Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          g/jeNaL32CGzStZ2kV84EMm/pLaT7eUJSAdToPlrxL0=
Subject key identifier:   6B:28:7C:75:46:62:8B:BC:62:C9:1B:15:EE:64:F0:8D:2C:E2:7A:6F
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       01992330E20E7109F8F10F93F9C92EF469F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          042F
Signing time:             Sun 07 Sep 2025 08:00:30 +0000
Manifest this update:     Sun 07 Sep 2025 08:00:30 +0000
Manifest next update:     Mon 08 Sep 2025 08:00:30 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: ke5xcdiE/aHGXTuCA1Icg78oN9t2j1bwJxE/2szvhsw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 05:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:23:30:e2:0e:71:09:f8:f1:0f:93:f9:c9:2e:f4:69:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Sep  7 08:00:30 2025 GMT
            Not After : Sep  8 08:00:30 2025 GMT
        Subject: CN=6b287c7546628bbc62c91b15ee64f08d2ce27a6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:53:a5:6f:18:88:12:76:4b:17:3f:7c:4d:6d:
                    a0:3d:f7:b9:19:a9:1f:34:d1:6c:0f:bc:f3:83:1b:
                    f9:78:87:71:63:a6:83:2f:d0:89:d7:40:c2:5f:5e:
                    f7:27:45:db:3e:f0:6b:2c:b9:63:19:ae:5a:43:fa:
                    28:00:ee:49:60:87:a8:bd:20:e0:3c:91:40:81:c9:
                    eb:89:38:c2:0b:6e:d3:39:c3:53:ef:91:a1:d3:70:
                    96:2e:01:23:6f:2b:51:21:8c:34:52:16:be:b8:e7:
                    2c:64:9b:3f:c5:b9:70:e4:03:14:57:dd:2f:ca:d8:
                    69:d8:f0:18:01:fb:bd:24:66:2c:03:12:1f:40:58:
                    eb:b4:4d:e6:4c:e9:90:9b:ce:eb:99:b6:6a:ed:19:
                    12:ac:d3:ce:ba:9f:ff:05:77:e1:48:fe:94:b7:2e:
                    6a:e5:fd:1f:81:f2:68:d4:0b:30:d2:a4:58:57:2f:
                    6a:c5:dc:8c:5f:ed:58:90:9f:1a:06:8c:bd:89:e0:
                    4d:0d:b1:43:f8:15:bc:92:ff:e7:79:62:c4:01:d1:
                    f9:48:5f:5f:dc:ca:0e:e3:81:f4:b8:42:e8:97:44:
                    2b:9d:8d:9a:f8:47:d2:d1:46:98:5e:40:fb:46:ca:
                    7c:07:24:eb:75:e2:fb:ad:1a:bf:5b:71:53:11:53:
                    af:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:28:7C:75:46:62:8B:BC:62:C9:1B:15:EE:64:F0:8D:2C:E2:7A:6F
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:6c:9a:9a:1c:33:82:5b:19:43:84:92:b9:d7:65:0b:fb:df:
         ea:e6:25:4d:b9:f9:fa:d1:a3:26:ed:7a:2c:64:ee:81:e1:ba:
         ed:11:0e:1e:9d:ad:11:75:f6:7e:f1:26:6e:d9:dd:43:59:2d:
         65:e9:5a:e7:21:15:66:a2:75:31:63:3b:ad:fc:75:44:26:79:
         1c:16:91:6a:45:03:f3:7c:70:57:07:27:19:40:e0:53:e7:fa:
         9b:58:6f:27:0f:a7:fb:54:00:09:1a:b8:ce:f8:34:7e:1c:48:
         53:55:ba:82:71:6f:57:50:74:66:37:8c:50:f1:82:25:78:68:
         bf:d7:4a:dc:c4:c1:f2:e6:23:27:7b:2b:44:4d:65:1b:1c:18:
         ec:33:dd:52:16:61:35:0f:68:87:88:f9:06:35:db:2c:69:e9:
         2e:a7:88:3a:5e:72:59:7e:4a:07:1b:83:33:2f:7d:0a:05:5b:
         f7:24:7d:7d:72:6a:5e:8c:4f:1b:3e:ef:91:03:98:c3:f3:b8:
         e0:0a:bd:e0:e9:3a:a5:42:93:93:ff:bf:9c:f4:5a:21:76:2d:
         a0:63:28:e2:1d:d6:08:c0:1b:84:6a:fa:22:57:d3:54:81:c5:
         a2:eb:38:d5:2e:f9:48:57:9d:a3:d9:5c:0b:9e:f1:3f:70:ed:
         8e:36:41:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjMOIOcQn48Q+T+cku9GnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjUwOTA3MDgwMDMwWhcNMjUwOTA4MDgwMDMwWjAzMTEwLwYDVQQD
Eyg2YjI4N2M3NTQ2NjI4YmJjNjJjOTFiMTVlZTY0ZjA4ZDJjZTI3YTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1OlbxiIEnZLFz98TW2gPfe5Gakf
NNFsD7zzgxv5eIdxY6aDL9CJ10DCX173J0XbPvBrLLljGa5aQ/ooAO5JYIeovSDg
PJFAgcnriTjCC27TOcNT75Gh03CWLgEjbytRIYw0Uha+uOcsZJs/xblw5AMUV90v
ythp2PAYAfu9JGYsAxIfQFjrtE3mTOmQm87rmbZq7RkSrNPOup//BXfhSP6Uty5q
5f0fgfJo1Asw0qRYVy9qxdyMX+1YkJ8aBoy9ieBNDbFD+BW8kv/neWLEAdH5SF9f
3MoO44H0uELol0QrnY2a+EfS0UaYXkD7Rsp8ByTrdeL7rRq/W3FTEVOvUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGsofHVGYou8YskbFe5k8I0s4npvMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGyamhwz
glsZQ4SSuddlC/vf6uYlTbn5+tGjJu16LGTugeG67REOHp2tEXX2fvEmbtndQ1kt
Zela5yEVZqJ1MWM7rfx1RCZ5HBaRakUD83xwVwcnGUDgU+f6m1hvJw+n+1QACRq4
zvg0fhxIU1W6gnFvV1B0ZjeMUPGCJXhov9dK3MTB8uYjJ3srRE1lGxwY7DPdUhZh
NQ9oh4j5BjXbLGnpLqeIOl5yWX5KBxuDMy99CgVb9yR9fXJqXoxPGz7vkQOYw/O4
4Aq94Ok6pUKTk/+/nPRaIXYtoGMo4h3WCMAbhGr6IlfTVIHFous41S75SFedo9lc
C57xP3DtjjZB1A==
-----END CERTIFICATE-----