Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
File:                     NJI6ntps8kDsh5WeHcONNh951ho.mft (raw, json)
Hash identifier:          vQqshtfLa428ZR2H1lGpcgQUO+mZ8o/7MPzs4a6HAcI=
Subject key identifier:   79:EF:13:B4:5C:55:D0:AC:95:0B:E3:F3:B0:66:E6:C2:54:85:5A:FB
Authority key identifier: 34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A
Certificate issuer:       /CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
Certificate serial:       019749D6141B4FDBB18BF3F468CB8131CAAD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
Manifest number:          038C
Signing time:             Sat 07 Jun 2025 10:00:55 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:55 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:55 +0000
Files and hashes:         1: NJI6ntps8kDsh5WeHcONNh951ho.crl (hash: c8bw4TrlRSYBBBBax0HBuydmK2WHAwxfXVNuqRfSxD8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d6:14:1b:4f:db:b1:8b:f3:f4:68:cb:81:31:ca:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
        Validity
            Not Before: Jun  7 10:00:55 2025 GMT
            Not After : Jun  8 10:00:55 2025 GMT
        Subject: CN=79ef13b45c55d0ac950be3f3b066e6c254855afb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:80:a7:84:85:75:b8:54:9a:dd:98:cb:fa:32:
                    9c:5e:a6:21:8d:87:51:96:e2:b1:7c:61:35:ba:f6:
                    b9:70:e2:ae:01:e1:c6:6a:86:3c:78:3f:a8:36:28:
                    2d:f2:36:38:c7:69:61:95:c9:96:49:92:1c:3a:cb:
                    c1:6b:fe:d3:e0:d1:a9:c8:10:1d:11:07:af:d1:10:
                    d0:93:09:db:0e:53:a7:0c:e5:ff:02:9a:7a:94:7a:
                    6c:e1:2f:67:1b:72:89:ca:18:0b:3a:67:01:c4:a7:
                    71:96:fb:ea:a3:6a:34:a6:ae:8a:99:79:dc:c7:06:
                    23:4d:1f:9f:c7:d4:32:0b:36:e3:42:9d:89:f0:03:
                    bd:08:d1:f4:08:ad:30:bd:98:2f:56:50:fb:d9:0a:
                    bd:2d:bc:c5:1d:97:6c:8d:58:d7:ce:7c:c4:48:78:
                    6f:f1:4c:c0:0a:3e:ec:ca:1b:a3:44:db:b0:73:1e:
                    eb:d7:aa:13:25:14:60:70:66:4a:8a:26:d9:23:6c:
                    c1:d8:61:68:b3:cb:f3:83:df:7a:d1:cc:2b:ea:50:
                    98:bd:7d:70:b6:18:3a:1f:3b:8c:76:3c:f7:b4:7f:
                    cb:11:f5:be:56:a7:f9:a2:d7:54:64:cb:6f:67:ae:
                    a8:13:08:94:85:fe:7a:3d:3f:b2:8e:a2:df:62:54:
                    08:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:EF:13:B4:5C:55:D0:AC:95:0B:E3:F3:B0:66:E6:C2:54:85:5A:FB
            X509v3 Authority Key Identifier:
                keyid:34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:40:e7:68:83:bd:08:e4:a7:85:7f:2a:8d:fd:22:02:31:a5:
         c8:83:ff:41:06:14:8a:f8:5c:13:d8:31:bc:82:9d:e1:ba:16:
         74:42:38:7b:fa:4f:2e:f4:5a:e0:23:44:16:48:34:ad:39:be:
         ee:65:e4:b1:d2:5c:18:37:e3:2c:f4:05:0d:ce:0d:ce:f6:78:
         5f:a6:0d:f0:49:08:24:20:ee:fb:35:90:4a:94:1a:88:2e:4f:
         9c:54:39:35:af:01:da:69:f9:88:06:7b:50:20:38:a5:e6:11:
         02:36:c4:9c:10:9f:41:73:28:5e:54:76:78:22:e2:6b:db:96:
         6b:76:e6:1a:fb:01:ca:38:11:8a:1b:1f:47:51:90:5e:ad:e8:
         5e:3a:25:d6:ce:5d:ca:9d:f9:c0:73:c4:72:ab:62:30:22:10:
         f5:ba:86:e3:ef:ba:94:d5:3e:b2:70:5d:c9:99:72:97:ba:dd:
         c3:dd:52:d4:4e:bb:ef:8a:aa:32:37:eb:41:b4:fe:15:96:1b:
         06:c3:d2:2f:0c:46:7a:38:94:98:ba:82:83:29:9b:70:af:4e:
         02:02:0d:ce:12:54:23:4a:c3:e2:bb:ee:3d:15:7b:65:9c:ee:
         51:1a:46:af:72:83:8a:de:72:db:27:1b:f1:7b:27:29:97:82:
         4e:86:85:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1hQbT9uxi/P0aMuBMcqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTIzYTllZGE2Y2YyNDBlYzg3OTU5ZTFkYzM4ZDM2MWY3
OWQ2MWEwHhcNMjUwNjA3MTAwMDU1WhcNMjUwNjA4MTAwMDU1WjAzMTEwLwYDVQQD
Eyg3OWVmMTNiNDVjNTVkMGFjOTUwYmUzZjNiMDY2ZTZjMjU0ODU1YWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoCnhIV1uFSa3ZjL+jKcXqYhjYdR
luKxfGE1uva5cOKuAeHGaoY8eD+oNigt8jY4x2lhlcmWSZIcOsvBa/7T4NGpyBAd
EQev0RDQkwnbDlOnDOX/App6lHps4S9nG3KJyhgLOmcBxKdxlvvqo2o0pq6KmXnc
xwYjTR+fx9QyCzbjQp2J8AO9CNH0CK0wvZgvVlD72Qq9LbzFHZdsjVjXznzESHhv
8UzACj7syhujRNuwcx7r16oTJRRgcGZKiibZI2zB2GFos8vzg9960cwr6lCYvX1w
thg6HzuMdjz3tH/LEfW+Vqf5otdUZMtvZ66oEwiUhf56PT+yjqLfYlQIUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHnvE7RcVdCslQvj87Bm5sJUhVr7MB8GA1UdIwQY
MBaAFDSSOp7abPJA7IeVnh3DjTYfedYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEt
MWY4ZjNhZDA0NjgwLzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEtMWY4ZjNhZDA0Njgw
LzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR0DnaIO9
COSnhX8qjf0iAjGlyIP/QQYUivhcE9gxvIKd4boWdEI4e/pPLvRa4CNEFkg0rTm+
7mXksdJcGDfjLPQFDc4NzvZ4X6YN8EkIJCDu+zWQSpQaiC5PnFQ5Na8B2mn5iAZ7
UCA4peYRAjbEnBCfQXMoXlR2eCLia9uWa3bmGvsByjgRihsfR1GQXq3oXjol1s5d
yp35wHPEcqtiMCIQ9bqG4++6lNU+snBdyZlyl7rdw91S1E6774qqMjfrQbT+FZYb
BsPSLwxGejiUmLqCgymbcK9OAgINzhJUI0rD4rvuPRV7ZZzuURpGr3KDit5y2ycb
8XsnKZeCToaF7w==
-----END CERTIFICATE-----