Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
File:                     _Nq63VYraOxeFY4easdvfalucyM.mft (raw, json)
Hash identifier:          ZMwCXgxRDKgptPBSJA9oy6jJftNk9UMgEFEglEbC7eA=
Subject key identifier:   3B:77:E2:39:CC:BB:53:2F:91:31:3B:CA:EB:CA:77:F6:9C:F9:29:BD
Authority key identifier: FC:DA:BA:DD:56:2B:68:EC:5E:15:8E:1E:6A:C7:6F:7D:A9:6E:73:23
Certificate issuer:       /CN=fcdabadd562b68ec5e158e1e6ac76f7da96e7323
Certificate serial:       0196BFDCED5CD5C1D36E08898911A2702B7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
Manifest number:          1533
Signing time:             Sun 11 May 2025 15:00:49 +0000
Manifest this update:     Sun 11 May 2025 15:00:49 +0000
Manifest next update:     Mon 12 May 2025 15:00:49 +0000
Files and hashes:         1: _Nq63VYraOxeFY4easdvfalucyM.crl (hash: Sc+H9Mka3u0Lx2vsSHfYzYNbZmvnAZOtJUxvuukbdaY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 15:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bf:dc:ed:5c:d5:c1:d3:6e:08:89:89:11:a2:70:2b:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fcdabadd562b68ec5e158e1e6ac76f7da96e7323
        Validity
            Not Before: May 11 15:00:49 2025 GMT
            Not After : May 12 15:00:49 2025 GMT
        Subject: CN=3b77e239ccbb532f91313bcaebca77f69cf929bd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c8:41:c1:b6:c9:14:da:99:58:4c:0a:33:68:
                    7a:25:b1:61:6c:2f:e5:85:a9:86:ab:af:c7:c9:e9:
                    cb:d1:d1:69:40:9f:16:e3:a0:90:03:85:19:6c:e6:
                    fd:d4:af:fd:37:88:f4:86:e0:f8:20:09:87:9b:be:
                    31:10:13:81:28:50:9d:1a:d7:1b:07:24:fe:6a:da:
                    5d:3a:26:0b:87:b2:b2:01:de:30:03:f8:52:2b:3c:
                    98:bb:bd:bc:17:ed:16:52:ac:af:21:60:7c:7a:19:
                    70:a2:2f:79:f1:91:d0:5b:1d:0c:82:96:7c:dd:66:
                    5f:eb:a0:b8:a3:26:99:04:c3:96:32:2c:db:2a:12:
                    e9:c1:8a:ff:56:0d:f1:47:f4:b2:e7:89:99:63:c2:
                    8b:7c:c5:51:f2:1b:ce:60:ef:ec:c5:5a:76:05:12:
                    92:d4:40:7b:28:a2:d2:40:da:ee:6c:ff:01:04:4d:
                    27:07:24:40:4e:7c:8c:05:33:d8:6a:28:3b:42:3f:
                    0d:65:4b:5e:57:ee:17:85:3b:d3:85:95:ad:68:c2:
                    e8:62:0b:57:68:cd:e9:d7:15:00:4c:f9:fc:79:8f:
                    ba:fa:08:79:5e:ae:03:ea:17:88:c2:2c:2c:0c:5c:
                    11:23:4c:4b:4b:d0:64:dd:f6:8c:ae:2a:be:d7:1a:
                    2f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:77:E2:39:CC:BB:53:2F:91:31:3B:CA:EB:CA:77:F6:9C:F9:29:BD
            X509v3 Authority Key Identifier:
                keyid:FC:DA:BA:DD:56:2B:68:EC:5E:15:8E:1E:6A:C7:6F:7D:A9:6E:73:23

