4WLsTv+AxjeeBbJlw/xzT160zJY66XZ5u+EuC5W7uSuQ7
tkh+MgrBapnE6V/pQajjQ5DnKqwvdaw9FJernIh1bVCRWMNBEi9UGx+SxcomZjwF
5AiDDlK8X3tvtc1y8jklps4mGyfetTNnl6hhDKgvSEFRevyD1oYRHJxjTE/zHR9v
q9oXVICYe4QnSytO+IgwaVoXQHH6lrmQhvB68gcIhK+N7RXSmUziUS1VeJH808No
slEx82X64rFskSfYTdzbN9OeeTs1+kvioHdfD9nfA+F5BuUTyN+qVXnLpGZ9nASb
EMfe9GhPKG3Yuw==
-----END CERTIFICATE-----