Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
File:                     NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json)
Hash identifier:          f4GRTVnTQAM06zW9dwL+M3ZRy8P/11auNwQMAS8UvDU=
Subject key identifier:   12:BB:B3:DB:2D:BA:9E:B9:A8:DB:AA:74:1D:5E:04:1D:B7:47:EF:3D
Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00
Certificate issuer:       /CN=3470523cc59d4f052757e712291e2bb79df92800
Certificate serial:       0197684E8D98885B284E679CC5D7192FD946
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
Manifest number:          9B
Signing time:             Fri 13 Jun 2025 08:01:07 +0000
Manifest this update:     Fri 13 Jun 2025 08:01:07 +0000
Manifest next update:     Sat 14 Jun 2025 08:01:07 +0000
Files and hashes:         1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: /5LLzBPIagwYSiztbu/LGkTH0vZcwZeN0JpY41seMMk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 08:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:68:4e:8d:98:88:5b:28:4e:67:9c:c5:d7:19:2f:d9:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800
        Validity
            Not Before: Jun 13 08:01:07 2025 GMT
            Not After : Jun 14 08:01:07 2025 GMT
        Subject: CN=12bbb3db2dba9eb9a8dbaa741d5e041db747ef3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d8:50:38:ec:b4:95:9d:e7:fe:be:71:ba:c1:
                    8b:17:e3:9f:66:22:3d:ac:1d:9e:e6:8c:a0:47:46:
                    6e:9f:5b:e2:14:aa:56:f7:fc:10:76:44:c2:c7:c3:
                    17:bc:bc:d8:9e:48:88:6f:6e:76:26:73:8f:c4:a3:
                    16:f9:f5:a1:08:3f:07:28:e1:ea:b4:37:3c:56:0c:
                    30:89:00:ae:73:15:ef:83:65:44:f2:8e:ce:38:8c:
                    81:4b:6d:78:d7:1e:12:f9:f6:96:3a:09:c7:82:b3:
                    3f:fa:1f:ec:76:3e:d6:92:71:9f:ed:ac:99:d8:fd:
                    2e:ec:3b:f0:f5:c2:6f:b1:8d:b0:90:7b:d9:dc:19:
                    19:1f:a4:04:63:b9:3a:5b:e5:6c:d5:96:ad:7b:fa:
                    d7:4d:e1:28:d3:39:be:02:14:6a:ed:6c:aa:39:14:
                    fb:82:f6:f2:ce:b5:24:c2:82:f7:7f:6b:6f:0a:93:
                    a1:06:07:9b:ec:66:8b:49:3d:99:1d:02:ec:9d:06:
                    23:0a:95:2d:f2:eb:cd:8a:ed:fb:41:57:8b:f1:39:
                    3e:4f:e3:9a:83:2a:91:fa:44:a9:9e:fc:c2:45:33:
                    91:0d:6e:2f:83:54:99:8a:4c:75:81:6a:70:80:b6:
                    58:0e:64:72:c6:84:c4:bb:22:e3:78:f0:3a:70:b1:
                    37:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:BB:B3:DB:2D:BA:9E:B9:A8:DB:AA:74:1D:5E:04:1D:B7:47:EF:3D
            X509v3 Authority Key Identifier:
                keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:6b:35:74:33:e7:15:34:5d:c1:3e:1d:36:11:c6:80:9b:c7:
         dc:32:33:8e:29:78:af:f2:92:b5:0b:f7:ab:d2:f8:cf:86:7e:
         ee:95:05:d2:27:37:b7:18:e0:f0:28:9d:26:99:e9:b9:19:0a:
         34:5d:77:51:4e:77:8e:db:3d:a7:35:5b:12:2e:c1:bb:0a:57:
         d9:4e:94:a9:f7:57:61:92:1e:a6:eb:96:4b:3c:15:96:1f:e2:
         ef:4c:76:65:8f:22:d3:b7:7f:20:ec:86:b9:62:e3:b1:ad:78:
         e1:5c:cb:9f:dd:41:b1:b5:e6:fa:11:b3:6e:cc:94:8e:f4:4c:
         05:c3:16:ea:97:78:21:2c:8c:f9:d9:e4:98:f5:4e:25:0d:aa:
         55:15:d6:cc:c6:27:53:ff:3e:1c:69:eb:62:0b:9c:6f:54:65:
         ed:39:3e:5f:06:4e:57:0a:3e:64:26:d3:2f:26:f9:56:be:61:
         b2:f1:4a:45:f4:c3:7e:f3:b3:42:b0:3e:a9:28:03:56:8f:26:
         07:2b:91:4c:75:2c:78:bc:f9:5e:a3:60:eb:c7:90:c6:c7:61:
         6a:77:72:96:f5:92:ca:f8:d9:d3:0c:ae:83:fd:1f:84:0a:a1:
         2b:d9:35:df:17:7a:76:67:bc:b6:4e:ae:a3:ca:f5:bb:89:61:
         f7:da:c9:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdoTo2YiFsoTmecxdcZL9lGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm
OTI4MDAwHhcNMjUwNjEzMDgwMTA3WhcNMjUwNjE0MDgwMTA3WjAzMTEwLwYDVQQD
EygxMmJiYjNkYjJkYmE5ZWI5YThkYmFhNzQxZDVlMDQxZGI3NDdlZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9hQOOy0lZ3n/r5xusGLF+OfZiI9
rB2e5oygR0Zun1viFKpW9/wQdkTCx8MXvLzYnkiIb252JnOPxKMW+fWhCD8HKOHq
tDc8VgwwiQCucxXvg2VE8o7OOIyBS2141x4S+faWOgnHgrM/+h/sdj7WknGf7ayZ
2P0u7Dvw9cJvsY2wkHvZ3BkZH6QEY7k6W+Vs1Zate/rXTeEo0zm+AhRq7WyqORT7
gvbyzrUkwoL3f2tvCpOhBgeb7GaLST2ZHQLsnQYjCpUt8uvNiu37QVeL8Tk+T+Oa
gyqR+kSpnvzCRTORDW4vg1SZikx1gWpwgLZYDmRyxoTEuyLjePA6cLE3lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBK7s9stup65qNuqdB1eBB23R+89MB8GA1UdIwQY
MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt
MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1
LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMms1dDPn
FTRdwT4dNhHGgJvH3DIzjil4r/KStQv3q9L4z4Z+7pUF0ic3txjg8CidJpnpuRkK
NF13UU53jts9pzVbEi7BuwpX2U6UqfdXYZIepuuWSzwVlh/i70x2ZY8i07d/IOyG
uWLjsa144VzLn91BsbXm+hGzbsyUjvRMBcMW6pd4ISyM+dnkmPVOJQ2qVRXWzMYn
U/8+HGnrYgucb1Rl7Tk+XwZOVwo+ZCbTLyb5Vr5hsvFKRfTDfvOzQrA+qSgDVo8m
ByuRTHUseLz5XqNg68eQxsdhandylvWSyvjZ0wyug/0fhAqhK9k13xd6dme8tk6u
o8r1u4lh99rJqQ==
-----END CERTIFICATE-----