Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
File:                     NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft (raw, json)
Hash identifier:          Y3Xb0DRTLDYILLLIVEv48/f9A5L7h1pg3aCfKtZJ0nM=
Subject key identifier:   38:A3:9F:DA:F3:1B:61:3B:6C:91:31:EB:13:5F:8C:73:14:52:88:DA
Authority key identifier: 36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57
Certificate issuer:       /CN=36d8c1a73b1595109d26067b4291f71dc1db9957
Certificate serial:       0197B77CA495DBB6AACC178360789775C72A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
Manifest number:          0FC1
Signing time:             Sat 28 Jun 2025 17:01:28 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:28 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:28 +0000
Files and hashes:         1: NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl (hash: ryVAbAHiziNWFhXCLuo6iNUk9hHpFPkX3NBqoffNsVs=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:a4:95:db:b6:aa:cc:17:83:60:78:97:75:c7:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36d8c1a73b1595109d26067b4291f71dc1db9957
        Validity
            Not Before: Jun 28 17:01:28 2025 GMT
            Not After : Jun 29 17:01:28 2025 GMT
        Subject: CN=38a39fdaf31b613b6c9131eb135f8c73145288da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:94:8c:2a:dc:d1:ba:42:f1:92:84:6e:2e:79:
                    c7:ac:e4:89:da:1b:56:8d:5c:69:d0:79:75:f9:5a:
                    e8:ce:f7:66:b8:c1:24:c7:f0:53:8e:01:0e:92:b5:
                    c3:77:ba:48:89:25:9f:72:0f:dd:15:bb:8e:92:c5:
                    e3:a3:a6:da:db:71:34:d2:c7:6c:41:6a:07:40:79:
                    77:7f:09:18:9b:a5:9d:9d:bd:4d:1c:b9:9b:80:4c:
                    05:45:b2:d1:e1:72:ae:c1:33:e2:ed:59:f1:7c:dd:
                    54:3f:97:4e:e5:a8:33:0f:46:a6:95:35:2f:0d:fb:
                    47:f2:61:5c:8a:0d:0c:8c:5e:54:5e:6d:16:d9:c0:
                    0f:bc:e0:1c:52:1f:4d:27:94:01:b9:f3:d8:91:b0:
                    f0:e1:04:93:67:bc:dc:28:96:b1:3b:af:23:14:cc:
                    43:70:5c:89:32:e5:f9:8f:b7:24:9f:91:af:2a:47:
                    16:20:36:83:ea:ac:4b:d7:21:7b:0a:eb:5c:47:0c:
                    42:2d:43:39:fc:d3:0a:df:1d:da:48:a5:58:c9:38:
                    69:50:89:e3:c9:ff:cc:0c:55:d2:ab:55:fc:18:e4:
                    74:c8:20:e7:d9:28:a1:9f:33:d3:d6:ea:33:f1:05:
                    c0:66:bb:d5:d1:94:c8:6a:58:b9:2a:79:11:0e:de:
                    80:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:A3:9F:DA:F3:1B:61:3B:6C:91:31:EB:13:5F:8C:73:14:52:88:DA
            X509v3 Authority Key Identifier:
