Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
File:                     ndVRnFTz4jtOEhKogIM58pXaSzQ.mft (raw, json)
Hash identifier:          YFbp2qYBrFBn+dw1NDPpcNPjR9RyTmFcd7IwCFnj4yg=
Subject key identifier:   25:B6:22:D6:16:F9:87:EE:F8:88:AA:1A:4B:01:B7:15:AC:7F:A3:1B
Authority key identifier: 9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34
Certificate issuer:       /CN=9dd5519c54f3e23b4e1212a8808339f295da4b34
Certificate serial:       0196C013B39AC7DE6B5DF3582E6521920B22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
Manifest number:          1532
Signing time:             Sun 11 May 2025 16:00:38 +0000
Manifest this update:     Sun 11 May 2025 16:00:38 +0000
Manifest next update:     Mon 12 May 2025 16:00:38 +0000
Files and hashes:         1: ndVRnFTz4jtOEhKogIM58pXaSzQ.crl (hash: ujr5pQz7R4dq6sjrm+0PLaHUH7hrsmtwsF0WWF81WZU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 12 May 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c0:13:b3:9a:c7:de:6b:5d:f3:58:2e:65:21:92:0b:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dd5519c54f3e23b4e1212a8808339f295da4b34
        Validity
            Not Before: May 11 16:00:38 2025 GMT
            Not After : May 12 16:00:38 2025 GMT
        Subject: CN=25b622d616f987eef888aa1a4b01b715ac7fa31b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:5c:43:f6:f1:6f:e7:34:d1:d6:d5:cb:4f:19:
                    08:e5:af:ba:c9:17:54:82:42:ed:56:bb:41:94:47:
                    3f:d6:1e:a5:8d:a0:53:dd:3e:91:ca:10:f3:d4:5e:
                    6a:2e:2f:d3:44:21:b4:67:75:d3:50:25:4a:c0:09:
                    66:02:de:2e:a3:e3:db:63:1a:28:3c:05:6b:24:d5:
                    02:6a:e5:a2:de:8a:a3:76:2a:8e:78:a0:22:67:6f:
                    f3:66:95:84:b0:5b:48:82:3b:22:f4:c1:2a:75:34:
                    cf:96:25:b4:4f:f4:06:d0:09:c8:1c:31:ef:75:5b:
                    39:ce:09:6e:a6:e4:fb:91:0d:81:e3:b4:58:c3:15:
                    a1:65:2c:01:61:ea:10:26:68:ec:d6:d1:d6:6c:cd:
                    a8:82:1d:36:c4:0a:cf:37:f9:5f:7b:6f:b8:61:bc:
                    e8:60:c6:4e:cf:9e:b5:20:51:8e:9f:44:89:84:59:
                    c7:64:1f:87:90:08:97:c9:18:69:11:e2:c4:c3:3e:
                    6a:ad:4b:cf:97:f1:35:e9:cb:cf:a4:40:3f:af:49:
                    b8:ff:ba:bd:e2:74:b2:cc:aa:45:7e:e1:15:55:8d:
                    4c:13:70:17:43:35:46:4b:2e:61:2b:b3:43:73:65:
                    a4:1a:05:af:9b:9d:c1:46:f3:7a:2c:cb:2e:63:8f:
                    e2:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:B6:22:D6:16:F9:87:EE:F8:88:AA:1A:4B:01:B7:15:AC:7F:A3:1B
            X509v3 Authority Key Identifier:
