Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
File:                     NO2iVBz8z2guKd2uYx7cjR57b2A.mft (raw, json)
Hash identifier:          WrwlxgRBLKQd18D622ltu3i2QJNB+YEQZfHG7kuLidI=
Subject key identifier:   3F:55:06:9A:87:CA:68:55:C2:F9:06:9E:4A:71:F1:D8:10:B7:1A:7C
Authority key identifier: 34:ED:A2:54:1C:FC:CF:68:2E:29:DD:AE:63:1E:DC:8D:1E:7B:6F:60
Certificate issuer:       /CN=34eda2541cfccf682e29ddae631edc8d1e7b6f60
Certificate serial:       019873E1D72EC3F6A77C1E42A57758C92183
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
Manifest number:          06C5
Signing time:             Mon 04 Aug 2025 07:00:37 +0000
Manifest this update:     Mon 04 Aug 2025 07:00:37 +0000
Manifest next update:     Tue 05 Aug 2025 07:00:37 +0000
Files and hashes:         1: NO2iVBz8z2guKd2uYx7cjR57b2A.crl (hash: tCACXSfrpsWQcZMT1nO7tv/lDmyvMkLR+UQ+dXwolX4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:73:e1:d7:2e:c3:f6:a7:7c:1e:42:a5:77:58:c9:21:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34eda2541cfccf682e29ddae631edc8d1e7b6f60
        Validity
            Not Before: Aug  4 07:00:37 2025 GMT
            Not After : Aug  5 07:00:37 2025 GMT
        Subject: CN=3f55069a87ca6855c2f9069e4a71f1d810b71a7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:ae:cb:62:6e:08:5b:72:2c:c0:7f:5e:41:be:
                    62:55:5b:25:7b:d7:6f:34:22:09:f9:78:bc:be:3a:
                    a2:07:66:01:6c:9b:e7:a5:6c:32:88:3f:7c:e6:01:
                    7d:87:e0:36:c3:55:47:a6:dd:dd:04:01:9c:90:3b:
                    f0:34:d2:8f:27:ed:e8:5f:f4:89:f1:84:e4:91:62:
                    9a:e1:52:74:9a:f3:a1:74:80:30:e3:b6:1c:98:fb:
                    9b:fd:13:6f:49:b1:3a:08:8b:c0:67:77:56:8f:e6:
                    29:13:71:0c:f8:38:53:a7:da:18:1e:af:fb:df:0b:
                    4b:eb:89:29:28:bd:6d:9e:0f:03:74:b6:ba:3e:d1:
                    9f:4a:02:b1:2b:b3:91:29:c8:73:e0:f4:31:a5:10:
                    52:b7:a0:4b:e2:89:cd:dc:40:0a:4a:98:c8:1a:0f:
                    40:13:af:b1:dd:d9:23:1f:a2:8c:5c:a9:78:db:e1:
                    50:e1:10:f8:4a:6b:30:cd:f6:42:6c:30:17:71:93:
                    a9:50:5b:76:95:e9:1d:7f:8b:4a:85:87:80:8f:02:
                    c0:5d:04:c3:be:21:6d:8e:52:27:62:4c:78:10:ea:
                    fa:7c:61:0e:0f:ec:33:2f:c9:c0:80:68:1f:04:ee:
                    9e:42:6b:b2:45:50:6b:26:78:7c:7f:3d:6e:b0:6c:
                    21:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:55:06:9A:87:CA:68:55:C2:F9:06:9E:4A:71:F1:D8:10:B7:1A:7C
            X509v3 Authority Key Identifier:
