Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
File:                     nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft (raw, json)
Hash identifier:          Eh1fO7t+j3EdsChzdZg51Z/Cm6ULCd7SaGAR1QLDzDE=
Subject key identifier:   3A:00:4A:DB:7B:B1:CB:DF:C3:67:63:77:85:1A:2B:CE:D4:48:DB:D4
Authority key identifier: 9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA
Certificate issuer:       /CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa
Certificate serial:       0196C5DF128CD3D4549EF301E6B51583EF3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
Manifest number:          03C5
Signing time:             Mon 12 May 2025 19:00:52 +0000
Manifest this update:     Mon 12 May 2025 19:00:52 +0000
Manifest next update:     Tue 13 May 2025 19:00:52 +0000
Files and hashes:         1: nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl (hash: a3Y6uHDNFPc9WtZW5r4kb9nuEli5AD18gVBdcVUykvI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 19:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c5:df:12:8c:d3:d4:54:9e:f3:01:e6:b5:15:83:ef:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cf05d4bd5d42b4175acc634accf0ffa1873f0aa
        Validity
            Not Before: May 12 19:00:52 2025 GMT
            Not After : May 13 19:00:52 2025 GMT
        Subject: CN=3a004adb7bb1cbdfc3676377851a2bced448dbd4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:63:2b:f5:18:be:c5:b6:bb:d2:53:a8:e6:d3:
                    ec:64:c4:e5:2b:34:cb:13:82:e3:5d:01:06:64:cb:
                    41:a7:bf:5b:77:a0:86:ff:31:bc:6e:55:c6:a9:32:
                    83:e5:9c:23:48:db:62:5f:0e:df:73:48:a8:4d:c3:
                    db:5a:39:2a:aa:05:ba:fe:34:56:1f:60:19:b1:6c:
                    7d:d3:a4:a8:4b:20:c1:4f:2a:53:05:f2:07:d2:9a:
                    b9:0d:86:db:19:cd:42:a9:81:62:f4:59:68:8a:44:
                    b3:37:a7:d6:84:b6:7b:96:79:08:06:10:a8:bb:1e:
                    1c:dc:28:9b:ca:ab:ed:63:fe:c2:f2:ef:54:cf:4e:
                    86:68:58:9b:c7:6d:b2:30:2d:75:b2:ee:4b:b1:30:
                    bd:a2:b1:09:aa:85:32:b7:25:c8:02:94:fa:9d:37:
                    4a:18:ca:79:6f:47:d6:b8:3a:43:a2:b5:f5:78:27:
                    fe:4d:25:2d:91:74:7f:7a:0a:34:de:f0:f7:3e:c5:
                    07:96:df:36:88:10:95:8b:b9:0f:ab:47:76:7e:2d:
                    64:61:a6:20:74:ef:16:55:8c:6e:30:7f:b8:24:24:
                    f5:6d:27:76:79:3b:38:57:48:41:48:66:00:b3:ff:
                    0d:b0:17:d4:68:a3:ee:f0:10:79:70:0d:50:39:04:
                    49:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:00:4A:DB:7B:B1:CB:DF:C3:67:63:77:85:1A:2B:CE:D4:48:DB:D4
