Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
File:                     NJI6ntps8kDsh5WeHcONNh951ho.mft (raw, json)
Hash identifier:          GhV4Slq4DhtxaMgP2QtZptnsFSn8E/s6BkR6UKr2Ymw=
Subject key identifier:   77:1C:2D:E0:1D:67:4A:36:2E:2F:0C:98:7C:94:65:1D:69:10:99:40
Authority key identifier: 34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A
Certificate issuer:       /CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
Certificate serial:       019922FA39A8D631102FED13F33E8845CC5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
Manifest number:          0481
Signing time:             Sun 07 Sep 2025 07:00:48 +0000
Manifest this update:     Sun 07 Sep 2025 07:00:48 +0000
Manifest next update:     Mon 08 Sep 2025 07:00:48 +0000
Files and hashes:         1: NJI6ntps8kDsh5WeHcONNh951ho.crl (hash: xrG0wa425RqUyflGcCAOqufpcNddl5E67e2mBerRjjs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 07:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:fa:39:a8:d6:31:10:2f:ed:13:f3:3e:88:45:cc:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
        Validity
            Not Before: Sep  7 07:00:48 2025 GMT
            Not After : Sep  8 07:00:48 2025 GMT
        Subject: CN=771c2de01d674a362e2f0c987c94651d69109940
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:f1:59:f1:d5:70:04:25:bc:dd:4c:5d:3e:b7:
                    42:4a:51:a9:29:4f:13:20:c1:51:4b:27:e7:9c:93:
                    12:9d:f7:45:e6:3f:d4:8f:76:f5:44:45:84:7d:93:
                    21:f9:8e:19:f8:f0:0d:ce:7c:a5:e5:f3:46:6c:6a:
                    92:2f:50:39:7f:62:28:e8:98:7d:72:b5:aa:08:9a:
                    f7:88:62:ad:4f:a8:c1:6b:c2:c9:b5:91:f9:4e:91:
                    d5:6b:e1:62:14:e8:78:94:c4:3d:5c:19:f4:41:40:
                    e1:c7:ad:1e:94:b6:53:9d:80:f8:1a:41:8b:ba:72:
                    2f:69:c1:e1:b6:34:6b:e0:33:f0:ca:04:05:28:2a:
                    48:25:e3:df:97:64:05:82:59:07:19:91:b1:6b:b3:
                    7d:94:8b:22:a5:eb:62:15:91:95:a7:9f:62:e3:36:
                    1b:19:0a:fe:4a:e8:88:cf:02:f5:be:7e:cf:6c:40:
                    3e:26:98:ec:7e:a1:9a:b3:24:bc:ef:c5:c3:c3:3f:
                    7b:b9:b3:38:83:c7:8a:4f:ef:27:29:f3:af:fa:d4:
                    de:c9:95:87:da:6f:f0:de:c8:c6:0c:f5:28:2c:d5:
                    4e:e0:3c:3d:d0:79:01:e3:eb:be:f4:7f:fe:74:8b:
                    5c:f4:99:60:89:83:9b:29:3e:b0:ff:de:78:88:4c:
                    c4:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:1C:2D:E0:1D:67:4A:36:2E:2F:0C:98:7C:94:65:1D:69:10:99:40
            X509v3 Authority Key Identifier:
                keyid:34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:0b:07:75:13:41:56:7c:50:a3:78:0a:d4:50:ed:d9:33:d3:
         7c:2d:81:e6:20:4e:f1:dd:a5:df:b8:56:ea:6a:c9:c9:4e:8b:
         8f:86:0e:a6:79:6e:22:c0:d6:c3:13:7f:f5:e0:a7:4f:ed:5b:
         6b:58:72:13:cb:14:72:c2:ca:14:09:34:ba:9f:86:82:43:7c:
         7b:38:39:85:1d:8a:09:08:78:fa:80:6f:14:a7:84:13:29:6e:
         ed:4a:9c:dd:40:cd:63:ff:83:ea:a9:4f:1f:f9:80:08:d0:fe:
         0b:9b:45:99:20:dd:89:80:45:3e:6b:3b:7d:74:f8:92:35:5b:
         78:01:cd:d6:e1:55:8c:1e:dd:e6:90:35:05:5c:2f:98:e3:6e:
         e3:39:bf:0c:0e:01:6f:f9:71:be:4c:e8:eb:b8:63:07:9e:d3:
         6e:04:a9:ee:b4:3a:d6:56:5e:26:ad:9a:08:8d:9c:de:5f:86:
         f6:cf:2e:1b:15:ad:72:d8:f5:46:b9:9a:6d:38:7e:94:62:9a:
         37:76:82:67:49:52:1c:ff:5d:77:87:03:e8:6c:14:85:e3:2f:
         66:c1:a5:5d:0a:c8:71:3b:e0:94:99:97:6b:07:f9:ce:d6:ca:
         8e:a5:af:35:ac:ed:90:13:15:9e:6c:58:0c:99:7b:07:08:c2:
         f7:00:df:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZki+jmo1jEQL+0T8z6IRcxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTIzYTllZGE2Y2YyNDBlYzg3OTU5ZTFkYzM4ZDM2MWY3
OWQ2MWEwHhcNMjUwOTA3MDcwMDQ4WhcNMjUwOTA4MDcwMDQ4WjAzMTEwLwYDVQQD
Eyg3NzFjMmRlMDFkNjc0YTM2MmUyZjBjOTg3Yzk0NjUxZDY5MTA5OTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfFZ8dVwBCW83UxdPrdCSlGpKU8T
IMFRSyfnnJMSnfdF5j/Uj3b1REWEfZMh+Y4Z+PANznyl5fNGbGqSL1A5f2Io6Jh9
crWqCJr3iGKtT6jBa8LJtZH5TpHVa+FiFOh4lMQ9XBn0QUDhx60elLZTnYD4GkGL
unIvacHhtjRr4DPwygQFKCpIJePfl2QFglkHGZGxa7N9lIsipetiFZGVp59i4zYb
GQr+SuiIzwL1vn7PbEA+JpjsfqGasyS878XDwz97ubM4g8eKT+8nKfOv+tTeyZWH
2m/w3sjGDPUoLNVO4Dw90HkB4+u+9H/+dItc9JlgiYObKT6w/954iEzERwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHccLeAdZ0o2Li8MmHyUZR1pEJlAMB8GA1UdIwQY
MBaAFDSSOp7abPJA7IeVnh3DjTYfedYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEt
MWY4ZjNhZDA0NjgwLzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEtMWY4ZjNhZDA0Njgw
LzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArwsHdRNB
VnxQo3gK1FDt2TPTfC2B5iBO8d2l37hW6mrJyU6Lj4YOpnluIsDWwxN/9eCnT+1b
a1hyE8sUcsLKFAk0up+GgkN8ezg5hR2KCQh4+oBvFKeEEylu7Uqc3UDNY/+D6qlP
H/mACND+C5tFmSDdiYBFPms7fXT4kjVbeAHN1uFVjB7d5pA1BVwvmONu4zm/DA4B
b/lxvkzo67hjB57TbgSp7rQ61lZeJq2aCI2c3l+G9s8uGxWtctj1RrmabTh+lGKa
N3aCZ0lSHP9dd4cD6GwUheMvZsGlXQrIcTvglJmXawf5ztbKjqWvNaztkBMVnmxY
DJl7BwjC9wDfoQ==
-----END CERTIFICATE-----