Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
File:                     NGbkl-i6koMIR7TYtnEDJdI72oU.mft (raw, json)
Hash identifier:          /c6bvb2vC/QCiqEdZFt0SadKmRPzwnNZRSh143wk0nM=
Subject key identifier:   CE:98:93:29:57:6B:AE:FD:AD:51:06:BF:2D:1A:C9:4C:A2:C5:2F:8F
Authority key identifier: 34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85
Certificate issuer:       /CN=3466e497e8ba92830847b4d8b6710325d23bda85
Certificate serial:       0198729892D3CF475C3AEB91B9DCD0B9AED6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
Manifest number:          0675
Signing time:             Mon 04 Aug 2025 01:00:58 +0000
Manifest this update:     Mon 04 Aug 2025 01:00:58 +0000
Manifest next update:     Tue 05 Aug 2025 01:00:58 +0000
Files and hashes:         1: NGbkl-i6koMIR7TYtnEDJdI72oU.crl (hash: N6LY6xKbUXTmCcHGMYPTEqViW3GVwy+1nxX2+Ei2DFA=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 01:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:72:98:92:d3:cf:47:5c:3a:eb:91:b9:dc:d0:b9:ae:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3466e497e8ba92830847b4d8b6710325d23bda85
        Validity
            Not Before: Aug  4 01:00:58 2025 GMT
            Not After : Aug  5 01:00:58 2025 GMT
        Subject: CN=ce989329576baefdad5106bf2d1ac94ca2c52f8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:6f:ad:7d:27:73:80:cb:39:6f:2c:40:23:87:
                    6c:79:3f:c6:c3:00:08:c1:f0:52:37:30:e8:f2:f8:
                    f3:49:5d:80:90:d6:dc:79:22:20:01:ed:7f:fb:d8:
                    4e:04:91:89:bd:74:85:34:47:57:b7:bb:a9:8e:d0:
                    dd:7e:96:b7:92:28:55:91:98:b2:20:d6:2b:b2:d9:
                    4b:87:c0:6c:23:ec:c1:c8:43:b1:6a:18:94:36:29:
                    57:33:f4:c6:96:99:d7:51:06:3c:87:ad:d5:6d:dc:
                    f2:2a:cb:73:fa:73:8f:33:ea:e9:75:46:d3:37:53:
                    bc:d7:5c:76:03:53:cc:c4:b1:de:45:28:da:e7:1f:
                    f1:29:e6:89:f7:2d:c1:27:cd:00:56:54:f8:61:d0:
                    ad:01:18:d2:c4:8d:f9:e8:9f:d2:5c:fb:a1:61:58:
                    45:b5:3c:2a:32:fd:fd:88:9e:40:98:46:2a:4e:fb:
                    de:58:e8:81:0b:4b:26:45:f6:72:23:01:e0:74:e2:
                    79:af:0e:cd:c3:5c:67:d6:87:78:92:44:f9:2d:b6:
                    39:14:7e:a2:ef:f4:75:12:4b:f4:33:a5:ad:e1:82:
                    13:b5:3a:a0:b3:ca:a5:27:f8:98:3b:d8:79:e4:2a:
                    46:92:a6:4a:f3:a2:82:4c:fd:e5:54:40:1b:db:ef:
                    12:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:98:93:29:57:6B:AE:FD:AD:51:06:BF:2D:1A:C9:4C:A2:C5:2F:8F
            X509v3 Authority Key Identifier:
                keyid:34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:5b:11:39:4b:75:c9:1e:89:ab:55:52:42:8c:1c:30:75:86:
         f7:d1:06:76:0d:6f:75:2f:d6:fd:b2:a7:55:cb:fe:e4:2b:34:
         dd:6f:25:ba:68:eb:5e:60:b6:51:94:f7:94:52:e2:47:4c:ed:
         44:64:7b:00:ac:9e:12:a6:ba:cf:fd:9d:df:ce:a9:ad:50:66:
         bf:ce:d1:5e:94:12:4b:73:9e:aa:f7:41:c3:90:b1:f7:93:5f:
         4a:a7:d4:d4:27:f8:31:dc:20:98:48:b0:78:60:28:98:2c:17:
         e9:c6:a9:0b:21:bb:ce:ea:fe:39:31:46:3f:81:3d:db:67:1d:
         58:18:e8:00:51:3e:bb:13:bf:e5:8d:44:28:49:11:37:01:1d:
         a3:6a:e6:f7:5d:55:53:99:56:ce:c2:c5:30:a7:18:c2:da:2f:
         d0:7c:e1:43:22:e3:36:dd:85:f7:b8:96:c8:d5:36:80:a9:2a:
         f5:f8:2e:4e:3d:54:2b:cd:e6:fc:36:35:37:54:e4:d6:bc:ee:
         19:26:cd:2d:c3:09:ec:82:67:c8:b8:61:66:7f:f0:f9:69:0f:
         ec:e8:84:f8:99:13:bf:0b:a5:d7:ca:b0:e0:ac:f2:bd:96:4a:
         63:a1:f1:41:34:96:64:19:4e:c5:cd:40:ef:a3:24:af:4f:8c:
         74:1f:29:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhymJLTz0dcOuuRudzQua7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjZlNDk3ZThiYTkyODMwODQ3YjRkOGI2NzEwMzI1ZDIz
YmRhODUwHhcNMjUwODA0MDEwMDU4WhcNMjUwODA1MDEwMDU4WjAzMTEwLwYDVQQD
EyhjZTk4OTMyOTU3NmJhZWZkYWQ1MTA2YmYyZDFhYzk0Y2EyYzUyZjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtm+tfSdzgMs5byxAI4dseT/GwwAI
wfBSNzDo8vjzSV2AkNbceSIgAe1/+9hOBJGJvXSFNEdXt7upjtDdfpa3kihVkZiy
INYrstlLh8BsI+zByEOxahiUNilXM/TGlpnXUQY8h63VbdzyKstz+nOPM+rpdUbT
N1O811x2A1PMxLHeRSja5x/xKeaJ9y3BJ80AVlT4YdCtARjSxI356J/SXPuhYVhF
tTwqMv39iJ5AmEYqTvveWOiBC0smRfZyIwHgdOJ5rw7Nw1xn1od4kkT5LbY5FH6i
7/R1Ekv0M6Wt4YITtTqgs8qlJ/iYO9h55CpGkqZK86KCTP3lVEAb2+8SyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM6YkylXa679rVEGvy0ayUyixS+PMB8GA1UdIwQY
MBaAFDRm5JfoupKDCEe02LZxAyXSO9qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEt
ZGNhZDA4ZjJmMjNmLzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEtZGNhZDA4ZjJmMjNm
LzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQlsROUt1
yR6Jq1VSQowcMHWG99EGdg1vdS/W/bKnVcv+5Cs03W8lumjrXmC2UZT3lFLiR0zt
RGR7AKyeEqa6z/2d386prVBmv87RXpQSS3OeqvdBw5Cx95NfSqfU1Cf4MdwgmEiw
eGAomCwX6capCyG7zur+OTFGP4E922cdWBjoAFE+uxO/5Y1EKEkRNwEdo2rm911V
U5lWzsLFMKcYwtov0HzhQyLjNt2F97iWyNU2gKkq9fguTj1UK83m/DY1N1Tk1rzu
GSbNLcMJ7IJnyLhhZn/w+WkP7OiE+JkTvwul18qw4KzyvZZKY6HxQTSWZBlOxc1A
76Mkr0+MdB8pLA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:06:28 2025 by rpki-client