                keyid:36:D8:C1:A7:3B:15:95:10:9D:26:06:7B:42:91:F7:1D:C1:DB:99:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/eecca5-c339-4918-a0a8-f61ec85d0f57/1/NtjBpzsVlRCdJgZ7QpH3HcHbmVc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:33:cf:e3:23:07:c8:c5:59:fd:ed:93:bb:b5:de:d2:6b:98:
         c3:12:5c:cb:55:ad:ee:a4:df:f8:77:97:e3:90:2d:27:65:0e:
         ef:be:42:23:5c:3c:9b:3b:71:de:31:64:a9:8b:aa:8f:92:e7:
         de:4d:d1:64:0d:27:bc:d9:f5:b3:c5:c7:89:87:03:1f:23:a4:
         a8:dd:9b:d3:f9:86:65:34:64:ea:d3:8f:c7:35:f3:ef:bc:31:
         22:0e:35:3e:d0:fb:f7:88:ec:2a:86:2a:ad:e0:88:93:92:61:
         a8:68:03:08:85:c9:a6:7c:44:91:9e:de:ab:08:ba:37:ec:47:
         55:c3:e8:51:20:d5:a0:42:04:b1:e9:a2:ae:98:f7:b6:ff:c5:
         03:06:60:3a:22:be:a5:b0:98:3a:4a:68:66:5d:27:cc:e1:bb:
         75:7d:99:02:3c:e1:40:e0:6b:d9:47:72:4c:02:59:e8:6d:1f:
         5b:d1:dd:e6:0e:7b:d3:0b:e1:64:a4:d4:f4:58:4b:59:39:72:
         71:5b:fe:a3:53:46:38:54:42:7f:16:8b:ce:a8:22:dc:0a:e8:
         c2:77:8d:d0:db:81:4e:da:94:0d:36:55:78:30:61:b8:79:5f:
         45:83:58:40:fc:11:33:5d:51:9b:89:89:36:7d:95:0b:3a:8f:
         0e:5b:a1:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fKSV27aqzBeDYHiXdccqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZDhjMWE3M2IxNTk1MTA5ZDI2MDY3YjQyOTFmNzFkYzFk
Yjk5NTcwHhcNMjUwNjI4MTcwMTI4WhcNMjUwNjI5MTcwMTI4WjAzMTEwLwYDVQQD
EygzOGEzOWZkYWYzMWI2MTNiNmM5MTMxZWIxMzVmOGM3MzE0NTI4OGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5SMKtzRukLxkoRuLnnHrOSJ2htW
jVxp0Hl1+VrozvdmuMEkx/BTjgEOkrXDd7pIiSWfcg/dFbuOksXjo6ba23E00sds
QWoHQHl3fwkYm6Wdnb1NHLmbgEwFRbLR4XKuwTPi7VnxfN1UP5dO5agzD0amlTUv
DftH8mFcig0MjF5UXm0W2cAPvOAcUh9NJ5QBufPYkbDw4QSTZ7zcKJaxO68jFMxD
cFyJMuX5j7ckn5GvKkcWIDaD6qxL1yF7CutcRwxCLUM5/NMK3x3aSKVYyThpUInj
yf/MDFXSq1X8GOR0yCDn2SihnzPT1uoz8QXAZrvV0ZTIali5KnkRDt6ARQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDijn9rzG2E7bJEx6xNfjHMUUojaMB8GA1UdIwQY
MBaAFDbYwac7FZUQnSYGe0KR9x3B25lXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgt
ZjYxZWM4NWQwZjU3LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lZWNjYTUtYzMzOS00OTE4LWEwYTgtZjYxZWM4NWQwZjU3
LzEvTnRqQnB6c1ZsUkNkSmdaN1FwSDNIY0hibVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXjPP4yMH
yMVZ/e2Tu7Xe0muYwxJcy1Wt7qTf+HeX45AtJ2UO775CI1w8mztx3jFkqYuqj5Ln
3k3RZA0nvNn1s8XHiYcDHyOkqN2b0/mGZTRk6tOPxzXz77wxIg41PtD794jsKoYq
reCIk5JhqGgDCIXJpnxEkZ7eqwi6N+xHVcPoUSDVoEIEsemirpj3tv/FAwZgOiK+
pbCYOkpoZl0nzOG7dX2ZAjzhQOBr2UdyTAJZ6G0fW9Hd5g570wvhZKTU9FhLWTly
cVv+o1NGOFRCfxaLzqgi3ArowneN0NuBTtqUDTZVeDBhuHlfRYNYQPwRM11Rm4mJ
Nn2VCzqPDluhvw==
-----END CERTIFICATE-----