Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
File:                     NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft (raw, json)
Hash identifier:          uwEM5uD34WbJiLUtaSwt5jhghqiC3Zz6qoEIrI4V4qI=
Subject key identifier:   CD:00:07:CF:9F:44:9D:AE:36:2A:85:0B:3E:F5:72:23:89:36:C5:D5
Authority key identifier: 36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57
Certificate issuer:       /CN=36d8c1a73b1595109d26067b4291f71dc1db9957
Certificate serial:       0196BE5C257B21CBCF7F80CCAD703A4AC90F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
Manifest number:          0F40
Signing time:             Sun 11 May 2025 08:00:32 +0000
Manifest this update:     Sun 11 May 2025 08:00:32 +0000
Manifest next update:     Mon 12 May 2025 08:00:32 +0000
Files and hashes:         1: NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl (hash: 3htTA07im5AI8T0+qdmKeGFsLg8vI0Bp3Ix1ixE5294=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 07:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:be:5c:25:7b:21:cb:cf:7f:80:cc:ad:70:3a:4a:c9:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36d8c1a73b1595109d26067b4291f71dc1db9957
        Validity
            Not Before: May 11 08:00:32 2025 GMT
            Not After : May 12 08:00:32 2025 GMT
        Subject: CN=cd0007cf9f449dae362a850b3ef572238936c5d5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:b6:43:e8:8a:f8:bd:fa:c7:e4:3c:ef:a8:c9:
                    65:33:29:e1:4a:7c:d7:7e:d9:78:9d:fc:d1:c7:f8:
                    bc:31:18:1a:ec:65:f3:e9:16:b7:46:9d:5d:4c:b8:
                    31:30:78:76:f8:06:17:69:f5:f5:96:c8:68:c0:eb:
                    e8:a4:28:a3:27:c3:c0:c7:9a:35:3e:4d:ec:cc:44:
                    2e:a0:0b:b5:f6:50:ec:dc:20:4e:bb:b9:39:51:87:
                    95:bd:a2:90:62:15:c7:f6:d8:5c:d6:bf:81:f0:41:
                    b5:16:c6:3b:63:84:7f:d9:2d:b8:7d:02:06:79:1f:
                    85:9a:81:7d:43:0d:2d:cf:5f:c0:6f:4e:de:2f:0d:
                    55:41:0a:3c:52:db:5d:ba:b5:b3:2a:ac:ee:92:61:
                    4f:15:0e:1a:2a:bb:4c:f9:58:25:fd:75:06:ae:22:
                    df:6f:de:dd:a2:46:6a:e1:38:13:4d:b1:dd:3a:69:
                    9e:fc:3e:26:96:52:f8:f5:44:50:fa:0d:a1:9b:57:
                    79:29:6b:e7:ae:48:7e:65:64:b4:fa:44:02:bd:82:
                    3c:e2:3e:66:71:87:e8:a0:5e:0c:f7:7e:fc:6e:12:
                    7a:4c:94:21:73:8f:bd:e6:dd:a1:23:e6:2a:e8:e1:
                    1b:11:d5:4c:de:d3:d8:8d:01:eb:ae:8c:3c:23:b8:
                    c4:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:00:07:CF:9F:44:9D:AE:36:2A:85:0B:3E:F5:72:23:89:36:C5:D5
            X509v3 Authority Key Identifier:
                keyid:36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:8a:9c:9d:d3:93:55:99:36:f2:5b:8a:fe:db:b6:4d:a4:03:
         37:b5:ac:00:9e:48:ce:a6:5f:52:64:44:83:0e:77:21:6a:15:
         26:db:76:7f:f2:3b:2b:c8:d0:29:f4:d2:36:1b:bb:78:a5:28:
         9d:05:54:13:b7:18:0e:ac:e7:d8:1d:ff:1e:d2:33:66:25:cf:
         d2:65:80:d6:33:eb:d0:e5:c4:67:88:68:f8:3d:5b:5b:74:c5:
         f2:ab:bd:0d:9f:30:37:ef:e3:8d:a3:4e:19:1d:f2:59:20:74:
         99:8d:bc:de:b9:dd:81:8f:17:96:de:b0:b6:07:69:62:de:47:
         9d:42:55:c9:85:8e:52:6e:2c:8f:09:ae:e2:a4:9d:73:fb:7b:
         cf:bd:4d:a2:b9:46:ba:4c:27:63:d4:b7:58:50:a6:12:01:a4:
         e6:21:70:47:2d:ec:fd:0c:37:55:99:5d:f7:2e:f2:0c:07:1b:
         76:54:1c:10:1b:37:7b:e4:85:53:63:59:da:b7:33:15:9e:8c:
         ce:33:0c:e5:0c:a8:d2:a2:ef:54:6f:f4:95:6e:12:61:e0:a8:
         37:70:bb:ce:de:2b:8e:ff:5f:8d:32:1d:54:55:f3:9b:bd:a5:
         ec:cc:0e:63:81:8e:32:e2:16:14:b5:1f:88:76:f3:10:35:08:
         f8:0b:4e:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa+XCV7IcvPf4DMrXA6SskPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZDhjMWE3M2IxNTk1MTA5ZDI2MDY3YjQyOTFmNzFkYzFk
Yjk5NTcwHhcNMjUwNTExMDgwMDMyWhcNMjUwNTEyMDgwMDMyWjAzMTEwLwYDVQQD
EyhjZDAwMDdjZjlmNDQ5ZGFlMzYyYTg1MGIzZWY1NzIyMzg5MzZjNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LZD6Ir4vfrH5DzvqMllMynhSnzX
ftl4nfzRx/i8MRga7GXz6Ra3Rp1dTLgxMHh2+AYXafX1lshowOvopCijJ8PAx5o1
Pk3szEQuoAu19lDs3CBOu7k5UYeVvaKQYhXH9thc1r+B8EG1FsY7Y4R/2S24fQIG
eR+FmoF9Qw0tz1/Ab07eLw1VQQo8UttdurWzKqzukmFPFQ4aKrtM+Vgl/XUGriLf
b97dokZq4TgTTbHdOmme/D4mllL49URQ+g2hm1d5KWvnrkh+ZWS0+kQCvYI84j5m
cYfooF4M9378bhJ6TJQhc4+95t2hI+Yq6OEbEdVM3tPYjQHrrow8I7jEFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0AB8+fRJ2uNiqFCz71ciOJNsXVMB8GA1UdIwQY
MBaAFDbYwac7FZUQnSYGe0KR9x3B25lXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgt
ZjYxZWM4NWQwZjU3LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgtZjYxZWM4NWQwZjU3
LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcIqcndOT
VZk28luK/tu2TaQDN7WsAJ5IzqZfUmREgw53IWoVJtt2f/I7K8jQKfTSNhu7eKUo
nQVUE7cYDqzn2B3/HtIzZiXP0mWA1jPr0OXEZ4ho+D1bW3TF8qu9DZ8wN+/jjaNO
GR3yWSB0mY283rndgY8Xlt6wtgdpYt5HnUJVyYWOUm4sjwmu4qSdc/t7z71NorlG
ukwnY9S3WFCmEgGk5iFwRy3s/Qw3VZld9y7yDAcbdlQcEBs3e+SFU2NZ2rczFZ6M
zjMM5Qyo0qLvVG/0lW4SYeCoN3C7zt4rjv9fjTIdVFXzm72l7MwOY4GOMuIWFLUf
iHbzEDUI+AtOMA==
-----END CERTIFICATE-----