Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          TxSJ4ZSR1QiNIUspum9f11iT06q71VPUp91I5sldfQM=
Subject key identifier:   DF:37:16:08:DC:9A:90:59:5A:43:A5:87:6E:56:BB:CB:2E:54:8D:75
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       019881D498DB1036B29A62F93985C6791B6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          1619
Signing time:             Thu 07 Aug 2025 00:00:50 +0000
Manifest this update:     Thu 07 Aug 2025 00:00:50 +0000
Manifest next update:     Fri 08 Aug 2025 00:00:50 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: /ZeCVuP4JwCF9MIY7PhsUVd0CNl5jzbh9dBSkZkPsbM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 00:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:81:d4:98:db:10:36:b2:9a:62:f9:39:85:c6:79:1b:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Aug  7 00:00:50 2025 GMT
            Not After : Aug  8 00:00:50 2025 GMT
        Subject: CN=df371608dc9a90595a43a5876e56bbcb2e548d75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d6:50:7d:40:d5:81:22:3b:5f:53:9a:30:02:
                    54:98:19:7b:ef:e9:77:7d:10:44:43:89:9e:28:83:
                    fe:fb:a9:ac:24:fc:26:c5:ed:01:cc:0d:f1:a9:b6:
                    36:3f:48:31:66:06:02:49:88:19:45:fd:02:b0:b6:
                    46:8a:c4:25:e8:62:c5:77:db:59:21:45:e7:fb:48:
                    83:d7:b2:f0:cb:90:4e:7f:37:33:6d:77:0e:fa:5a:
                    99:4e:ba:09:09:5e:bd:24:6b:ef:bc:e5:ac:22:75:
                    df:93:01:aa:19:72:2b:9f:cd:18:b8:79:e3:f7:5d:
                    f9:a0:86:39:fb:0a:58:01:b8:f4:36:55:2e:17:1e:
                    41:47:3c:70:7f:01:b6:d7:63:4c:fc:5d:2e:82:82:
                    b6:f0:aa:56:f4:d5:fd:6c:69:d8:5d:d7:7e:4c:72:
                    70:2f:78:de:84:39:f8:6f:5e:32:92:a3:04:42:92:
                    54:84:36:d3:8f:7e:9b:26:d8:aa:fb:5c:da:14:3b:
                    c5:52:80:36:f6:50:f8:f6:a3:7a:79:6b:1b:a3:b3:
                    c2:4b:ec:ee:49:bb:99:7e:ac:14:cb:01:7c:a4:52:
                    e9:54:3f:16:48:f7:63:3a:a0:8f:cb:ee:b5:77:d2:
                    9b:30:a1:19:a3:34:10:72:7f:b9:1c:73:29:14:03:
                    70:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:37:16:08:DC:9A:90:59:5A:43:A5:87:6E:56:BB:CB:2E:54:8D:75
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:be:2b:66:de:ea:20:05:d4:cb:61:bc:f8:e6:cf:cf:45:a0:
         5c:e7:9a:2d:26:6e:d4:4b:3e:55:32:51:49:e5:8d:f6:df:83:
         2f:d7:fb:69:24:12:fd:6b:6a:9f:1d:9b:82:09:ff:9e:1b:45:
         90:eb:bf:52:b3:94:cd:17:c5:0d:22:b9:f6:40:b9:57:bf:6f:
         2f:e0:8d:5e:f4:5e:f2:1d:b2:b0:61:f8:52:7d:61:4e:a0:98:
         64:f3:19:0b:21:4c:d5:ea:f4:80:27:07:08:f4:03:6e:d4:d2:
         8f:54:2f:0b:7f:ed:db:aa:08:a1:7c:65:6a:ad:73:0b:1c:cf:
         fb:33:13:ac:a4:84:d4:5f:3f:ed:e9:f2:32:f6:95:dc:df:9a:
         f0:80:90:55:75:51:34:39:92:44:22:09:38:df:57:54:2d:0e:
         37:aa:5a:80:53:d4:32:54:19:cf:a4:6a:e4:73:4b:31:e7:7e:
         3b:dd:65:11:9a:4d:ee:30:30:c5:05:3c:38:43:db:b9:a2:3a:
         dc:39:2d:97:7b:0a:a8:ac:92:dc:0d:09:d0:73:c7:e9:07:8b:
         be:76:ca:37:9f:03:3a:86:67:3a:f4:0f:ae:46:90:bb:d5:20:
         00:2f:b6:72:29:91:05:40:2c:40:ea:2c:d4:86:d1:f8:fa:34:
         40:e1:9d:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiB1JjbEDaymmL5OYXGeRtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjUwODA3MDAwMDUwWhcNMjUwODA4MDAwMDUwWjAzMTEwLwYDVQQD
EyhkZjM3MTYwOGRjOWE5MDU5NWE0M2E1ODc2ZTU2YmJjYjJlNTQ4ZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9ZQfUDVgSI7X1OaMAJUmBl77+l3
fRBEQ4meKIP++6msJPwmxe0BzA3xqbY2P0gxZgYCSYgZRf0CsLZGisQl6GLFd9tZ
IUXn+0iD17Lwy5BOfzczbXcO+lqZTroJCV69JGvvvOWsInXfkwGqGXIrn80YuHnj
9135oIY5+wpYAbj0NlUuFx5BRzxwfwG212NM/F0ugoK28KpW9NX9bGnYXdd+THJw
L3jehDn4b14ykqMEQpJUhDbTj36bJtiq+1zaFDvFUoA29lD49qN6eWsbo7PCS+zu
SbuZfqwUywF8pFLpVD8WSPdjOqCPy+61d9KbMKEZozQQcn+5HHMpFANwNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN83FgjcmpBZWkOlh25Wu8suVI11MB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf74rZt7q
IAXUy2G8+ObPz0WgXOeaLSZu1Es+VTJRSeWN9t+DL9f7aSQS/Wtqnx2bggn/nhtF
kOu/UrOUzRfFDSK59kC5V79vL+CNXvRe8h2ysGH4Un1hTqCYZPMZCyFM1er0gCcH
CPQDbtTSj1QvC3/t26oIoXxlaq1zCxzP+zMTrKSE1F8/7enyMvaV3N+a8ICQVXVR
NDmSRCIJON9XVC0ON6pagFPUMlQZz6Rq5HNLMed+O91lEZpN7jAwxQU8OEPbuaI6
3Dktl3sKqKyS3A0J0HPH6QeLvnbKN58DOoZnOvQPrkaQu9UgAC+2cimRBUAsQOos
1IbR+Po0QOGdGg==
-----END CERTIFICATE-----