            X509v3 Authority Key Identifier:
                keyid:9C:F0:5D:4B:D5:D4:2B:41:75:AC:C6:34:AC:CF:0F:FA:18:73:F0:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/871d77-08aa-4a91-996a-8bba5fa3c317/1/nPBdS9XUK0F1rMY0rM8P-hhz8Ko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:41:7a:4f:8d:f9:28:3c:de:60:00:b4:10:a2:24:cd:f6:64:
         7e:51:4c:6d:91:5c:41:96:8c:e3:14:3a:39:f8:ce:bb:91:4b:
         d4:c2:aa:8a:9b:15:d2:bf:45:f0:f1:8f:a4:14:a0:a8:c6:b4:
         42:0c:73:e2:af:98:52:78:1e:87:1c:18:19:70:76:bc:97:8b:
         e4:0b:64:bd:ee:ec:fb:03:8e:49:40:f2:9b:2c:1e:d4:b0:bb:
         4a:9f:3a:8f:ba:55:2e:27:f2:a3:20:f3:76:ea:37:d0:44:01:
         33:9a:23:4a:b0:c5:f6:4b:ff:5e:64:94:97:69:a6:96:16:d3:
         a9:97:2f:65:53:7c:f3:e0:a2:b5:53:79:bc:b5:2c:bd:8b:fd:
         0e:a5:34:30:b2:ab:de:74:22:37:55:e5:06:a5:0c:dd:fe:cd:
         9e:5a:4b:8a:de:f3:d6:fb:23:83:e8:bf:ff:5a:3a:e3:f5:b9:
         8a:63:bb:c8:9e:06:2a:56:43:89:2a:55:d5:54:d1:5a:86:c4:
         a6:5e:e7:b7:7e:44:5b:d8:55:7c:06:5b:5f:77:83:d8:cd:94:
         3a:b9:95:4e:e4:d3:41:78:3d:86:21:27:1f:5b:ed:96:f3:8c:
         d2:79:30:ad:64:1c:43:4b:3c:23:53:84:b2:a8:b8:df:37:c6:
         11:b8:2a:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbF3xKM09RUnvMB5rUVg+8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZjA1ZDRiZDVkNDJiNDE3NWFjYzYzNGFjY2YwZmZhMTg3
M2YwYWEwHhcNMjUwNTEyMTkwMDUyWhcNMjUwNTEzMTkwMDUyWjAzMTEwLwYDVQQD
EygzYTAwNGFkYjdiYjFjYmRmYzM2NzYzNzc4NTFhMmJjZWQ0NDhkYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GMr9Ri+xba70lOo5tPsZMTlKzTL
E4LjXQEGZMtBp79bd6CG/zG8blXGqTKD5ZwjSNtiXw7fc0ioTcPbWjkqqgW6/jRW
H2AZsWx906SoSyDBTypTBfIH0pq5DYbbGc1CqYFi9FloikSzN6fWhLZ7lnkIBhCo
ux4c3CibyqvtY/7C8u9Uz06GaFibx22yMC11su5LsTC9orEJqoUytyXIApT6nTdK
GMp5b0fWuDpDorX1eCf+TSUtkXR/ego03vD3PsUHlt82iBCVi7kPq0d2fi1kYaYg
dO8WVYxuMH+4JCT1bSd2eTs4V0hBSGYAs/8NsBfUaKPu8BB5cA1QOQRJ0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoAStt7scvfw2djd4UaK87USNvUMB8GA1UdIwQY
MBaAFJzwXUvV1CtBdazGNKzPD/oYc/CqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEt
OGJiYTVmYTNjMzE3LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84NzFkNzctMDhhYS00YTkxLTk5NmEtOGJiYTVmYTNjMzE3
LzEvblBCZFM5WFVLMEYxck1ZMHJNOFAtaGh6OEtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAkF6T435
KDzeYAC0EKIkzfZkflFMbZFcQZaM4xQ6OfjOu5FL1MKqipsV0r9F8PGPpBSgqMa0
Qgxz4q+YUngehxwYGXB2vJeL5Atkve7s+wOOSUDymywe1LC7Sp86j7pVLifyoyDz
duo30EQBM5ojSrDF9kv/XmSUl2mmlhbTqZcvZVN88+CitVN5vLUsvYv9DqU0MLKr
3nQiN1XlBqUM3f7NnlpLit7z1vsjg+i//1o64/W5imO7yJ4GKlZDiSpV1VTRWobE
pl7nt35EW9hVfAZbX3eD2M2UOrmVTuTTQXg9hiEnH1vtlvOM0nkwrWQcQ0s8I1OE
sqi43zfGEbgqFQ==
-----END CERTIFICATE-----