Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
File:                     NHi9VqAesq4wdvaW0B1P_NFAGp8.mft (raw, json)
Hash identifier:          N1chN0Sk4VYmvMuAjsTZg42OuPyWLQ0Mes47zp3LxRk=
Subject key identifier:   03:A9:73:82:BB:36:B8:F5:07:8B:A0:4D:DD:4C:94:E1:B5:0F:FA:C1
Authority key identifier: 34:78:BD:56:A0:1E:B2:AE:30:76:F6:96:D0:1D:4F:FC:D1:40:1A:9F
Certificate issuer:       /CN=3478bd56a01eb2ae3076f696d01d4ffcd1401a9f
Certificate serial:       019896A4BD99687A050C57B1F569417B925D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
Manifest number:          1628
Signing time:             Mon 11 Aug 2025 01:00:35 +0000
Manifest this update:     Mon 11 Aug 2025 01:00:35 +0000
Manifest next update:     Tue 12 Aug 2025 01:00:35 +0000
Files and hashes:         1: NHi9VqAesq4wdvaW0B1P_NFAGp8.crl (hash: keU/TMMSkeWfmY8Zwqrb5+6/1HxnRnCmvUiX3l6K8g0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 01:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:96:a4:bd:99:68:7a:05:0c:57:b1:f5:69:41:7b:92:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3478bd56a01eb2ae3076f696d01d4ffcd1401a9f
        Validity
            Not Before: Aug 11 01:00:35 2025 GMT
            Not After : Aug 12 01:00:35 2025 GMT
        Subject: CN=03a97382bb36b8f5078ba04ddd4c94e1b50ffac1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c9:ff:d0:0c:a1:b5:ce:bf:fe:d2:4e:95:8d:
                    85:8e:75:7b:d9:d4:e1:20:d3:1c:31:1a:a8:aa:b2:
                    ad:c7:93:03:e7:f0:82:8e:34:66:6e:b0:cd:ca:de:
                    20:3c:08:aa:04:8d:ab:81:fc:fd:40:dd:8c:a6:74:
                    83:59:54:2d:91:fa:7d:b6:dc:ec:38:8f:00:5a:50:
                    ae:ea:6f:27:5d:82:dc:d3:8b:81:81:16:e1:8f:c7:
                    2a:af:0c:51:46:c7:60:8a:f5:18:a0:a1:bd:43:f6:
                    12:20:0c:c2:eb:74:4e:c3:a1:38:e5:99:33:0c:9c:
                    d5:ca:f4:dc:4e:bd:06:46:7f:13:a0:a7:55:6b:ec:
                    b3:51:5a:50:1b:0f:f1:26:04:fa:34:bc:82:86:86:
                    d7:b9:35:4d:f3:7d:24:07:81:78:96:88:1e:1a:ab:
                    b6:a8:cb:41:c3:bd:01:e3:94:6b:e7:2e:23:56:a1:
                    07:e1:7f:0d:b6:b3:e5:fc:95:56:c2:b3:3b:17:b8:
                    a5:a8:00:ad:c8:8e:35:b7:22:65:e7:c6:e4:b6:83:
                    d5:56:06:54:70:0f:b5:8c:30:d9:e1:2a:f0:4c:3c:
                    46:2b:42:38:6d:58:b8:e1:34:23:fd:b1:ae:01:82:
                    f7:7a:05:cb:ab:d7:8c:fb:3a:51:e3:50:d7:8d:d0:
                    38:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:A9:73:82:BB:36:B8:F5:07:8B:A0:4D:DD:4C:94:E1:B5:0F:FA:C1
            X509v3 Authority Key Identifier:
                keyid:34:78:BD:56:A0:1E:B2:AE:30:76:F6:96:D0:1D:4F:FC:D1:40:1A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHi9VqAesq4wdvaW0B1P_NFAGp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0fc7d8-2a5f-4b38-a230-8396f8c6255a/1/NHi9VqAesq4wdvaW0B1P_NFAGp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:26:30:f4:4c:fc:4b:75:76:0b:3c:dc:ce:7b:54:89:d9:bd:
         e2:3f:c2:7a:2c:92:ed:16:d9:87:c0:24:54:47:ea:2b:45:ad:
         59:74:3b:3c:5e:20:68:3c:60:ab:c5:cf:52:ec:fb:8e:a5:14:
         30:cd:90:b5:ab:a5:62:88:76:fc:67:c7:a0:98:53:af:ec:17:
         4e:11:56:7a:23:cb:eb:7f:a5:f1:e7:8e:b7:d1:b5:94:62:a3:
         05:83:61:f2:f1:2a:f6:f9:0e:d5:3e:0c:94:39:df:a6:c5:2d:
         20:d7:e7:95:07:d8:d1:80:c6:e2:ec:4f:a7:ae:07:1a:82:46:
         0a:a2:41:15:5a:08:82:d1:df:85:81:db:19:66:27:1b:27:2a:
         c4:18:5d:66:5a:72:c7:9c:67:e6:0f:54:cb:ea:ad:97:ca:58:
         37:78:10:48:4c:28:82:0e:12:90:30:e1:2d:75:5f:98:95:e5:
         7c:23:bc:00:80:70:bc:63:2e:4f:43:13:5d:e8:90:0d:21:98:
         38:60:26:e8:5c:6d:54:27:5a:61:a2:85:d6:9e:ba:0c:c5:77:
         92:64:62:9a:e1:49:f9:7f:c3:fb:ab:a3:d6:c2:e5:25:68:7b:
         1e:9d:0c:39:16:97:d5:e8:ba:06:8c:6e:4e:03:25:fe:8c:e8:
         bb:79:e4:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiWpL2ZaHoFDFex9WlBe5JdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzhiZDU2YTAxZWIyYWUzMDc2ZjY5NmQwMWQ0ZmZjZDE0
MDFhOWYwHhcNMjUwODExMDEwMDM1WhcNMjUwODEyMDEwMDM1WjAzMTEwLwYDVQQD
EygwM2E5NzM4MmJiMzZiOGY1MDc4YmEwNGRkZDRjOTRlMWI1MGZmYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssn/0Ayhtc6//tJOlY2FjnV72dTh
INMcMRqoqrKtx5MD5/CCjjRmbrDNyt4gPAiqBI2rgfz9QN2MpnSDWVQtkfp9ttzs
OI8AWlCu6m8nXYLc04uBgRbhj8cqrwxRRsdgivUYoKG9Q/YSIAzC63ROw6E45Zkz
DJzVyvTcTr0GRn8ToKdVa+yzUVpQGw/xJgT6NLyChobXuTVN830kB4F4logeGqu2
qMtBw70B45Rr5y4jVqEH4X8NtrPl/JVWwrM7F7ilqACtyI41tyJl58bktoPVVgZU
cA+1jDDZ4SrwTDxGK0I4bVi44TQj/bGuAYL3egXLq9eM+zpR41DXjdA47QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAOpc4K7Nrj1B4ugTd1MlOG1D/rBMB8GA1UdIwQY
MBaAFDR4vVagHrKuMHb2ltAdT/zRQBqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wZmM3ZDgtMmE1Zi00YjM4LWEyMzAt
ODM5NmY4YzYyNTVhLzEvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wZmM3ZDgtMmE1Zi00YjM4LWEyMzAtODM5NmY4YzYyNTVh
LzEvTkhpOVZxQWVzcTR3ZHZhVzBCMVBfTkZBR3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmiYw9Ez8
S3V2CzzczntUidm94j/CeiyS7RbZh8AkVEfqK0WtWXQ7PF4gaDxgq8XPUuz7jqUU
MM2QtaulYoh2/GfHoJhTr+wXThFWeiPL63+l8eeOt9G1lGKjBYNh8vEq9vkO1T4M
lDnfpsUtINfnlQfY0YDG4uxPp64HGoJGCqJBFVoIgtHfhYHbGWYnGycqxBhdZlpy
x5xn5g9Uy+qtl8pYN3gQSEwogg4SkDDhLXVfmJXlfCO8AIBwvGMuT0MTXeiQDSGY
OGAm6FxtVCdaYaKF1p66DMV3kmRimuFJ+X/D+6uj1sLlJWh7Hp0MORaX1ei6Boxu
TgMl/ozou3nkow==
-----END CERTIFICATE-----
Generated at Mon Aug 11 09:49:49 2025 by rpki-client