Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          qfzVbJFGREGsurVCSACr+VAAUWStY+1m19NEGEgUWtQ=
Subject key identifier:   D3:0B:51:2F:10:A7:E1:AC:4B:1E:3E:05:12:D9:54:4F:0D:B5:B3:02
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       01976E508B2AB76D1A4A1A649182C43CA7D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          0668
Signing time:             Sat 14 Jun 2025 12:01:01 +0000
Manifest this update:     Sat 14 Jun 2025 12:01:01 +0000
Manifest next update:     Sun 15 Jun 2025 12:01:01 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: uZ2r6+I4/O5l3jFqX/amHEzkkLd20Dzx3fMzsvk42vY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 12:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6e:50:8b:2a:b7:6d:1a:4a:1a:64:91:82:c4:3c:a7:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Jun 14 12:01:01 2025 GMT
            Not After : Jun 15 12:01:01 2025 GMT
        Subject: CN=d30b512f10a7e1ac4b1e3e0512d9544f0db5b302
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:48:46:72:fa:ab:ae:42:3f:7e:b9:d6:1e:6b:
                    34:8f:f3:01:ed:f5:c1:01:9f:8c:4e:12:43:64:96:
                    71:97:1a:77:fd:e6:73:b0:32:67:b4:67:c1:b0:9b:
                    40:63:b6:bb:1d:08:70:44:ce:47:52:46:90:2b:64:
                    80:f6:36:ba:a4:90:27:be:b6:48:3b:7f:a8:b3:3c:
                    a3:20:19:13:aa:6a:c1:f7:95:9a:2a:13:9d:96:49:
                    0e:ba:7e:dc:e2:1f:2f:fa:e9:bd:61:4b:51:9d:74:
                    02:d2:f7:94:f9:82:68:dd:5f:3c:0b:17:19:bf:3b:
                    47:a1:c4:d4:d7:62:31:63:f4:b2:e9:0d:b5:bd:5a:
                    6a:c2:c4:df:94:56:b9:29:53:9c:47:6e:28:64:7d:
                    c4:83:60:c6:c5:44:8a:f7:9a:0f:7a:b6:3b:ca:4b:
                    1f:e3:e6:29:71:15:eb:e4:45:d1:1b:13:ca:96:e1:
                    8b:a2:47:4d:4a:2c:3b:6a:f5:0b:49:b4:1f:c4:14:
                    f7:01:1e:81:02:09:9a:d9:07:be:65:31:26:40:e8:
                    3e:81:77:b1:d0:25:f8:77:9b:a2:b8:f7:27:91:27:
                    a1:0c:03:36:cb:64:75:25:3a:22:0d:58:59:0d:f9:
                    5d:aa:69:7a:d2:87:a9:d6:1a:7e:d5:c5:c2:bb:4c:
                    ce:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:0B:51:2F:10:A7:E1:AC:4B:1E:3E:05:12:D9:54:4F:0D:B5:B3:02
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:0d:38:f4:b9:9e:d3:a1:d7:95:8e:07:48:c1:b4:d5:da:8e:
         78:47:ec:f2:af:6c:b5:88:ea:55:32:d8:1e:14:42:4c:69:68:
         2e:8d:2f:56:c2:b2:fe:fa:72:4a:bc:b1:81:cb:d9:c3:f8:22:
         90:f2:be:77:39:1d:e5:3f:3c:b3:b9:3d:04:0d:31:5a:01:fc:
         f7:8f:4a:e5:ab:ce:42:5c:e2:13:ec:18:83:c9:10:c2:61:ce:
         0d:27:30:5d:d4:1e:f5:8c:c9:f4:e6:0f:0f:dd:fb:f2:03:c8:
         54:65:6b:42:1a:8b:4d:68:92:3c:f6:3b:e6:38:45:24:6a:93:
         43:f7:36:f3:71:c2:f6:0b:00:6c:6b:bb:e6:3c:a8:12:25:0e:
         1a:e6:ed:8d:43:26:76:5b:aa:08:0c:2a:cb:17:9d:54:21:fd:
         73:87:6c:11:aa:e9:ef:c1:50:93:0e:d6:51:b2:a0:61:f5:81:
         2f:d8:fd:ac:0f:8d:9d:5c:ce:d0:21:77:dd:40:c5:0a:db:80:
         95:9f:80:0f:37:02:82:e2:78:4a:48:83:58:9f:af:ba:1a:c9:
         7d:57:05:80:13:5c:a7:77:c4:e1:d1:a5:5e:73:62:3a:37:04:
         ea:39:3a:b0:fd:5b:83:67:4d:29:4e:83:dc:b7:7d:a5:66:8f:
         c5:41:e0:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZduUIsqt20aShpkkYLEPKfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjUwNjE0MTIwMTAxWhcNMjUwNjE1MTIwMTAxWjAzMTEwLwYDVQQD
EyhkMzBiNTEyZjEwYTdlMWFjNGIxZTNlMDUxMmQ5NTQ0ZjBkYjViMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UhGcvqrrkI/frnWHms0j/MB7fXB
AZ+MThJDZJZxlxp3/eZzsDJntGfBsJtAY7a7HQhwRM5HUkaQK2SA9ja6pJAnvrZI
O3+oszyjIBkTqmrB95WaKhOdlkkOun7c4h8v+um9YUtRnXQC0veU+YJo3V88CxcZ
vztHocTU12IxY/Sy6Q21vVpqwsTflFa5KVOcR24oZH3Eg2DGxUSK95oPerY7yksf
4+YpcRXr5EXRGxPKluGLokdNSiw7avULSbQfxBT3AR6BAgma2Qe+ZTEmQOg+gXex
0CX4d5uiuPcnkSehDAM2y2R1JToiDVhZDfldqml60oep1hp+1cXCu0zOKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNMLUS8Qp+GsSx4+BRLZVE8NtbMCMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQ049Lme
06HXlY4HSMG01dqOeEfs8q9stYjqVTLYHhRCTGloLo0vVsKy/vpySryxgcvZw/gi
kPK+dzkd5T88s7k9BA0xWgH8949K5avOQlziE+wYg8kQwmHODScwXdQe9YzJ9OYP
D9378gPIVGVrQhqLTWiSPPY75jhFJGqTQ/c283HC9gsAbGu75jyoEiUOGubtjUMm
dluqCAwqyxedVCH9c4dsEarp78FQkw7WUbKgYfWBL9j9rA+NnVzO0CF33UDFCtuA
lZ+ADzcCguJ4SkiDWJ+vuhrJfVcFgBNcp3fE4dGlXnNiOjcE6jk6sP1bg2dNKU6D
3Ld9pWaPxUHg3w==
-----END CERTIFICATE-----