Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          ewQS3H/l0TEdNdBwEOC+Yv9ef22vDiEMHzquVI8SYJE=
Subject key identifier:   9B:37:E5:FA:ED:E9:18:11:96:AE:43:06:49:A2:C3:EF:A8:A7:A2:48
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       0196A4D3CDEE4C80E4D2FCAA24EF46617E7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          1524
Signing time:             Tue 06 May 2025 09:01:06 +0000
Manifest this update:     Tue 06 May 2025 09:01:06 +0000
Manifest next update:     Wed 07 May 2025 09:01:06 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: 1S5z/7HSzxPRgXW5G2Ix0RtRw1LC87lnq4gabxlLyRc=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 07 May 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a4:d3:cd:ee:4c:80:e4:d2:fc:aa:24:ef:46:61:7e:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: May  6 09:01:06 2025 GMT
            Not After : May  7 09:01:06 2025 GMT
        Subject: CN=9b37e5faede9181196ae430649a2c3efa8a7a248
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:91:88:e7:64:f3:07:3b:68:cb:24:2b:9b:84:
                    de:63:2f:52:9b:69:41:5c:d4:00:b9:2c:4c:ba:22:
                    91:8e:2b:85:2c:48:7a:70:a1:24:c5:42:24:ff:a0:
                    ad:f7:71:8f:eb:95:c0:de:8c:7d:1b:ef:de:01:49:
                    b5:a5:c3:f7:e6:f2:6e:10:a8:2c:fd:7b:74:e2:cb:
                    bd:9d:7f:fa:8e:54:0b:0c:26:d1:f2:e3:20:51:cf:
                    3c:c3:81:39:7e:65:79:d0:ac:d9:78:1a:70:c8:98:
                    bf:c9:ab:a7:c8:6c:9f:df:0f:18:87:1b:38:16:1c:
                    07:42:cf:13:28:2f:ef:e6:2b:05:4c:4e:32:87:32:
                    bd:fb:2f:e4:ba:3a:50:e1:82:37:3e:fe:e3:7b:60:
                    8c:82:3e:e5:cf:f1:48:64:a0:ad:17:5b:8a:15:63:
                    52:f8:61:75:dc:74:ad:55:f9:33:9e:99:16:99:77:
                    98:35:1f:09:e4:03:f3:5c:28:aa:24:fb:d8:2e:00:
                    be:9f:f0:0d:ec:d3:4e:7e:a7:73:85:38:b6:1e:5a:
                    fd:1c:74:c8:b9:fe:92:96:02:26:eb:d8:9a:0f:4c:
                    bb:5b:3b:5f:03:43:0e:b6:df:72:7d:ba:5e:e2:dd:
                    4c:df:2d:c4:ff:0b:d3:64:9a:d6:66:f7:cc:c5:bd:
                    b9:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:37:E5:FA:ED:E9:18:11:96:AE:43:06:49:A2:C3:EF:A8:A7:A2:48
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:66:52:5b:14:95:0b:dc:76:99:55:41:f2:79:b2:9c:09:88:
         2b:3b:4b:7b:d6:03:5a:80:03:0f:7d:be:e0:7a:33:c0:db:b0:
         e0:06:af:ad:d6:c1:86:4a:d9:39:d8:38:bc:74:f8:c7:a1:ad:
         db:54:60:6c:45:11:91:b3:d1:85:fa:8b:56:10:8d:01:6f:b7:
         4e:08:2e:dc:c9:d0:c9:82:48:7e:2f:61:46:f2:1e:07:1b:7f:
         5a:47:39:0a:4f:11:b2:12:b8:1b:f5:28:4f:71:90:77:94:cf:
         a8:34:3d:25:1d:37:2d:eb:74:01:9d:6c:04:53:1f:3a:33:14:
         e8:4a:bf:1c:c3:5b:e0:29:0f:88:b1:22:47:7e:f2:33:68:99:
         f1:87:72:02:d0:6e:bd:d8:ec:99:0a:35:96:1b:40:b6:7c:2f:
         b6:96:3a:f9:57:ad:4b:75:57:14:6c:c8:b3:b4:6a:2a:65:d2:
         de:5c:87:58:48:4d:78:ff:03:12:01:3a:6a:12:53:af:3b:bb:
         f8:b2:da:58:08:a1:5c:31:87:f0:b8:24:b4:2d:d3:3e:6e:8e:
         aa:2f:68:a5:52:25:a8:5f:8c:0b:73:44:c2:9e:50:24:ef:35:
         8d:e0:9f:ff:df:16:4e:a7:63:78:d3:03:4a:57:11:2e:7a:89:
         25:e6:0b:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZak083uTIDk0vyqJO9GYX58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUwNTA2MDkwMTA2WhcNMjUwNTA3MDkwMTA2WjAzMTEwLwYDVQQD
Eyg5YjM3ZTVmYWVkZTkxODExOTZhZTQzMDY0OWEyYzNlZmE4YTdhMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JGI52TzBztoyyQrm4TeYy9Sm2lB
XNQAuSxMuiKRjiuFLEh6cKEkxUIk/6Ct93GP65XA3ox9G+/eAUm1pcP35vJuEKgs
/Xt04su9nX/6jlQLDCbR8uMgUc88w4E5fmV50KzZeBpwyJi/yaunyGyf3w8Yhxs4
FhwHQs8TKC/v5isFTE4yhzK9+y/kujpQ4YI3Pv7je2CMgj7lz/FIZKCtF1uKFWNS
+GF13HStVfkznpkWmXeYNR8J5APzXCiqJPvYLgC+n/AN7NNOfqdzhTi2Hlr9HHTI
uf6SlgIm69iaD0y7WztfA0MOtt9yfbpe4t1M3y3E/wvTZJrWZvfMxb254QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJs35frt6RgRlq5DBkmiw++op6JIMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuGZSWxSV
C9x2mVVB8nmynAmIKztLe9YDWoADD32+4HozwNuw4AavrdbBhkrZOdg4vHT4x6Gt
21RgbEURkbPRhfqLVhCNAW+3Tggu3MnQyYJIfi9hRvIeBxt/Wkc5Ck8RshK4G/Uo
T3GQd5TPqDQ9JR03Let0AZ1sBFMfOjMU6Eq/HMNb4CkPiLEiR37yM2iZ8YdyAtBu
vdjsmQo1lhtAtnwvtpY6+VetS3VXFGzIs7RqKmXS3lyHWEhNeP8DEgE6ahJTrzu7
+LLaWAihXDGH8LgktC3TPm6Oqi9opVIlqF+MC3NEwp5QJO81jeCf/98WTqdjeNMD
SlcRLnqJJeYLMA==
-----END CERTIFICATE-----