Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
File:                     NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json)
Hash identifier:          62X7tFx2W/jDYwqFXn9xzyELLJItR0q7i4HyjSDip/o=
Subject key identifier:   E4:D4:E1:B2:EE:6E:CB:CC:74:D1:24:E9:9B:13:7C:71:B5:B7:8F:C3
Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74
Certificate issuer:       /CN=349c4837d939840d5f6c74aac08366ef4bfe4874
Certificate serial:       0199239EBD68E6A2E97BEEAE5B62B32DED5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
Manifest number:          025E
Signing time:             Sun 07 Sep 2025 10:00:29 +0000
Manifest this update:     Sun 07 Sep 2025 10:00:29 +0000
Manifest next update:     Mon 08 Sep 2025 10:00:29 +0000
Files and hashes:         1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: s/c1zRpn6RPDE8ZOn/aCs51HMMlcLdQa/X9dqiMJvRs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:9e:bd:68:e6:a2:e9:7b:ee:ae:5b:62:b3:2d:ed:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874
        Validity
            Not Before: Sep  7 10:00:29 2025 GMT
            Not After : Sep  8 10:00:29 2025 GMT
        Subject: CN=e4d4e1b2ee6ecbcc74d124e99b137c71b5b78fc3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:11:be:44:95:26:c9:01:22:13:4e:5c:56:65:
                    3a:f5:61:2a:10:86:43:0d:ee:7d:e6:7a:c9:7a:fc:
                    b4:d5:21:c0:02:82:f8:74:51:8d:00:d0:fb:55:3e:
                    9d:eb:1d:96:b7:82:a7:07:26:a0:b9:2c:bf:8c:65:
                    9f:62:9a:8a:70:53:8c:9a:c8:d5:07:9c:eb:b4:d2:
                    99:b1:dc:71:88:9c:69:39:c0:65:de:f3:6f:c5:3c:
                    78:55:0b:95:49:11:1a:00:20:9e:7f:8f:81:8b:67:
                    c6:90:8f:ed:fe:2e:ea:d4:6f:e1:c6:3b:ba:a7:16:
                    60:fe:e0:9e:d5:0a:a9:7d:41:5f:34:bd:56:b8:95:
                    d5:d4:1d:c8:97:32:f2:91:ef:72:07:27:92:d3:02:
                    b5:19:9a:0a:da:40:29:d5:7b:7b:0d:5c:56:4d:22:
                    d9:28:c7:2d:3c:bf:70:5f:0c:b8:5a:7c:79:85:bf:
                    73:e0:66:cf:88:0b:b5:a0:d5:c7:e2:a7:f0:78:d3:
                    15:bc:49:fb:09:9d:38:e4:17:f7:68:88:32:18:52:
                    4f:f3:13:83:83:0c:64:88:fa:ec:d4:ba:af:48:83:
                    82:b0:53:29:c5:c0:33:d0:c5:60:9c:7b:7b:22:53:
                    14:12:e7:74:55:61:d9:dc:2d:75:7d:2f:7d:42:c7:
                    9f:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:D4:E1:B2:EE:6E:CB:CC:74:D1:24:E9:9B:13:7C:71:B5:B7:8F:C3
            X509v3 Authority Key Identifier:
                keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:35:ff:88:e7:e7:05:d0:e8:86:af:c9:3c:e7:12:ee:36:3d:
         a5:a9:25:8b:fe:a1:15:3f:a4:a9:29:41:5e:75:43:ad:f2:67:
         95:23:fc:6c:1d:e8:63:c2:18:94:17:f2:16:6e:54:b0:5e:71:
         93:d8:47:3b:73:d8:4d:8f:9f:bb:0d:65:9d:ee:db:8b:b3:07:
         c7:af:15:58:1f:25:f2:9b:13:d2:b2:c5:50:81:e9:89:8f:24:
         e1:44:02:2a:75:be:49:cb:1b:b6:78:55:cf:8f:19:e3:61:af:
         90:a8:2a:90:59:48:bd:ff:72:4e:21:ea:19:ae:b4:c2:20:04:
         a0:f6:eb:84:75:3c:48:4a:3f:b1:1a:18:fe:43:6a:03:b9:4e:
         64:50:d6:77:df:b5:4a:8b:42:0a:d6:89:66:ff:92:42:be:5a:
         f2:5c:1e:8e:3d:0d:fb:b7:18:19:20:13:b0:53:86:8e:85:18:
         46:d2:63:51:b1:fa:9c:54:3f:0e:a9:2f:35:a6:ec:5a:09:75:
         53:2b:a0:d8:c9:44:f9:18:09:28:1f:e3:9e:bb:25:93:8a:93:
         41:01:3e:56:e5:d0:ea:b5:92:f9:d7:02:ef:2a:5c:bb:c8:86:
         cb:5b:d7:26:e0:13:d2:09:c6:1d:6c:76:95:90:fb:19:c2:af:
         76:b9:5c:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjnr1o5qLpe+6uW2KzLe1cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm
ZTQ4NzQwHhcNMjUwOTA3MTAwMDI5WhcNMjUwOTA4MTAwMDI5WjAzMTEwLwYDVQQD
EyhlNGQ0ZTFiMmVlNmVjYmNjNzRkMTI0ZTk5YjEzN2M3MWI1Yjc4ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixG+RJUmyQEiE05cVmU69WEqEIZD
De595nrJevy01SHAAoL4dFGNAND7VT6d6x2Wt4KnByaguSy/jGWfYpqKcFOMmsjV
B5zrtNKZsdxxiJxpOcBl3vNvxTx4VQuVSREaACCef4+Bi2fGkI/t/i7q1G/hxju6
pxZg/uCe1QqpfUFfNL1WuJXV1B3IlzLyke9yByeS0wK1GZoK2kAp1Xt7DVxWTSLZ
KMctPL9wXwy4Wnx5hb9z4GbPiAu1oNXH4qfweNMVvEn7CZ045Bf3aIgyGFJP8xOD
gwxkiPrs1LqvSIOCsFMpxcAz0MVgnHt7IlMUEud0VWHZ3C11fS99QsefzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOTU4bLubsvMdNEk6ZsTfHG1t4/DMB8GA1UdIwQY
MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt
NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0
LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfjX/iOfn
BdDohq/JPOcS7jY9pakli/6hFT+kqSlBXnVDrfJnlSP8bB3oY8IYlBfyFm5UsF5x
k9hHO3PYTY+fuw1lne7bi7MHx68VWB8l8psT0rLFUIHpiY8k4UQCKnW+ScsbtnhV
z48Z42GvkKgqkFlIvf9yTiHqGa60wiAEoPbrhHU8SEo/sRoY/kNqA7lOZFDWd9+1
SotCCtaJZv+SQr5a8lwejj0N+7cYGSATsFOGjoUYRtJjUbH6nFQ/DqkvNabsWgl1
Uyug2MlE+RgJKB/jnrslk4qTQQE+VuXQ6rWS+dcC7ypcu8iGy1vXJuAT0gnGHWx2
lZD7GcKvdrlc+w==
-----END CERTIFICATE-----