Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          /wLt3gAyGXs8IRFSiL9ogEqccgt4uA0VbtGplbjAkIg=
Subject key identifier:   7C:B7:58:58:59:3D:5F:68:C2:34:93:A3:D4:AB:A7:8D:90:7F:3B:6A
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       0196BFDCAA1C12ECCD0EA09C71F1B39F6483
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          0997
Signing time:             Sun 11 May 2025 15:00:31 +0000
Manifest this update:     Sun 11 May 2025 15:00:31 +0000
Manifest next update:     Mon 12 May 2025 15:00:31 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: eWNg1ZhHaHUrH5ragQBNYdqjPKCzmkfIVTfwwzT7HnQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 15:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:dc:aa:1c:12:ec:cd:0e:a0:9c:71:f1:b3:9f:64:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: May 11 15:00:31 2025 GMT
            Not After : May 12 15:00:31 2025 GMT
        Subject: CN=7cb75858593d5f68c23493a3d4aba78d907f3b6a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:09:45:59:7e:31:ef:24:69:05:65:e4:0e:1a:
                    1d:06:4e:e0:5a:41:0f:16:14:a3:92:b0:bc:46:26:
                    cc:6e:ba:3f:2b:86:3f:0e:05:10:ff:db:f7:05:5c:
                    dd:13:82:62:59:04:62:28:13:15:b8:4f:ce:1e:d8:
                    5d:82:71:9e:ee:77:1a:5a:ac:59:44:a7:55:59:fa:
                    70:e9:71:83:1b:eb:3a:be:c2:ed:44:39:45:04:9f:
                    71:0c:a7:cd:cf:61:14:05:7a:01:c7:d2:4c:3f:a4:
                    5d:f2:33:03:c0:7c:b2:f1:94:ff:0e:ab:45:79:14:
                    b4:bd:2d:fa:a1:6b:13:73:17:d7:32:f7:8b:e9:b0:
                    ca:11:e2:43:65:0d:07:7a:5f:60:b7:de:25:34:a1:
                    46:73:ed:b1:40:3e:43:b2:b8:df:47:1d:21:c3:27:
                    d2:4f:c5:ff:8a:85:3a:e4:99:54:58:25:ff:18:41:
                    60:86:53:94:93:e5:33:17:7e:dc:a0:49:fb:75:79:
                    df:3b:49:a5:2e:04:4a:3d:64:34:b8:1d:30:99:28:
                    80:6c:01:0e:5c:cf:f8:0e:67:61:ab:ec:84:ac:98:
                    62:50:d9:0f:dc:3e:82:9b:97:7f:8f:b4:39:55:b3:
                    a9:08:f6:18:11:18:c1:96:5a:7d:92:30:1b:07:30:
                    cc:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:B7:58:58:59:3D:5F:68:C2:34:93:A3:D4:AB:A7:8D:90:7F:3B:6A
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:44:94:d2:d2:4a:3c:c5:de:fc:73:75:ca:2c:99:59:d8:48:
         95:c5:2e:e7:a9:5a:c6:12:63:cb:3a:41:3f:e1:a9:fe:3d:2a:
         09:6b:29:5b:bb:7b:f6:97:d2:39:3f:cc:85:1d:2b:7f:4f:e0:
         1d:c7:f5:39:60:6c:44:5b:a2:2a:5c:07:bc:75:5e:46:11:4f:
         4b:f7:43:ee:9b:69:7d:83:76:58:97:3c:7f:38:fe:ff:26:c2:
         b9:3e:df:da:c3:7b:65:71:30:29:71:61:b3:6f:54:a0:0e:3b:
         26:5a:2e:67:fa:ad:32:c2:af:f3:44:dd:0b:bb:61:7d:4c:f5:
         7d:ec:8f:fc:b0:b6:74:63:1b:01:cb:30:2e:38:08:d7:fb:c4:
         26:8b:1e:03:53:86:cc:2c:bb:bf:88:99:5f:5f:e3:67:42:61:
         8f:3f:98:60:11:7a:df:a4:66:10:f6:c4:0e:2e:ca:2c:2a:b6:
         91:f7:19:80:bb:f7:3f:ed:ce:53:dc:81:ed:3b:1f:1d:49:72:
         5a:b6:19:bd:8a:ea:32:8a:14:8e:0e:e2:a9:0d:44:fe:78:f1:
         39:19:bb:3d:39:11:d0:23:4e:fe:56:56:7d:72:51:26:04:ab:
         ea:b7:71:ea:91:7f:85:0d:69:ea:b3:64:c7:84:45:90:6a:14:
         c7:bd:60:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/3KocEuzNDqCccfGzn2SDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjUwNTExMTUwMDMxWhcNMjUwNTEyMTUwMDMxWjAzMTEwLwYDVQQD
Eyg3Y2I3NTg1ODU5M2Q1ZjY4YzIzNDkzYTNkNGFiYTc4ZDkwN2YzYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwlFWX4x7yRpBWXkDhodBk7gWkEP
FhSjkrC8RibMbro/K4Y/DgUQ/9v3BVzdE4JiWQRiKBMVuE/OHthdgnGe7ncaWqxZ
RKdVWfpw6XGDG+s6vsLtRDlFBJ9xDKfNz2EUBXoBx9JMP6Rd8jMDwHyy8ZT/DqtF
eRS0vS36oWsTcxfXMveL6bDKEeJDZQ0Hel9gt94lNKFGc+2xQD5DsrjfRx0hwyfS
T8X/ioU65JlUWCX/GEFghlOUk+UzF37coEn7dXnfO0mlLgRKPWQ0uB0wmSiAbAEO
XM/4Dmdhq+yErJhiUNkP3D6Cm5d/j7Q5VbOpCPYYERjBllp9kjAbBzDMgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHy3WFhZPV9owjSTo9Srp42QfztqMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK0SU0tJK
PMXe/HN1yiyZWdhIlcUu56laxhJjyzpBP+Gp/j0qCWspW7t79pfSOT/MhR0rf0/g
Hcf1OWBsRFuiKlwHvHVeRhFPS/dD7ptpfYN2WJc8fzj+/ybCuT7f2sN7ZXEwKXFh
s29UoA47JlouZ/qtMsKv80TdC7thfUz1feyP/LC2dGMbAcswLjgI1/vEJoseA1OG
zCy7v4iZX1/jZ0Jhjz+YYBF636RmEPbEDi7KLCq2kfcZgLv3P+3OU9yB7TsfHUly
WrYZvYrqMooUjg7iqQ1E/njxORm7PTkR0CNO/lZWfXJRJgSr6rdx6pF/hQ1p6rNk
x4RFkGoUx71gdA==
-----END CERTIFICATE-----