Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
File:                     NKh-9PEuNt_cafTUydRQ7us_9tU.mft (raw, json)
Hash identifier:          Ks3YlmOeEdVwEnVkU1gp7kqA8nem1yFL8MQw7D+my0o=
Subject key identifier:   A9:B4:0C:DD:CA:37:42:3C:95:BC:E4:DB:B2:E1:11:C1:5F:4A:68:44
Authority key identifier: 34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5
Certificate issuer:       /CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
Certificate serial:       01958C60C288B715B195629F063A50257C7B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
Manifest number:          0B8D
Signing time:             Wed 12 Mar 2025 22:01:46 +0000
Manifest this update:     Wed 12 Mar 2025 22:01:46 +0000
Manifest next update:     Thu 13 Mar 2025 22:01:46 +0000
Files and hashes:         1: NKh-9PEuNt_cafTUydRQ7us_9tU.crl (hash: aYN9aNCr1OUwbBdVsPju5Q8zW4gSGEdj5VKqo4cvvi8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 19:14:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:8c:60:c2:88:b7:15:b1:95:62:9f:06:3a:50:25:7c:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
        Validity
            Not Before: Mar 12 22:01:46 2025 GMT
            Not After : Mar 13 22:01:46 2025 GMT
        Subject: CN=a9b40cddca37423c95bce4dbb2e111c15f4a6844
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:12:f6:9b:f2:7e:b3:0e:19:fb:be:26:3d:6e:
                    fd:08:fc:79:d4:d1:a6:74:2c:02:cc:72:d6:bf:ee:
                    22:70:9e:b5:88:52:3f:4f:38:0d:79:b3:22:8d:0b:
                    18:48:93:93:47:24:fe:98:aa:85:54:f6:22:84:66:
                    28:04:fa:79:0b:e2:b9:47:75:d7:3a:87:47:2b:41:
                    52:28:46:2d:29:9f:61:3f:60:fe:3f:be:58:b5:f4:
                    4c:4d:16:0e:7b:01:e3:76:9e:25:91:fd:47:8c:e5:
                    34:a9:0f:76:47:c2:ad:34:30:05:8b:ee:f8:16:57:
                    4f:f1:a5:d1:ff:90:fa:7f:99:b1:10:fa:1b:19:30:
                    55:b6:31:b3:9f:07:a0:39:a8:56:e5:52:01:bb:2c:
                    a2:59:48:01:71:dd:ba:62:10:bf:2f:a0:29:b5:f6:
                    ef:4d:b8:27:02:7d:31:d4:03:90:dd:3b:37:e5:b0:
                    32:80:88:78:1a:4c:82:6b:1c:38:43:53:1b:27:1b:
                    06:08:9e:63:52:e7:24:ed:a3:2a:fc:3a:74:95:d3:
                    e1:89:49:59:a4:d6:ca:a2:9e:8e:b8:79:df:52:50:
                    9a:ad:28:36:dc:75:4d:5b:a9:58:0b:1e:17:d7:91:
                    34:af:b0:58:72:1f:09:98:eb:47:d1:c8:7c:60:79:
                    2e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:B4:0C:DD:CA:37:42:3C:95:BC:E4:DB:B2:E1:11:C1:5F:4A:68:44
            X509v3 Authority Key Identifier:
                keyid:34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:12:f1:ae:10:76:f6:a2:f7:b1:9c:e8:04:93:28:f6:6e:d1:
         67:ac:68:e5:74:a3:31:9b:55:ff:30:63:65:55:50:53:17:5f:
         2d:b4:00:88:0c:70:30:69:52:6c:c4:0f:18:d2:b9:8c:7f:4c:
         cb:8f:b3:4e:1a:1f:51:00:74:c0:cc:e8:dc:cd:ae:b8:5f:f8:
         08:d5:03:55:56:d1:0b:67:ca:12:48:68:6b:31:14:de:f8:5f:
         26:b9:4f:6f:c0:dd:ff:19:c6:97:1a:c0:8f:4b:83:8c:24:e8:
         4c:c9:a1:76:e9:80:3d:34:c7:5d:38:e3:9a:65:1e:7c:ab:19:
         45:35:4a:f6:bf:94:ce:00:c1:1b:3f:3b:92:a9:bc:e4:a7:e3:
         a8:b9:17:e8:e3:28:a6:d7:c5:c0:c7:f5:35:e3:6b:c7:e4:1c:
         ab:b8:77:86:ce:9f:0c:17:e2:b9:21:60:16:b3:80:50:05:81:
         8d:57:d5:8e:ec:d5:7c:7b:db:1d:f2:87:5c:14:fc:ac:7b:2a:
         56:3a:d3:c2:4e:5b:cb:7c:91:7b:18:61:d7:83:ce:dc:17:e6:
         35:52:3b:8b:4c:5c:9e:b2:6e:b4:c0:00:5a:f4:0c:e0:93:eb:
         11:94:2b:8e:07:50:a7:af:2e:eb:7e:d7:e0:8e:c1:c1:ec:9a:
         e3:23:95:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZWMYMKItxWxlWKfBjpQJXx7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTg3ZWY0ZjEyZTM2ZGZkYzY5ZjRkNGM5ZDQ1MGVlZWIz
ZmY2ZDUwHhcNMjUwMzEyMjIwMTQ2WhcNMjUwMzEzMjIwMTQ2WjAzMTEwLwYDVQQD
EyhhOWI0MGNkZGNhMzc0MjNjOTViY2U0ZGJiMmUxMTFjMTVmNGE2ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RL2m/J+sw4Z+74mPW79CPx51NGm
dCwCzHLWv+4icJ61iFI/TzgNebMijQsYSJOTRyT+mKqFVPYihGYoBPp5C+K5R3XX
OodHK0FSKEYtKZ9hP2D+P75YtfRMTRYOewHjdp4lkf1HjOU0qQ92R8KtNDAFi+74
FldP8aXR/5D6f5mxEPobGTBVtjGznwegOahW5VIBuyyiWUgBcd26YhC/L6Aptfbv
TbgnAn0x1AOQ3Ts35bAygIh4GkyCaxw4Q1MbJxsGCJ5jUuck7aMq/Dp0ldPhiUlZ
pNbKop6OuHnfUlCarSg23HVNW6lYCx4X15E0r7BYch8JmOtH0ch8YHkujQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKm0DN3KN0I8lbzk27LhEcFfSmhEMB8GA1UdIwQY
MBaAFDSofvTxLjbf3Gn01MnUUO7rP/bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQt
ZDQ5MGI4MTU1MDNiLzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQtZDQ5MGI4MTU1MDNi
LzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjhLxrhB2
9qL3sZzoBJMo9m7RZ6xo5XSjMZtV/zBjZVVQUxdfLbQAiAxwMGlSbMQPGNK5jH9M
y4+zThofUQB0wMzo3M2uuF/4CNUDVVbRC2fKEkhoazEU3vhfJrlPb8Dd/xnGlxrA
j0uDjCToTMmhdumAPTTHXTjjmmUefKsZRTVK9r+UzgDBGz87kqm85KfjqLkX6OMo
ptfFwMf1NeNrx+Qcq7h3hs6fDBfiuSFgFrOAUAWBjVfVjuzVfHvbHfKHXBT8rHsq
VjrTwk5by3yRexhh14PO3BfmNVI7i0xcnrJutMAAWvQM4JPrEZQrjgdQp68u637X
4I7Bweya4yOVEQ==
-----END CERTIFICATE-----