Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          fB8jTUJPyooaHeqPGhnQWnCTXnbW9zby0ZOwXl6OOrI=
Subject key identifier:   AB:86:FF:F9:A1:D0:82:17:86:50:72:B3:57:9A:0D:74:C4:02:AF:B9
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       0198745010A160E43DF6D53D00E84CD2C998
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          1614
Signing time:             Mon 04 Aug 2025 09:01:00 +0000
Manifest this update:     Mon 04 Aug 2025 09:01:00 +0000
Manifest next update:     Tue 05 Aug 2025 09:01:00 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: 9RCGvteDjU8zGr2hfXEKfm6zoQYxOAYQunY96f/zy30=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:74:50:10:a1:60:e4:3d:f6:d5:3d:00:e8:4c:d2:c9:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: Aug  4 09:01:00 2025 GMT
            Not After : Aug  5 09:01:00 2025 GMT
        Subject: CN=ab86fff9a1d08217865072b3579a0d74c402afb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4b:c7:de:1a:1b:31:89:4a:6f:96:00:15:7e:
                    63:b7:1f:c4:65:22:85:94:7a:ac:7e:5f:e8:13:e0:
                    22:fd:9c:17:f0:ad:9b:52:9b:45:5a:84:83:f8:68:
                    c9:7b:ce:81:06:62:94:0a:f6:7f:1d:53:a0:3c:da:
                    f3:e6:4f:f7:f3:69:a1:e6:a0:bd:56:4d:93:c5:97:
                    f3:c1:6d:40:69:9c:e1:94:8d:0f:ee:8f:a5:2b:fa:
                    5d:c4:2d:84:99:82:d5:cc:19:2a:a4:8a:01:5d:c9:
                    64:34:f0:d3:91:02:ec:3f:94:f4:37:80:4a:c0:58:
                    c3:c0:38:39:d4:64:fd:d7:7b:c4:f2:c4:b9:8a:fa:
                    23:a0:09:e3:22:df:26:dd:39:3b:69:b9:e8:f2:ab:
                    00:ab:dd:31:ef:de:ca:f8:7c:06:ff:b0:da:92:e1:
                    6c:b6:25:64:5c:e7:be:74:74:f0:52:54:91:2b:43:
                    65:4e:21:97:9c:e1:0e:12:ac:e4:33:fb:f8:bd:67:
                    8c:95:22:1d:ab:c6:bc:33:ee:82:18:35:df:32:0b:
                    51:7c:e7:a6:a8:c8:de:35:04:b2:37:a8:3f:99:3c:
                    00:71:98:69:81:78:d2:a8:2d:e4:74:01:d5:45:32:
                    da:e4:0f:4f:9c:ec:0c:0f:f4:62:f6:56:f5:81:a6:
                    17:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:86:FF:F9:A1:D0:82:17:86:50:72:B3:57:9A:0D:74:C4:02:AF:B9
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:cf:2e:da:a7:fd:c3:4c:58:9f:f8:9d:29:30:8b:b2:3e:c5:
         ee:5f:f7:76:1b:61:3f:2f:eb:5f:73:0b:86:02:50:e1:0b:74:
         57:d5:20:ba:22:ec:9e:e6:3b:40:17:ac:0c:d7:ff:9c:42:29:
         6e:b1:66:e0:6d:27:f7:e7:a8:4e:79:f5:2b:45:43:e3:67:df:
         c4:85:30:52:98:d6:fc:52:ae:49:3e:3f:0b:ad:53:ec:b8:b2:
         a9:ac:7e:e5:77:a5:30:2b:13:ad:79:9b:a1:22:bd:98:d1:fa:
         5d:0a:c9:cc:16:dd:88:7d:ae:c8:3d:41:07:a3:be:28:41:19:
         0a:b9:30:05:6e:a3:98:0b:4d:08:2b:44:d4:17:bb:15:77:6c:
         96:ed:87:6b:45:5b:27:53:3c:d7:ab:b5:49:76:97:ed:c7:37:
         45:9e:bb:4d:44:9e:c8:c0:bd:28:47:a4:0a:ef:0d:15:24:f6:
         5d:a8:3b:8d:7c:15:01:ef:7b:99:33:15:f7:42:ee:30:71:42:
         2f:35:82:c7:99:ff:8b:eb:72:ce:db:dd:79:eb:e2:0a:89:a9:
         7e:50:3f:05:51:aa:d4:ee:c1:22:a1:6f:9c:54:66:31:32:3e:
         3e:13:75:a3:5d:1a:65:05:0b:dd:07:b2:2b:43:44:80:7f:2f:
         79:2b:ac:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0UBChYOQ99tU9AOhM0smYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUwODA0MDkwMTAwWhcNMjUwODA1MDkwMTAwWjAzMTEwLwYDVQQD
EyhhYjg2ZmZmOWExZDA4MjE3ODY1MDcyYjM1NzlhMGQ3NGM0MDJhZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUvH3hobMYlKb5YAFX5jtx/EZSKF
lHqsfl/oE+Ai/ZwX8K2bUptFWoSD+GjJe86BBmKUCvZ/HVOgPNrz5k/382mh5qC9
Vk2TxZfzwW1AaZzhlI0P7o+lK/pdxC2EmYLVzBkqpIoBXclkNPDTkQLsP5T0N4BK
wFjDwDg51GT913vE8sS5ivojoAnjIt8m3Tk7abno8qsAq90x797K+HwG/7DakuFs
tiVkXOe+dHTwUlSRK0NlTiGXnOEOEqzkM/v4vWeMlSIdq8a8M+6CGDXfMgtRfOem
qMjeNQSyN6g/mTwAcZhpgXjSqC3kdAHVRTLa5A9PnOwMD/Ri9lb1gaYXVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuG//mh0IIXhlBys1eaDXTEAq+5MB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArs8u2qf9
w0xYn/idKTCLsj7F7l/3dhthPy/rX3MLhgJQ4Qt0V9UguiLsnuY7QBesDNf/nEIp
brFm4G0n9+eoTnn1K0VD42ffxIUwUpjW/FKuST4/C61T7Liyqax+5XelMCsTrXmb
oSK9mNH6XQrJzBbdiH2uyD1BB6O+KEEZCrkwBW6jmAtNCCtE1Be7FXdslu2Ha0Vb
J1M816u1SXaX7cc3RZ67TUSeyMC9KEekCu8NFST2Xag7jXwVAe97mTMV90LuMHFC
LzWCx5n/i+tyztvdeeviCompflA/BVGq1O7BIqFvnFRmMTI+PhN1o10aZQUL3Qey
K0NEgH8veSusZQ==
-----END CERTIFICATE-----