Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
File:                     NWlXUM1GUx3eil-yZyzcgw09DG4.mft (raw, json)
Hash identifier:          dGgjHPEf9G8twz34kqhIoAclmdGn/vMAMrwzHZCEBdc=
Subject key identifier:   31:DE:30:12:12:6C:AE:C0:86:0D:39:6F:07:4F:BB:73:B2:65:0B:45
Authority key identifier: 35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E
Certificate issuer:       /CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
Certificate serial:       01987E9C8ED9202962A5688F1492545901AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
Manifest number:          0439
Signing time:             Wed 06 Aug 2025 09:00:45 +0000
Manifest this update:     Wed 06 Aug 2025 09:00:45 +0000
Manifest next update:     Thu 07 Aug 2025 09:00:45 +0000
Files and hashes:         1: NWlXUM1GUx3eil-yZyzcgw09DG4.crl (hash: imvHuyv+/GphDPe4LTrb9YNkAzksz/hi8TC67HJYw/E=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 08:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:7e:9c:8e:d9:20:29:62:a5:68:8f:14:92:54:59:01:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
        Validity
            Not Before: Aug  6 09:00:45 2025 GMT
            Not After : Aug  7 09:00:45 2025 GMT
        Subject: CN=31de3012126caec0860d396f074fbb73b2650b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:78:33:c1:e1:19:65:eb:d6:4f:da:2d:63:fe:
                    80:32:0e:62:a8:be:43:86:a0:3c:52:8b:c7:e0:ad:
                    73:54:1b:ac:57:c3:05:36:58:e7:3b:bd:bd:f9:62:
                    44:b4:3c:fe:36:2e:21:a7:67:0e:0b:e0:a6:01:23:
                    b5:81:bc:13:bc:ac:cf:4b:92:7d:69:b4:07:ab:e7:
                    8d:4b:13:85:d4:6d:13:79:49:f9:c2:45:63:e4:b4:
                    b4:78:e8:49:bd:8b:ee:d8:6f:78:15:29:0b:52:54:
                    87:f6:61:a2:90:9a:31:a5:2d:5a:1c:5c:6b:a8:7f:
                    9c:54:86:27:70:3a:29:6c:77:71:42:cd:30:29:39:
                    b1:3b:34:9a:b4:47:ff:1f:db:2e:d0:4b:8f:8d:5e:
                    c4:9e:a9:55:93:2c:1d:04:dd:34:2e:e3:8e:29:64:
                    ad:f7:ce:45:8a:5b:ec:87:90:c3:4e:7d:9f:91:fd:
                    cd:e6:16:03:1d:0a:23:7b:cd:b0:a7:cb:df:72:c2:
                    d5:b9:3c:7a:92:9b:f0:ec:11:14:79:3e:f7:ff:1b:
                    c5:14:61:57:8b:f9:2c:ca:97:84:f2:ac:eb:89:ff:
                    10:35:9d:69:da:69:27:b6:8b:86:50:1f:b5:34:15:
                    b6:42:91:cb:fb:a8:82:56:5f:52:9a:c0:aa:cf:53:
                    32:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:DE:30:12:12:6C:AE:C0:86:0D:39:6F:07:4F:BB:73:B2:65:0B:45
            X509v3 Authority Key Identifier:
                keyid:35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:33:16:ef:7f:44:06:8c:5c:bf:f4:40:3b:f4:9e:10:7d:b6:
         0b:14:3f:9d:d5:7f:75:0d:4a:28:1f:34:bd:a8:e1:9b:ff:22:
         0d:15:17:d4:0b:28:c6:2e:4f:fc:19:a8:ef:89:1b:1e:55:e8:
         15:33:d1:ce:72:d8:03:6f:cc:00:ef:cc:a5:d7:8c:28:77:80:
         4f:83:35:67:63:f1:f4:f1:71:d3:df:27:c1:39:e9:74:e6:9e:
         b3:3a:67:47:6c:28:c6:0f:63:e0:a7:5a:ce:06:07:39:aa:c4:
         9e:41:70:8b:4e:97:8d:73:77:18:92:00:df:02:d7:c6:3d:af:
         b8:60:3a:da:be:a6:4c:01:14:2a:e2:25:19:be:91:94:15:eb:
         68:c3:ad:69:cb:e8:1e:92:6a:cb:7a:cd:84:25:fa:c3:a0:50:
         d7:48:26:b9:94:88:93:9b:05:d2:f1:4b:0d:e8:42:e6:cf:52:
         6f:fc:00:3b:49:cf:43:8b:dd:c4:3f:90:77:10:a3:21:b6:27:
         7f:43:86:2e:96:49:9c:ed:62:e3:b1:4f:71:fc:12:12:f6:b6:
         43:eb:35:03:bc:51:89:17:ea:d7:cf:3f:92:db:e7:cf:b8:e2:
         91:de:b0:76:35:3c:ab:01:d2:b7:93:24:19:80:bc:1f:d2:49:
         ce:3f:9d:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh+nI7ZIClipWiPFJJUWQGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Njk1NzUwY2Q0NjUzMWRkZThhNWZiMjY3MmNkYzgzMGQz
ZDBjNmUwHhcNMjUwODA2MDkwMDQ1WhcNMjUwODA3MDkwMDQ1WjAzMTEwLwYDVQQD
EygzMWRlMzAxMjEyNmNhZWMwODYwZDM5NmYwNzRmYmI3M2IyNjUwYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHgzweEZZevWT9otY/6AMg5iqL5D
hqA8UovH4K1zVBusV8MFNljnO729+WJEtDz+Ni4hp2cOC+CmASO1gbwTvKzPS5J9
abQHq+eNSxOF1G0TeUn5wkVj5LS0eOhJvYvu2G94FSkLUlSH9mGikJoxpS1aHFxr
qH+cVIYncDopbHdxQs0wKTmxOzSatEf/H9su0EuPjV7EnqlVkywdBN00LuOOKWSt
985Filvsh5DDTn2fkf3N5hYDHQoje82wp8vfcsLVuTx6kpvw7BEUeT73/xvFFGFX
i/ksypeE8qzrif8QNZ1p2mkntouGUB+1NBW2QpHL+6iCVl9SmsCqz1MyfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHeMBISbK7Ahg05bwdPu3OyZQtFMB8GA1UdIwQY
MBaAFDVpV1DNRlMd3opfsmcs3IMNPQxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDct
NzdiZmEzN2ZhMDcxLzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDctNzdiZmEzN2ZhMDcx
LzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZjMW739E
Boxcv/RAO/SeEH22CxQ/ndV/dQ1KKB80vajhm/8iDRUX1Asoxi5P/Bmo74kbHlXo
FTPRznLYA2/MAO/MpdeMKHeAT4M1Z2Px9PFx098nwTnpdOaeszpnR2woxg9j4Kda
zgYHOarEnkFwi06XjXN3GJIA3wLXxj2vuGA62r6mTAEUKuIlGb6RlBXraMOtacvo
HpJqy3rNhCX6w6BQ10gmuZSIk5sF0vFLDehC5s9Sb/wAO0nPQ4vdxD+QdxCjIbYn
f0OGLpZJnO1i47FPcfwSEva2Q+s1A7xRiRfq188/ktvnz7jikd6wdjU8qwHSt5Mk
GYC8H9JJzj+dGA==
-----END CERTIFICATE-----