                keyid:9D:D5:51:9C:54:F3:E2:3B:4E:12:12:A8:80:83:39:F2:95:DA:4B:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndVRnFTz4jtOEhKogIM58pXaSzQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1509a1-944f-488d-914f-8f8a7711717f/1/ndVRnFTz4jtOEhKogIM58pXaSzQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:29:2d:9a:b5:d9:51:de:f2:5e:47:17:cc:73:19:b4:53:7a:
         ee:09:4a:24:2c:d6:42:a4:8a:47:cc:b2:dc:5c:ce:f9:ea:dc:
         3a:cb:6a:a2:f1:1e:b3:2f:fa:69:b7:af:12:c8:47:47:54:40:
         4b:e5:02:b4:bf:90:74:79:ff:73:a1:31:8f:a6:e9:ff:5d:0c:
         7f:1a:4c:38:72:77:f5:88:aa:ab:1b:3e:53:29:5b:ff:bd:19:
         84:3f:a1:38:eb:1f:df:46:17:24:df:03:83:ac:ed:96:c1:80:
         99:21:3a:50:ac:30:d5:34:72:5a:57:b5:6d:c9:51:3a:7a:2f:
         d6:47:39:06:67:63:78:77:d2:af:79:dd:bf:d5:ef:ce:25:05:
         ff:9d:52:41:6e:74:12:c9:b5:06:4c:ee:b0:28:af:57:31:b0:
         bf:dd:1a:67:1e:41:b6:33:d7:e5:a2:a0:60:47:43:5f:8e:b9:
         3b:d6:fb:1c:7b:71:ff:c1:86:08:00:49:56:1e:49:52:da:51:
         9e:37:56:4a:d9:34:1e:12:af:9a:1a:ed:f7:af:61:6a:56:d3:
         4e:df:d7:bb:32:89:44:e0:54:11:0f:36:c0:1f:90:8b:b4:c2:
         37:17:c0:c9:c4:e8:b1:5a:86:49:7e:21:a7:da:e2:94:0f:4e:
         cd:96:a1:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbAE7Oax95rXfNYLmUhkgsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZDU1MTljNTRmM2UyM2I0ZTEyMTJhODgwODMzOWYyOTVk
YTRiMzQwHhcNMjUwNTExMTYwMDM4WhcNMjUwNTEyMTYwMDM4WjAzMTEwLwYDVQQD
EygyNWI2MjJkNjE2Zjk4N2VlZjg4OGFhMWE0YjAxYjcxNWFjN2ZhMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVxD9vFv5zTR1tXLTxkI5a+6yRdU
gkLtVrtBlEc/1h6ljaBT3T6RyhDz1F5qLi/TRCG0Z3XTUCVKwAlmAt4uo+PbYxoo
PAVrJNUCauWi3oqjdiqOeKAiZ2/zZpWEsFtIgjsi9MEqdTTPliW0T/QG0AnIHDHv
dVs5zglupuT7kQ2B47RYwxWhZSwBYeoQJmjs1tHWbM2ogh02xArPN/lfe2+4Ybzo
YMZOz561IFGOn0SJhFnHZB+HkAiXyRhpEeLEwz5qrUvPl/E16cvPpEA/r0m4/7q9
4nSyzKpFfuEVVY1ME3AXQzVGSy5hK7NDc2WkGgWvm53BRvN6LMsuY4/iowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCW2ItYW+Yfu+IiqGksBtxWsf6MbMB8GA1UdIwQY
MBaAFJ3VUZxU8+I7ThISqICDOfKV2ks0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYt
OGY4YTc3MTE3MTdmLzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xNTA5YTEtOTQ0Zi00ODhkLTkxNGYtOGY4YTc3MTE3MTdm
LzEvbmRWUm5GVHo0anRPRWhLb2dJTTU4cFhhU3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgCktmrXZ
Ud7yXkcXzHMZtFN67glKJCzWQqSKR8yy3FzO+ercOstqovEesy/6abevEshHR1RA
S+UCtL+QdHn/c6Exj6bp/10MfxpMOHJ39Yiqqxs+Uylb/70ZhD+hOOsf30YXJN8D
g6ztlsGAmSE6UKww1TRyWle1bclROnov1kc5BmdjeHfSr3ndv9XvziUF/51SQW50
Esm1BkzusCivVzGwv90aZx5BtjPX5aKgYEdDX465O9b7HHtx/8GGCABJVh5JUtpR
njdWStk0HhKvmhrt969halbTTt/XuzKJROBUEQ82wB+Qi7TCNxfAycTosVqGSX4h
p9rilA9OzZahtw==
-----END CERTIFICATE-----