Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
File:                     NHBSPMWdTwUnV-cSKR4rt535KAA.mft (raw, json)
Hash identifier:          6w2WE4jhW1bj5RuOmutBY5F12Gcsyz2dspA3B0ma04k=
Subject key identifier:   7E:A1:89:86:8C:6D:88:90:D8:48:C4:C9:0A:9E:DB:C5:40:8A:F3:17
Authority key identifier: 34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00
Certificate issuer:       /CN=3470523cc59d4f052757e712291e2bb79df92800
Certificate serial:       019872CF0F98C4E858E82E99C8CDBF3CE731
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
Manifest number:          0125
Signing time:             Mon 04 Aug 2025 02:00:29 +0000
Manifest this update:     Mon 04 Aug 2025 02:00:29 +0000
Manifest next update:     Tue 05 Aug 2025 02:00:29 +0000
Files and hashes:         1: NHBSPMWdTwUnV-cSKR4rt535KAA.crl (hash: rANYlWNEGlGh550tbfh7/KBhcvNn65XkEaauqiAU6Z0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 02:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:cf:0f:98:c4:e8:58:e8:2e:99:c8:cd:bf:3c:e7:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3470523cc59d4f052757e712291e2bb79df92800
        Validity
            Not Before: Aug  4 02:00:29 2025 GMT
            Not After : Aug  5 02:00:29 2025 GMT
        Subject: CN=7ea189868c6d8890d848c4c90a9edbc5408af317
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:95:4f:7f:91:1f:b5:dd:aa:ef:00:bb:c8:e3:
                    6d:c1:39:45:d1:00:0f:41:9d:28:92:b5:f0:e6:f3:
                    72:34:26:0f:77:18:5c:c2:34:ab:20:eb:37:c0:d3:
                    92:20:ea:b4:cf:4d:64:ec:f1:ae:cf:7b:00:ec:73:
                    4f:fa:83:ba:c0:a4:36:99:3a:cc:66:cb:86:ea:91:
                    4b:8f:1d:ee:d2:3b:c6:45:0a:3f:c4:cb:db:bc:03:
                    1a:9f:c9:f5:f8:d7:d3:cf:39:03:43:de:52:ad:77:
                    3c:48:aa:90:b3:43:80:b0:11:1e:cc:6e:8d:68:a5:
                    0e:af:aa:12:ed:f9:3e:a0:10:64:f9:d1:e1:bc:2d:
                    8b:c6:b8:7a:01:6a:90:03:39:ee:d9:0b:63:f3:ec:
                    e9:51:f3:df:59:3c:a0:7c:5f:98:48:4b:66:09:74:
                    80:10:96:38:1e:d3:c3:17:1d:0a:24:b1:c0:63:0e:
                    84:90:24:65:0e:bf:15:f9:3d:44:ce:22:bf:3f:29:
                    87:23:72:d9:fe:34:23:83:62:bc:8d:df:9b:19:d7:
                    9f:ef:81:db:15:69:94:a0:d0:dd:9e:22:0a:7d:c9:
                    8c:ad:72:3a:27:06:72:b8:13:70:43:4b:fd:c3:bf:
                    e3:23:04:05:9b:7c:af:fe:3f:6e:95:12:c5:11:1b:
                    bb:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:A1:89:86:8C:6D:88:90:D8:48:C4:C9:0A:9E:DB:C5:40:8A:F3:17
            X509v3 Authority Key Identifier:
                keyid:34:70:52:3C:C5:9D:4F:05:27:57:E7:12:29:1E:2B:B7:9D:F9:28:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHBSPMWdTwUnV-cSKR4rt535KAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a280d8-8dba-4566-a238-33a3f3f003a5/1/NHBSPMWdTwUnV-cSKR4rt535KAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:bc:04:d1:60:2f:e1:47:76:a9:3b:90:2b:ea:e6:a3:1b:4a:
         14:20:33:22:c4:ba:10:04:f8:c0:2f:a4:07:01:40:d3:9f:74:
         dd:25:28:8c:f1:0d:94:7f:d2:48:f9:59:fe:a0:53:bd:98:39:
         f8:a4:85:c7:fd:8a:9e:32:75:79:4e:be:d8:98:fa:31:bb:7f:
         67:bb:7d:37:5b:b5:3e:16:76:64:92:9a:e1:fc:ae:36:20:a6:
         8e:ee:39:60:83:8d:8d:55:dd:66:e0:90:c7:1f:32:bf:82:01:
         70:3c:be:c0:93:c4:1c:79:e1:04:c2:68:93:99:75:2e:cc:ab:
         7d:78:8f:7c:7b:ee:7c:79:31:06:1f:b6:07:75:de:b8:1e:90:
         91:5b:a9:4e:80:38:29:cd:4d:73:91:77:f2:95:ee:37:60:ea:
         9c:0b:81:57:f8:09:81:4d:e9:23:85:4e:99:af:e0:48:0e:54:
         24:82:17:c2:65:4e:f1:62:05:b2:d7:8e:7c:74:4b:fc:a1:64:
         fa:33:38:be:aa:20:31:1f:d0:91:9e:81:1e:29:aa:6b:13:1d:
         b1:4f:c4:83:4a:6c:1b:27:27:84:d7:a4:35:cc:bc:c8:99:c3:
         f7:04:f9:27:e7:a1:1c:e7:8e:57:9a:ff:e6:52:a4:43:08:a5:
         9e:e1:bd:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhyzw+YxOhY6C6ZyM2/POcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzA1MjNjYzU5ZDRmMDUyNzU3ZTcxMjI5MWUyYmI3OWRm
OTI4MDAwHhcNMjUwODA0MDIwMDI5WhcNMjUwODA1MDIwMDI5WjAzMTEwLwYDVQQD
Eyg3ZWExODk4NjhjNmQ4ODkwZDg0OGM0YzkwYTllZGJjNTQwOGFmMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5pVPf5Eftd2q7wC7yONtwTlF0QAP
QZ0okrXw5vNyNCYPdxhcwjSrIOs3wNOSIOq0z01k7PGuz3sA7HNP+oO6wKQ2mTrM
ZsuG6pFLjx3u0jvGRQo/xMvbvAMan8n1+NfTzzkDQ95SrXc8SKqQs0OAsBEezG6N
aKUOr6oS7fk+oBBk+dHhvC2Lxrh6AWqQAznu2Qtj8+zpUfPfWTygfF+YSEtmCXSA
EJY4HtPDFx0KJLHAYw6EkCRlDr8V+T1EziK/PymHI3LZ/jQjg2K8jd+bGdef74Hb
FWmUoNDdniIKfcmMrXI6JwZyuBNwQ0v9w7/jIwQFm3yv/j9ulRLFERu7pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH6hiYaMbYiQ2EjEyQqe28VAivMXMB8GA1UdIwQY
MBaAFDRwUjzFnU8FJ1fnEikeK7ed+SgAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgt
MzNhM2YzZjAwM2E1LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hMjgwZDgtOGRiYS00NTY2LWEyMzgtMzNhM2YzZjAwM2E1
LzEvTkhCU1BNV2RUd1VuVi1jU0tSNHJ0NTM1S0FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUrwE0WAv
4Ud2qTuQK+rmoxtKFCAzIsS6EAT4wC+kBwFA05903SUojPENlH/SSPlZ/qBTvZg5
+KSFx/2KnjJ1eU6+2Jj6Mbt/Z7t9N1u1PhZ2ZJKa4fyuNiCmju45YIONjVXdZuCQ
xx8yv4IBcDy+wJPEHHnhBMJok5l1LsyrfXiPfHvufHkxBh+2B3XeuB6QkVupToA4
Kc1Nc5F38pXuN2DqnAuBV/gJgU3pI4VOma/gSA5UJIIXwmVO8WIFsteOfHRL/KFk
+jM4vqogMR/QkZ6BHimqaxMdsU/Eg0psGycnhNekNcy8yJnD9wT5J+ehHOeOV5r/
5lKkQwilnuG9IQ==
-----END CERTIFICATE-----