Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          ZfO4Kh/Tfa+6SVoJ5rPiNxGmr44nk5WcvZqTVEiw+G8=
Subject key identifier:   BA:B4:CA:6D:E8:54:3F:64:39:41:EF:46:92:1E:64:2D:6A:CD:A4:22
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       0198925A3447492E429E26C7E16074331E41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          03E4
Signing time:             Sun 10 Aug 2025 05:00:41 +0000
Manifest this update:     Sun 10 Aug 2025 05:00:41 +0000
Manifest next update:     Mon 11 Aug 2025 05:00:41 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: jHudeveq1LGozQYCbFZaAMBc0LdO6jnG4/HdqFANeMg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Aug 2025 05:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:92:5a:34:47:49:2e:42:9e:26:c7:e1:60:74:33:1e:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Aug 10 05:00:41 2025 GMT
            Not After : Aug 11 05:00:41 2025 GMT
        Subject: CN=bab4ca6de8543f643941ef46921e642d6acda422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:36:a9:0a:09:90:c5:f7:8d:74:89:a0:00:c0:
                    ba:0f:2c:ce:fa:4d:eb:cb:fd:7f:bd:19:8b:d1:24:
                    37:db:a4:75:b9:33:88:cd:b9:fd:48:e7:a3:fc:5e:
                    67:fe:f9:53:2e:9d:5e:57:1e:24:49:97:89:91:f8:
                    be:a2:c2:19:6e:cd:8e:e5:4d:dd:1d:d8:aa:61:a4:
                    86:51:35:9e:0f:e2:2a:7f:0e:b0:1c:2c:bf:c4:4f:
                    c0:73:3b:06:d4:7f:41:ef:f1:2a:7d:9c:77:d1:38:
                    64:67:e7:e1:4e:7e:d8:e9:a3:ac:06:a8:be:85:20:
                    77:3a:1d:1f:d8:2d:d3:7f:52:a1:76:42:65:9b:9e:
                    3c:63:f4:83:45:91:08:cf:23:e4:a9:45:e7:8b:e2:
                    3e:a8:f9:b8:d8:4a:8d:24:6e:6c:59:66:05:ed:fd:
                    2d:27:2b:f4:5d:99:91:0b:93:f5:24:a2:70:1c:d2:
                    74:00:4d:dc:1c:3a:a7:30:a7:f5:08:07:6e:d2:45:
                    4e:ee:f3:a6:ae:f1:6d:1e:07:b9:a1:c4:c2:04:49:
                    d5:3a:db:2a:64:c8:91:bc:94:1e:14:6d:68:b5:2b:
                    c8:8f:40:6a:c9:ae:34:87:e8:78:ff:a3:a5:34:e9:
                    8c:57:43:56:29:a6:1b:ec:f3:f2:45:94:b9:2d:cb:
                    04:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B4:CA:6D:E8:54:3F:64:39:41:EF:46:92:1E:64:2D:6A:CD:A4:22
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:c0:1a:ee:1d:f7:b2:07:44:9d:f0:c4:59:f4:c2:12:d1:cd:
         8b:36:1e:26:4f:73:1e:83:58:8a:96:db:eb:82:fa:f8:26:f7:
         01:23:d5:46:0d:92:0e:5c:ff:03:42:b0:b9:f6:be:b2:c6:d0:
         68:1a:be:64:b9:52:5d:aa:e1:6f:4d:bc:d0:ce:35:e9:77:a1:
         c3:4b:7b:3c:c4:8e:09:d4:ca:64:89:b5:a8:da:c0:83:06:f5:
         e1:62:ad:18:f3:f0:cb:ef:68:01:1c:6d:3b:2c:a9:b9:b2:bb:
         22:b1:46:16:72:fb:23:af:da:c5:e2:d8:89:0b:9f:93:b8:5f:
         7b:5b:7c:89:be:3a:d3:5c:fa:30:d2:3e:dc:f2:3b:9f:cf:9a:
         f5:6e:ed:8b:e3:82:02:8d:eb:34:43:db:63:17:ef:36:60:61:
         1b:77:38:97:03:79:f1:e1:3b:41:c7:2f:ed:c5:73:62:54:1b:
         6f:ef:a7:93:70:34:ea:6e:de:24:1e:b9:dd:6f:7d:22:49:55:
         60:34:69:b9:8f:95:1d:aa:5c:d5:54:cc:6e:1e:78:8e:85:19:
         4a:e3:7b:ee:6f:95:d8:5d:44:63:e2:fc:35:08:05:ce:e0:49:
         db:86:98:a6:78:49:43:a1:57:1f:fd:b7:7c:b3:bd:4a:16:74:
         38:d6:65:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiSWjRHSS5CnibH4WB0Mx5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjUwODEwMDUwMDQxWhcNMjUwODExMDUwMDQxWjAzMTEwLwYDVQQD
EyhiYWI0Y2E2ZGU4NTQzZjY0Mzk0MWVmNDY5MjFlNjQyZDZhY2RhNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TapCgmQxfeNdImgAMC6DyzO+k3r
y/1/vRmL0SQ326R1uTOIzbn9SOej/F5n/vlTLp1eVx4kSZeJkfi+osIZbs2O5U3d
HdiqYaSGUTWeD+Iqfw6wHCy/xE/AczsG1H9B7/EqfZx30ThkZ+fhTn7Y6aOsBqi+
hSB3Oh0f2C3Tf1KhdkJlm548Y/SDRZEIzyPkqUXni+I+qPm42EqNJG5sWWYF7f0t
Jyv0XZmRC5P1JKJwHNJ0AE3cHDqnMKf1CAdu0kVO7vOmrvFtHge5ocTCBEnVOtsq
ZMiRvJQeFG1otSvIj0Bqya40h+h4/6OlNOmMV0NWKaYb7PPyRZS5LcsEJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLq0ym3oVD9kOUHvRpIeZC1qzaQiMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaMAa7h33
sgdEnfDEWfTCEtHNizYeJk9zHoNYipbb64L6+Cb3ASPVRg2SDlz/A0Kwufa+ssbQ
aBq+ZLlSXarhb0280M416Xehw0t7PMSOCdTKZIm1qNrAgwb14WKtGPPwy+9oARxt
OyypubK7IrFGFnL7I6/axeLYiQufk7hfe1t8ib4601z6MNI+3PI7n8+a9W7ti+OC
Ao3rNEPbYxfvNmBhG3c4lwN58eE7Qccv7cVzYlQbb++nk3A06m7eJB653W99IklV
YDRpuY+VHapc1VTMbh54joUZSuN77m+V2F1EY+L8NQgFzuBJ24aYpnhJQ6FXH/23
fLO9ShZ0ONZl5w==
-----END CERTIFICATE-----