                keyid:34:ED:A2:54:1C:FC:CF:68:2E:29:DD:AE:63:1E:DC:8D:1E:7B:6F:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NO2iVBz8z2guKd2uYx7cjR57b2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/c7244e-b103-43b1-912f-aa632ddb7615/1/NO2iVBz8z2guKd2uYx7cjR57b2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:64:ae:d4:cf:f0:d8:ca:ed:e8:75:cf:92:c2:dc:29:5a:bd:
         db:3b:c9:8c:18:08:33:ea:93:f8:30:dc:10:7e:80:05:a8:f0:
         70:a9:8e:16:a8:52:21:1b:b8:98:dc:02:75:96:a9:78:bf:91:
         f6:dc:1e:73:97:25:8d:d2:72:f8:2f:af:6e:8e:78:4b:71:40:
         45:84:67:fe:a8:fb:ae:11:30:ab:9c:ff:2e:ac:90:3f:62:ac:
         35:2e:d1:02:d8:ec:49:12:89:69:9b:2b:6a:23:32:fe:5c:4e:
         20:1d:35:d6:b1:31:ca:a6:75:d4:bf:84:27:bf:b0:eb:b6:f5:
         c0:83:3a:ad:93:19:63:fd:f5:29:66:12:85:ae:42:b5:90:7f:
         e8:69:e5:db:41:fc:f4:09:bc:c5:f1:d6:a8:65:ae:b5:33:83:
         f3:bd:8d:3c:6a:d4:e6:f5:6a:f0:b0:d5:12:dc:22:1e:b0:79:
         9f:34:ee:19:8b:f7:9b:81:4a:05:76:b1:01:c4:bf:04:80:d0:
         a3:be:27:e3:13:00:35:09:61:46:81:c4:f0:c2:33:ba:eb:02:
         d8:b7:a5:1b:d4:2d:ae:fb:0d:a1:ac:f5:3f:56:96:87:ce:ab:
         72:4c:30:7b:fc:85:f3:28:bc:2d:b4:8d:6b:41:ed:11:90:66:
         ea:bb:8a:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhz4dcuw/anfB5CpXdYySGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZWRhMjU0MWNmY2NmNjgyZTI5ZGRhZTYzMWVkYzhkMWU3
YjZmNjAwHhcNMjUwODA0MDcwMDM3WhcNMjUwODA1MDcwMDM3WjAzMTEwLwYDVQQD
EygzZjU1MDY5YTg3Y2E2ODU1YzJmOTA2OWU0YTcxZjFkODEwYjcxYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq7LYm4IW3IswH9eQb5iVVsle9dv
NCIJ+Xi8vjqiB2YBbJvnpWwyiD985gF9h+A2w1VHpt3dBAGckDvwNNKPJ+3oX/SJ
8YTkkWKa4VJ0mvOhdIAw47YcmPub/RNvSbE6CIvAZ3dWj+YpE3EM+DhTp9oYHq/7
3wtL64kpKL1tng8DdLa6PtGfSgKxK7ORKchz4PQxpRBSt6BL4onN3EAKSpjIGg9A
E6+x3dkjH6KMXKl42+FQ4RD4SmswzfZCbDAXcZOpUFt2lekdf4tKhYeAjwLAXQTD
viFtjlInYkx4EOr6fGEOD+wzL8nAgGgfBO6eQmuyRVBrJnh8fz1usGwh4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD9VBpqHymhVwvkGnkpx8dgQtxp8MB8GA1UdIwQY
MBaAFDTtolQc/M9oLindrmMe3I0ee29gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jNzI0NGUtYjEwMy00M2IxLTkxMmYt
YWE2MzJkZGI3NjE1LzEvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jNzI0NGUtYjEwMy00M2IxLTkxMmYtYWE2MzJkZGI3NjE1
LzEvTk8yaVZCejh6Mmd1S2QydVl4N2NqUjU3YjJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAWSu1M/w
2Mrt6HXPksLcKVq92zvJjBgIM+qT+DDcEH6ABajwcKmOFqhSIRu4mNwCdZapeL+R
9twec5cljdJy+C+vbo54S3FARYRn/qj7rhEwq5z/LqyQP2KsNS7RAtjsSRKJaZsr
aiMy/lxOIB011rExyqZ11L+EJ7+w67b1wIM6rZMZY/31KWYSha5CtZB/6Gnl20H8
9Am8xfHWqGWutTOD872NPGrU5vVq8LDVEtwiHrB5nzTuGYv3m4FKBXaxAcS/BIDQ
o74n4xMANQlhRoHE8MIzuusC2LelG9QtrvsNoaz1P1aWh86rckwwe/yF8yi8LbSN
a0HtEZBm6ruKAw==
-----END CERTIFICATE-----