Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          6U7Vx5HKKjlWcU/29nPKKmGfD4tR8UPD9epu+Lo2DzY=
Subject key identifier:   F8:D1:0C:81:AA:90:A4:0F:A1:B8:55:F3:BE:BF:45:5B:00:29:3F:53
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       01987E9C78E4D143CDEEEC13A87939BD6857
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          06F5
Signing time:             Wed 06 Aug 2025 09:00:40 +0000
Manifest this update:     Wed 06 Aug 2025 09:00:40 +0000
Manifest next update:     Thu 07 Aug 2025 09:00:40 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: 0h36MHcqMrLdw60SDltex1dMcbIoAzBIlktxBePkhQI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 08:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7e:9c:78:e4:d1:43:cd:ee:ec:13:a8:79:39:bd:68:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Aug  6 09:00:40 2025 GMT
            Not After : Aug  7 09:00:40 2025 GMT
        Subject: CN=f8d10c81aa90a40fa1b855f3bebf455b00293f53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4a:84:5b:d9:14:d0:41:24:34:98:4c:c6:3e:
                    c8:43:73:32:33:58:fd:23:c9:02:c2:0d:d4:15:a4:
                    7a:ea:bd:2c:03:03:f7:72:d4:df:f0:fa:f4:16:f2:
                    d3:1a:7b:d9:c2:77:37:34:4b:da:35:d4:97:cc:b4:
                    da:81:62:a8:69:f2:2a:30:0a:6f:06:76:5d:85:59:
                    01:7d:cd:44:d3:cd:e1:a8:73:db:f1:8e:60:df:5d:
                    5a:c4:d8:c5:13:c3:df:5d:42:10:c4:da:d2:e1:b2:
                    51:74:4a:d3:d4:1a:1f:43:f6:86:cb:4e:f6:6d:36:
                    b7:5f:16:f4:3f:8c:1d:63:ee:a4:45:0f:9a:89:75:
                    a8:f6:15:ff:c6:6c:cf:5c:d3:b9:bf:93:66:27:aa:
                    48:92:46:90:54:b7:86:bd:a6:88:e2:8e:85:15:cd:
                    fa:e4:f3:7e:8e:e2:5d:8f:90:a3:a7:64:fa:0e:c1:
                    11:6a:9f:a9:2f:58:58:43:7f:12:ca:10:94:92:82:
                    e5:40:27:2b:69:19:a8:e6:38:62:d2:f0:90:7f:7a:
                    7d:c7:de:bb:d2:2d:4c:b9:51:13:87:f0:53:37:20:
                    13:80:d1:bc:a5:fe:af:e9:7a:c2:8c:65:27:3b:2a:
                    ce:ec:df:6a:f0:0b:ff:57:de:cb:f3:8d:29:fe:14:
                    ca:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:D1:0C:81:AA:90:A4:0F:A1:B8:55:F3:BE:BF:45:5B:00:29:3F:53
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:6f:7a:c3:52:60:44:91:41:35:b8:b6:16:51:62:2a:d0:a4:
         d7:29:67:18:29:6c:f6:21:f5:09:3a:07:e5:c5:fa:1c:09:e0:
         5c:1a:1e:e7:58:49:e0:e7:e8:c2:e2:ef:48:eb:10:ec:9c:85:
         06:26:0c:17:37:7e:1a:06:41:9e:3e:3a:90:0c:1a:b8:b1:ae:
         5e:9c:0b:32:50:17:89:08:64:ac:1a:27:e6:47:78:ce:e3:a4:
         52:75:bd:2b:eb:96:0e:83:c6:d9:0a:54:20:73:63:74:1e:b1:
         63:57:60:68:3c:0c:20:82:ea:83:4e:5a:25:f0:b9:99:c7:aa:
         18:db:0c:7b:d5:98:50:cd:2f:f9:99:a5:a5:e4:1a:1c:e5:3f:
         47:85:f4:7f:8c:b3:69:07:7b:b0:1a:82:ed:4d:a5:b8:3e:1c:
         26:d5:73:14:10:98:cd:0a:70:20:1d:e7:4c:89:29:57:e1:ee:
         00:10:fe:ce:f5:8c:fd:07:e6:5f:db:32:3a:e7:e5:14:d2:f0:
         42:a4:3c:15:ba:36:1f:64:01:bd:89:49:ac:4e:17:89:dc:e7:
         62:06:50:b2:7f:8d:0f:41:c5:24:b6:3c:2c:ce:a9:be:97:df:
         50:a6:13:f8:d6:e8:8a:12:1e:d8:e8:b4:f4:cd:93:85:89:96:
         ef:f2:a8:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+nHjk0UPN7uwTqHk5vWhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjUwODA2MDkwMDQwWhcNMjUwODA3MDkwMDQwWjAzMTEwLwYDVQQD
EyhmOGQxMGM4MWFhOTBhNDBmYTFiODU1ZjNiZWJmNDU1YjAwMjkzZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEqEW9kU0EEkNJhMxj7IQ3MyM1j9
I8kCwg3UFaR66r0sAwP3ctTf8Pr0FvLTGnvZwnc3NEvaNdSXzLTagWKoafIqMApv
BnZdhVkBfc1E083hqHPb8Y5g311axNjFE8PfXUIQxNrS4bJRdErT1BofQ/aGy072
bTa3Xxb0P4wdY+6kRQ+aiXWo9hX/xmzPXNO5v5NmJ6pIkkaQVLeGvaaI4o6FFc36
5PN+juJdj5Cjp2T6DsERap+pL1hYQ38SyhCUkoLlQCcraRmo5jhi0vCQf3p9x967
0i1MuVETh/BTNyATgNG8pf6v6XrCjGUnOyrO7N9q8Av/V97L840p/hTKowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjRDIGqkKQPobhV876/RVsAKT9TMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYG96w1Jg
RJFBNbi2FlFiKtCk1ylnGCls9iH1CToH5cX6HAngXBoe51hJ4OfowuLvSOsQ7JyF
BiYMFzd+GgZBnj46kAwauLGuXpwLMlAXiQhkrBon5kd4zuOkUnW9K+uWDoPG2QpU
IHNjdB6xY1dgaDwMIILqg05aJfC5mceqGNsMe9WYUM0v+ZmlpeQaHOU/R4X0f4yz
aQd7sBqC7U2luD4cJtVzFBCYzQpwIB3nTIkpV+HuABD+zvWM/QfmX9syOuflFNLw
QqQ8Fbo2H2QBvYlJrE4XidznYgZQsn+ND0HFJLY8LM6pvpffUKYT+NboihIe2Oi0
9M2ThYmW7/Kopw==
-----END CERTIFICATE-----