Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          46gX0ZwofPg886vTGFPddtEokznSM33eYFQCo29C7xE=
Subject key identifier:   70:CD:35:A1:7D:CD:68:F3:FA:44:B9:C9:6B:52:A2:FA:2D:A5:6F:8E
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       0197B821451CC29E623474BBB88E8A22D779
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          0373
Signing time:             Sat 28 Jun 2025 20:01:17 +0000
Manifest this update:     Sat 28 Jun 2025 20:01:17 +0000
Manifest next update:     Sun 29 Jun 2025 20:01:17 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: gvE7sY0pC14UDINhdfTgNYUJaWSX6FIA1Bwcj+PLZYQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:21:45:1c:c2:9e:62:34:74:bb:b8:8e:8a:22:d7:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Jun 28 20:01:17 2025 GMT
            Not After : Jun 29 20:01:17 2025 GMT
        Subject: CN=70cd35a17dcd68f3fa44b9c96b52a2fa2da56f8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:20:21:8b:e3:14:d8:a3:d2:bc:13:be:64:be:
                    5b:66:4f:ec:74:6b:d0:04:56:f2:2f:e5:db:2e:03:
                    a2:8b:6e:89:6f:17:fb:b5:ad:7a:39:99:d6:3a:94:
                    73:43:87:4e:25:4c:11:bf:74:e5:09:ce:24:48:68:
                    72:89:28:b2:62:bc:f6:e9:ee:44:a3:f8:29:16:90:
                    2e:0a:22:29:b9:b6:be:1b:0e:20:9e:3f:21:65:4b:
                    dd:7a:b4:e7:5e:56:68:20:70:39:f5:31:f7:c9:d5:
                    6c:51:3e:c7:01:38:23:c0:04:e2:68:21:fe:24:b1:
                    e6:32:b0:c7:d3:73:71:a3:d2:d1:80:fa:bb:c3:da:
                    0d:eb:a7:73:0b:40:14:d2:10:cb:35:e4:d1:96:59:
                    23:67:bf:a9:92:9b:cf:91:20:90:c7:90:52:9d:53:
                    4f:da:09:3b:73:54:96:cd:de:1a:30:5c:5e:26:43:
                    6c:68:ee:26:a1:57:74:ce:70:aa:2c:c0:8c:14:38:
                    88:b1:1a:f9:eb:59:e4:74:99:f1:52:82:e0:60:ea:
                    99:03:ff:a7:83:1a:01:ec:47:73:12:3b:3a:79:62:
                    17:6d:d0:b4:b2:cb:bb:ae:a9:e5:b1:4f:78:4b:1d:
                    fd:7f:ac:1f:3d:bb:60:5c:95:d3:08:ff:ca:1f:c7:
                    8d:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:CD:35:A1:7D:CD:68:F3:FA:44:B9:C9:6B:52:A2:FA:2D:A5:6F:8E
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:04:fb:e6:ed:08:cd:a7:7e:8c:43:b1:d2:3b:fc:1d:63:be:
         e7:81:5d:00:b0:62:0e:d9:47:2c:c9:a9:99:69:d5:8f:0c:ac:
         dc:67:38:0c:dc:75:80:75:8b:fe:14:1f:19:38:70:48:da:bb:
         75:ca:96:77:db:83:8a:73:a9:db:bb:8e:f2:a9:11:2a:d8:13:
         01:9d:a7:ed:10:75:2d:09:e8:06:b5:db:f8:bc:90:b2:a8:5c:
         b7:0f:ee:0b:98:b9:57:d2:70:e7:03:b5:0a:01:b2:25:fe:1d:
         b2:46:e2:90:af:54:48:42:56:37:ce:78:ce:74:df:00:09:56:
         f3:3e:c5:1d:41:f9:94:1d:83:85:de:a7:02:b8:81:7c:9e:80:
         ae:27:b9:64:f7:74:31:63:80:ec:52:c5:1d:06:b2:21:ff:f8:
         47:44:b7:2f:37:07:24:be:30:2c:f5:c8:70:ff:03:b5:b6:b2:
         f3:32:bf:af:be:94:63:64:c7:c8:e3:fa:91:ae:bb:5c:c5:39:
         e6:d3:77:34:a0:07:c6:32:38:7e:63:90:aa:d3:26:29:b0:69:
         7e:db:9a:4b:1d:f8:63:b5:01:de:b0:e7:7d:82:13:cc:27:1f:
         35:f3:7d:63:5f:c6:b3:29:7a:35:34:23:d3:7f:7e:9f:ef:bd:
         e6:2c:0d:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4IUUcwp5iNHS7uI6KItd5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjUwNjI4MjAwMTE3WhcNMjUwNjI5MjAwMTE3WjAzMTEwLwYDVQQD
Eyg3MGNkMzVhMTdkY2Q2OGYzZmE0NGI5Yzk2YjUyYTJmYTJkYTU2ZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSAhi+MU2KPSvBO+ZL5bZk/sdGvQ
BFbyL+XbLgOii26Jbxf7ta16OZnWOpRzQ4dOJUwRv3TlCc4kSGhyiSiyYrz26e5E
o/gpFpAuCiIpuba+Gw4gnj8hZUvderTnXlZoIHA59TH3ydVsUT7HATgjwATiaCH+
JLHmMrDH03Nxo9LRgPq7w9oN66dzC0AU0hDLNeTRllkjZ7+pkpvPkSCQx5BSnVNP
2gk7c1SWzd4aMFxeJkNsaO4moVd0znCqLMCMFDiIsRr561nkdJnxUoLgYOqZA/+n
gxoB7EdzEjs6eWIXbdC0ssu7rqnlsU94Sx39f6wfPbtgXJXTCP/KH8eNNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDNNaF9zWjz+kS5yWtSovotpW+OMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdgT75u0I
zad+jEOx0jv8HWO+54FdALBiDtlHLMmpmWnVjwys3Gc4DNx1gHWL/hQfGThwSNq7
dcqWd9uDinOp27uO8qkRKtgTAZ2n7RB1LQnoBrXb+LyQsqhctw/uC5i5V9Jw5wO1
CgGyJf4dskbikK9USEJWN854znTfAAlW8z7FHUH5lB2Dhd6nAriBfJ6Arie5ZPd0
MWOA7FLFHQayIf/4R0S3LzcHJL4wLPXIcP8Dtbay8zK/r76UY2THyOP6ka67XMU5
5tN3NKAHxjI4fmOQqtMmKbBpftuaSx34Y7UB3rDnfYITzCcfNfN9Y1/Gsyl6NTQj
039+n++95iwN0A==
-----END CERTIFICATE-----