Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          5F9s8P33D2QDZpMuljNRUvC+KoEUhLZUBPcArQ7+ygc=
Subject key identifier:   E2:53:A8:A8:E0:CC:57:CB:F2:32:BC:EB:A2:A6:61:94:E5:2E:0C:24
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       0196C6BA749FC456C0B7E15F0047EE4DB65E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          02F6
Signing time:             Mon 12 May 2025 23:00:30 +0000
Manifest this update:     Mon 12 May 2025 23:00:30 +0000
Manifest next update:     Tue 13 May 2025 23:00:30 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: g+qepouDjNkOc4AgT8qtcnoFR0Q/mYZ2SDFPoQmVWd4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 23:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c6:ba:74:9f:c4:56:c0:b7:e1:5f:00:47:ee:4d:b6:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: May 12 23:00:30 2025 GMT
            Not After : May 13 23:00:30 2025 GMT
        Subject: CN=e253a8a8e0cc57cbf232bceba2a66194e52e0c24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:0f:e6:4a:3e:5d:93:82:50:d2:d7:d4:ea:45:
                    30:cb:38:99:6d:79:18:7b:b3:33:21:da:bb:d5:cd:
                    73:d9:60:6f:7c:7c:14:13:00:69:17:90:b9:68:bf:
                    72:a1:a1:89:69:be:8a:a0:7b:63:d8:c7:79:92:81:
                    c3:3c:99:9a:38:43:c9:df:79:bb:ef:6e:bf:e6:1d:
                    32:46:85:28:b0:47:e7:ff:6f:dc:56:82:e0:ef:de:
                    fe:6b:c4:c8:bc:ec:2b:d9:17:10:2f:ec:fc:16:07:
                    7a:21:29:7d:63:e3:d4:30:3f:d3:20:e9:8f:ec:41:
                    06:27:45:cf:1b:cd:92:ac:92:c6:ec:0b:a3:19:c6:
                    7e:e7:4f:34:2a:8f:ae:72:e7:30:16:d1:21:41:76:
                    92:b9:e5:54:3c:73:02:b4:d9:a5:28:83:b7:9a:24:
                    6e:ae:f2:3e:6a:ea:4f:ba:4a:ee:84:de:be:55:58:
                    59:72:b1:c9:39:7b:08:56:b3:85:39:f3:21:8e:5d:
                    a1:20:be:2c:f4:a2:bd:9d:40:fc:34:c8:48:da:a6:
                    0e:cb:4f:28:05:a9:6b:9e:de:67:0c:bf:c6:67:16:
                    30:75:a2:6b:a7:2c:fd:4b:1f:44:f1:37:1d:fe:cc:
                    e8:81:a8:f0:b3:39:19:8a:d1:58:aa:64:93:1e:91:
                    c1:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:53:A8:A8:E0:CC:57:CB:F2:32:BC:EB:A2:A6:61:94:E5:2E:0C:24
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:d3:cc:df:fe:d9:52:49:5f:03:39:de:f2:82:14:6c:52:33:
         33:09:e2:73:bb:5d:57:ea:23:ae:d9:5a:45:8c:4e:21:0e:d5:
         24:c5:65:79:97:f6:40:92:d1:dd:72:7a:fd:0b:ec:8b:89:21:
         0f:1c:cc:9a:6c:94:0a:42:d7:f9:03:bf:a4:7f:9e:6c:fb:28:
         bb:af:4c:01:70:13:f6:43:0a:d6:80:00:28:f8:05:34:dd:dc:
         b0:51:b7:f7:ac:31:d5:60:ef:c1:d1:cd:38:08:82:2e:61:c8:
         a9:0a:c4:16:1a:9d:0d:a9:45:b9:b2:03:fc:26:36:13:61:8a:
         50:63:70:7c:a7:24:a3:3c:a2:20:3b:05:06:6f:4b:ae:b8:47:
         62:4e:1d:45:5b:4c:35:fc:67:d8:16:89:d8:1c:4e:00:1c:73:
         dd:f4:1c:cf:9d:9b:f9:59:ac:0c:73:7c:5f:58:0c:45:fb:9c:
         bd:18:55:a7:9f:ca:2f:3a:93:46:06:f9:0e:18:14:81:4e:72:
         dc:6f:2a:13:b4:9f:de:91:be:82:35:92:df:ba:5f:0e:6e:d7:
         d1:20:5c:06:a3:43:f7:f2:af:16:8c:08:e7:5c:24:7c:9d:fe:
         49:a1:3b:cd:16:22:fd:c0:22:a0:6a:11:ab:83:11:82:64:44:
         e2:c1:af:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbGunSfxFbAt+FfAEfuTbZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjUwNTEyMjMwMDMwWhcNMjUwNTEzMjMwMDMwWjAzMTEwLwYDVQQD
EyhlMjUzYThhOGUwY2M1N2NiZjIzMmJjZWJhMmE2NjE5NGU1MmUwYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6w/mSj5dk4JQ0tfU6kUwyziZbXkY
e7MzIdq71c1z2WBvfHwUEwBpF5C5aL9yoaGJab6KoHtj2Md5koHDPJmaOEPJ33m7
726/5h0yRoUosEfn/2/cVoLg797+a8TIvOwr2RcQL+z8Fgd6ISl9Y+PUMD/TIOmP
7EEGJ0XPG82SrJLG7AujGcZ+5080Ko+ucucwFtEhQXaSueVUPHMCtNmlKIO3miRu
rvI+aupPukruhN6+VVhZcrHJOXsIVrOFOfMhjl2hIL4s9KK9nUD8NMhI2qYOy08o
Balrnt5nDL/GZxYwdaJrpyz9Sx9E8Tcd/szogajwszkZitFYqmSTHpHBCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJTqKjgzFfL8jK866KmYZTlLgwkMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAItPM3/7Z
UklfAzne8oIUbFIzMwnic7tdV+ojrtlaRYxOIQ7VJMVleZf2QJLR3XJ6/Qvsi4kh
DxzMmmyUCkLX+QO/pH+ebPsou69MAXAT9kMK1oAAKPgFNN3csFG396wx1WDvwdHN
OAiCLmHIqQrEFhqdDalFubID/CY2E2GKUGNwfKckozyiIDsFBm9LrrhHYk4dRVtM
Nfxn2BaJ2BxOABxz3fQcz52b+VmsDHN8X1gMRfucvRhVp5/KLzqTRgb5DhgUgU5y
3G8qE7Sf3pG+gjWS37pfDm7X0SBcBqND9/KvFowI51wkfJ3+SaE7zRYi/cAioGoR
q4MRgmRE4sGvVw==
-----END CERTIFICATE-----