Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
File:                     NKh-9PEuNt_cafTUydRQ7us_9tU.mft (raw, json)
Hash identifier:          iVA/x9Rb2WZufTIPruosKHxXCQwVIvBdR2Y4qEcrpas=
Subject key identifier:   3E:51:0A:58:65:A7:D2:56:40:03:94:2C:54:BE:63:49:0C:F5:6A:C5
Authority key identifier: 34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5
Certificate issuer:       /CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
Certificate serial:       019921B137E9C1E09023041FC93AD9E886AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
Manifest number:          0D68
Signing time:             Sun 07 Sep 2025 01:01:26 +0000
Manifest this update:     Sun 07 Sep 2025 01:01:26 +0000
Manifest next update:     Mon 08 Sep 2025 01:01:26 +0000
Files and hashes:         1: NKh-9PEuNt_cafTUydRQ7us_9tU.crl (hash: 2Yr9Jg0pVFHgXRK6jk4Pf6sI9YTmd1FIGlPUu762fPs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 01:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:b1:37:e9:c1:e0:90:23:04:1f:c9:3a:d9:e8:86:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
        Validity
            Not Before: Sep  7 01:01:26 2025 GMT
            Not After : Sep  8 01:01:26 2025 GMT
        Subject: CN=3e510a5865a7d2564003942c54be63490cf56ac5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:af:58:df:a8:ec:44:34:0b:ea:4e:20:97:f7:
                    da:9f:0f:e6:b6:35:a6:47:c1:aa:45:88:3f:dd:47:
                    ab:ec:f0:64:31:04:bb:20:f1:e8:cc:52:7f:10:2e:
                    c4:c1:7e:0f:05:76:47:c5:07:96:44:17:94:a4:5e:
                    22:35:7a:35:f7:af:aa:41:ef:61:c6:08:6b:04:0c:
                    cc:85:77:ea:99:9a:5b:38:14:1d:02:6f:63:8d:a9:
                    c1:06:d9:e0:65:fb:c5:67:9b:c6:47:e0:8f:ae:7b:
                    2f:d4:53:ea:90:d4:e8:55:6b:df:77:39:b5:da:21:
                    97:ed:dc:52:41:67:cf:5a:09:a0:8a:74:cd:f8:5f:
                    3a:3a:52:31:f5:58:39:2b:9d:44:97:3b:fb:35:4c:
                    11:22:6d:1f:f8:2a:92:3a:26:40:b4:16:f6:44:45:
                    55:f1:22:70:4c:8b:f1:c7:f5:11:6a:06:98:4d:c8:
                    e6:e5:98:29:86:a9:14:7f:ac:39:10:9e:2a:bb:c8:
                    0b:5f:9c:a5:70:ca:a2:86:4e:bc:d5:35:9a:75:09:
                    b9:52:7d:3a:3b:cc:88:a0:38:a5:11:ce:e9:c5:48:
                    f2:94:c3:be:80:9e:34:b4:1a:58:2b:88:7e:4f:c1:
                    c6:ff:ec:ef:6e:59:14:ae:26:e4:73:2d:9d:e0:25:
                    90:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:51:0A:58:65:A7:D2:56:40:03:94:2C:54:BE:63:49:0C:F5:6A:C5
            X509v3 Authority Key Identifier:
                keyid:34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:b6:bd:35:2a:49:27:f3:b4:a1:0a:54:06:45:b2:39:4e:f0:
         6d:f8:28:7f:1a:e5:57:8a:38:90:b3:a2:3e:17:e2:d8:37:16:
         d1:bf:58:d9:c7:80:66:59:ce:04:f7:9b:75:a8:e1:55:53:cd:
         cb:71:b3:26:83:1f:ba:7f:a2:58:6f:07:04:1a:a6:1a:ec:18:
         77:30:95:ac:5a:8a:65:21:58:8c:51:3b:e8:56:83:70:91:0d:
         07:8e:55:69:d8:03:97:53:ca:84:4a:c6:df:93:14:62:ff:28:
         9c:33:ba:db:f9:f8:e0:0b:e5:45:93:8d:c5:69:70:38:c0:c0:
         39:0e:38:0f:a7:19:4d:a6:5c:7a:47:e1:aa:7f:65:fa:e4:13:
         e8:53:62:9f:1c:e9:b9:02:20:67:f8:66:05:23:47:40:47:0b:
         00:17:bd:4a:ac:e5:05:66:60:8e:82:85:a0:b0:a6:1c:03:52:
         31:b5:5b:31:ca:4c:d2:13:9c:f4:60:df:6e:58:c6:80:92:4a:
         50:ac:80:ba:2d:3e:28:c6:03:d2:c2:09:7a:c6:7d:ad:5f:15:
         d9:ed:17:b2:5b:1d:21:52:eb:85:f0:e8:24:4e:c3:37:3d:72:
         4b:e8:73:19:33:dd:8b:77:fa:ed:06:0e:07:8f:2e:1d:c2:a9:
         15:18:d9:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkhsTfpweCQIwQfyTrZ6IauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTg3ZWY0ZjEyZTM2ZGZkYzY5ZjRkNGM5ZDQ1MGVlZWIz
ZmY2ZDUwHhcNMjUwOTA3MDEwMTI2WhcNMjUwOTA4MDEwMTI2WjAzMTEwLwYDVQQD
EygzZTUxMGE1ODY1YTdkMjU2NDAwMzk0MmM1NGJlNjM0OTBjZjU2YWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4a9Y36jsRDQL6k4gl/fanw/mtjWm
R8GqRYg/3Uer7PBkMQS7IPHozFJ/EC7EwX4PBXZHxQeWRBeUpF4iNXo196+qQe9h
xghrBAzMhXfqmZpbOBQdAm9jjanBBtngZfvFZ5vGR+CPrnsv1FPqkNToVWvfdzm1
2iGX7dxSQWfPWgmginTN+F86OlIx9Vg5K51Elzv7NUwRIm0f+CqSOiZAtBb2REVV
8SJwTIvxx/URagaYTcjm5ZgphqkUf6w5EJ4qu8gLX5ylcMqihk681TWadQm5Un06
O8yIoDilEc7pxUjylMO+gJ40tBpYK4h+T8HG/+zvblkUribkcy2d4CWQ3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD5RClhlp9JWQAOULFS+Y0kM9WrFMB8GA1UdIwQY
MBaAFDSofvTxLjbf3Gn01MnUUO7rP/bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQt
ZDQ5MGI4MTU1MDNiLzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQtZDQ5MGI4MTU1MDNi
LzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmba9NSpJ
J/O0oQpUBkWyOU7wbfgofxrlV4o4kLOiPhfi2DcW0b9Y2ceAZlnOBPebdajhVVPN
y3GzJoMfun+iWG8HBBqmGuwYdzCVrFqKZSFYjFE76FaDcJENB45VadgDl1PKhErG
35MUYv8onDO62/n44AvlRZONxWlwOMDAOQ44D6cZTaZcekfhqn9l+uQT6FNinxzp
uQIgZ/hmBSNHQEcLABe9SqzlBWZgjoKFoLCmHANSMbVbMcpM0hOc9GDfbljGgJJK
UKyAui0+KMYD0sIJesZ9rV8V2e0XslsdIVLrhfDoJE7DNz1yS+hzGTPdi3f67QYO
B48uHcKpFRjZcA==
-----END CERTIFICATE-----