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Nq63VYraOxeFY4easdvfalucyM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e8bb13-9f89-40ca-8a6b-a394e866b37c/1/_Nq63VYraOxeFY4easdvfalucyM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:f0:59:4e:45:d4:a5:4c:38:e2:6e:3e:40:8f:e1:b3:96:4f:
         55:f7:99:25:0e:8a:86:eb:7d:73:c8:45:99:4b:8d:0c:df:3d:
         e5:da:eb:0b:6e:d7:cb:ad:da:d3:79:90:37:3b:30:fc:53:28:
         50:ef:f6:8a:3d:f7:73:e2:90:0d:76:fa:2f:a1:a8:3c:67:ef:
         65:34:54:71:95:f9:cf:9c:77:81:82:3a:0b:db:c1:e6:09:9d:
         d8:ac:3a:87:f7:94:4e:dc:de:0f:e8:c9:53:36:ec:51:75:ac:
         69:fa:b1:57:8e:85:54:29:e0:f6:bb:3e:53:3b:8e:7f:89:46:
         00:b3:17:87:7d:c8:35:4b:20:ed:a3:82:67:1d:c9:4d:2f:69:
         82:24:82:94:35:9f:51:e3:2c:9f:77:81:26:3f:70:fc:9a:94:
         80:be:b4:20:69:6f:97:b8:bf:be:58:f2:a5:4b:d0:b2:73:ab:
         68:20:7a:51:cb:ff:c0:a6:b7:f2:5c:9f:f5:8e:89:29:13:9b:
         b6:16:ec:22:13:a0:a5:b9:03:3f:d0:a4:ef:29:88:83:e1:11:
         e7:cd:71:48:83:2b:19:7a:0c:ce:e9:22:d0:d2:1f:56:d2:1b:
         e3:b5:24:af:a2:88:33:b2:d2:74:17:ae:74:1c:3a:36:26:d0:
         b7:0a:10:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa/3O1c1cHTbgiJiRGicCt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZGFiYWRkNTYyYjY4ZWM1ZTE1OGUxZTZhYzc2ZjdkYTk2
ZTczMjMwHhcNMjUwNTExMTUwMDQ5WhcNMjUwNTEyMTUwMDQ5WjAzMTEwLwYDVQQD
EygzYjc3ZTIzOWNjYmI1MzJmOTEzMTNiY2FlYmNhNzdmNjljZjkyOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmchBwbbJFNqZWEwKM2h6JbFhbC/l
hamGq6/HyenL0dFpQJ8W46CQA4UZbOb91K/9N4j0huD4IAmHm74xEBOBKFCdGtcb
ByT+atpdOiYLh7KyAd4wA/hSKzyYu728F+0WUqyvIWB8ehlwoi958ZHQWx0MgpZ8
3WZf66C4oyaZBMOWMizbKhLpwYr/Vg3xR/Sy54mZY8KLfMVR8hvOYO/sxVp2BRKS
1EB7KKLSQNrubP8BBE0nByRATnyMBTPYaig7Qj8NZUteV+4XhTvThZWtaMLoYgtX
aM3p1xUATPn8eY+6+gh5Xq4D6heIwiwsDFwRI0xLS9Bk3faMriq+1xovywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDt34jnMu1MvkTE7yuvKd/ac+Sm9MB8GA1UdIwQY
MBaAFPzaut1WK2jsXhWOHmrHb32pbnMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lOGJiMTMtOWY4OS00MGNhLThhNmIt
YTM5NGU4NjZiMzdjLzEvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lOGJiMTMtOWY4OS00MGNhLThhNmItYTM5NGU4NjZiMzdj
LzEvX05xNjNWWXJhT3hlRlk0ZWFzZHZmYWx1Y3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgfBZTkXU
pUw44m4+QI/hs5ZPVfeZJQ6Khut9c8hFmUuNDN895drrC27Xy63a03mQNzsw/FMo
UO/2ij33c+KQDXb6L6GoPGfvZTRUcZX5z5x3gYI6C9vB5gmd2Kw6h/eUTtzeD+jJ
UzbsUXWsafqxV46FVCng9rs+UzuOf4lGALMXh33INUsg7aOCZx3JTS9pgiSClDWf
UeMsn3eBJj9w/JqUgL60IGlvl7i/vljypUvQsnOraCB6Ucv/wKa38lyf9Y6JKROb
thbsIhOgpbkDP9Ck7ymIg+ER581xSIMrGXoMzuki0NIfVtIb47Ukr6KIM7LSdBeu
dBw6NibQtwoQuA==
-----END CERTIFICATE-----