Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
File:                     Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft (raw, json)
Hash identifier:          d4cb/UCzdkxTf2V0dkENynEjtB1DH20TRkEB3DqQYYA=
Subject key identifier:   96:D7:20:D7:02:08:1E:AD:F5:21:4A:6A:C4:6D:C1:91:0E:28:3E:90
Authority key identifier: 36:FD:F6:8C:EC:A3:76:9E:91:B0:E7:64:8D:1F:95:58:ED:4C:7C:29
Certificate issuer:       /CN=36fdf68ceca3769e91b0e7648d1f9558ed4c7c29
Certificate serial:       0197B8901B8EB3D914F973522C8CBF176D62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
Manifest number:          0C49
Signing time:             Sat 28 Jun 2025 22:02:21 +0000
Manifest this update:     Sat 28 Jun 2025 22:02:21 +0000
Manifest next update:     Sun 29 Jun 2025 22:02:21 +0000
Files and hashes:         1: Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl (hash: MlDl5D+Gw2jSjQXVY5oAWJzpQ4pjHYTQwmEQ6t79jeY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 22:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b8:90:1b:8e:b3:d9:14:f9:73:52:2c:8c:bf:17:6d:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36fdf68ceca3769e91b0e7648d1f9558ed4c7c29
        Validity
            Not Before: Jun 28 22:02:21 2025 GMT
            Not After : Jun 29 22:02:21 2025 GMT
        Subject: CN=96d720d702081eadf5214a6ac46dc1910e283e90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:40:e7:9f:3a:cd:4b:37:b9:3c:30:33:ef:2c:
                    8b:52:7a:50:7d:e2:f3:c7:52:86:78:28:8d:7d:7e:
                    1c:22:c5:d9:65:18:ec:bd:da:83:46:40:00:50:44:
                    68:50:9d:25:f4:d9:37:81:c8:84:1c:ac:de:77:0e:
                    19:07:b9:ff:82:0d:fc:d2:51:d1:74:1f:6c:27:d4:
                    49:de:d1:24:7f:ae:29:22:75:97:99:69:44:cb:5d:
                    0e:97:52:4c:42:04:58:d7:7d:5b:e4:dc:c2:ac:a3:
                    0e:9a:50:d7:23:7e:ee:de:a3:6d:54:c0:85:e6:44:
                    10:ec:98:fd:2e:37:01:1c:43:c5:d8:f8:80:52:67:
                    1e:e2:3e:bd:65:b0:39:7a:65:22:b6:ad:d8:d7:a7:
                    07:ec:03:07:b4:c1:69:59:a0:47:84:91:51:a0:b0:
                    7b:a3:0e:0b:a7:7b:b7:ae:16:11:f3:a5:0b:ee:6d:
                    cb:2b:01:ad:5b:0b:e7:b1:78:8c:f2:0e:91:2a:9a:
                    19:1f:f9:11:93:a0:f6:b1:fe:af:d2:76:7b:62:79:
                    06:05:44:5b:37:81:5d:f7:ea:fc:53:00:eb:64:bf:
                    76:58:06:71:ae:a8:e6:8a:92:69:35:d7:8a:2b:88:
                    07:7c:b9:ac:8b:0b:d1:58:44:09:8b:51:ce:51:62:
                    be:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:D7:20:D7:02:08:1E:AD:F5:21:4A:6A:C4:6D:C1:91:0E:28:3E:90
            X509v3 Authority Key Identifier:
                keyid:36:FD:F6:8C:EC:A3:76:9E:91:B0:E7:64:8D:1F:95:58:ED:4C:7C:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv32jOyjdp6RsOdkjR-VWO1MfCk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/0109db-0333-498a-b6b6-35238040e8f9/1/Nv32jOyjdp6RsOdkjR-VWO1MfCk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:17:99:6a:ff:c5:63:cb:4c:8f:98:6d:f7:19:f1:bb:86:3f:
         09:d9:b4:a5:63:c0:dd:79:14:40:ab:c6:3c:a5:ea:c0:9c:53:
         36:17:bd:a0:97:b3:82:d8:ea:cf:6d:7c:35:3d:50:9c:0d:c1:
         ba:e5:84:9d:be:e9:26:ad:e7:5d:37:79:ca:5d:52:84:b8:61:
         23:47:d5:ee:ad:57:88:4c:69:12:9f:85:e5:00:5f:8e:06:de:
         1b:99:bf:77:01:d3:ba:9a:23:ca:bb:ee:d4:61:b5:1b:37:47:
         8a:94:a0:28:46:e6:a7:00:11:cf:78:56:af:ac:a0:2d:47:62:
         2e:c7:f3:a1:15:eb:89:59:aa:52:be:1c:b6:45:b1:48:3d:b0:
         01:64:97:79:fb:ec:ae:4f:42:f5:40:d7:04:57:cf:6a:fa:ad:
         0f:c0:3d:63:45:2a:3e:d0:d0:ab:d7:aa:65:cb:34:82:de:52:
         4d:d8:21:b0:01:1b:d8:46:84:f7:47:8f:0f:c5:2b:1c:4c:03:
         9b:e7:e0:66:ff:fa:e6:28:b6:54:05:df:ad:5f:59:9e:2c:7c:
         b6:c6:b6:9e:41:0c:42:28:d4:0a:19:5b:9d:53:88:76:5b:8d:
         d5:e4:9e:0f:42:fd:35:79:fe:89:aa:f6:15:18:2f:a9:76:f6:
         b4:8f:95:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kBuOs9kU+XNSLIy/F21iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmRmNjhjZWNhMzc2OWU5MWIwZTc2NDhkMWY5NTU4ZWQ0
YzdjMjkwHhcNMjUwNjI4MjIwMjIxWhcNMjUwNjI5MjIwMjIxWjAzMTEwLwYDVQQD
Eyg5NmQ3MjBkNzAyMDgxZWFkZjUyMTRhNmFjNDZkYzE5MTBlMjgzZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUDnnzrNSze5PDAz7yyLUnpQfeLz
x1KGeCiNfX4cIsXZZRjsvdqDRkAAUERoUJ0l9Nk3gciEHKzedw4ZB7n/gg380lHR
dB9sJ9RJ3tEkf64pInWXmWlEy10Ol1JMQgRY131b5NzCrKMOmlDXI37u3qNtVMCF
5kQQ7Jj9LjcBHEPF2PiAUmce4j69ZbA5emUitq3Y16cH7AMHtMFpWaBHhJFRoLB7
ow4Lp3u3rhYR86UL7m3LKwGtWwvnsXiM8g6RKpoZH/kRk6D2sf6v0nZ7YnkGBURb
N4Fd9+r8UwDrZL92WAZxrqjmipJpNdeKK4gHfLmsiwvRWEQJi1HOUWK+xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJbXINcCCB6t9SFKasRtwZEOKD6QMB8GA1UdIwQY
MBaAFDb99ozso3aekbDnZI0flVjtTHwpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMTA5ZGItMDMzMy00OThhLWI2YjYt
MzUyMzgwNDBlOGY5LzEvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMTA5ZGItMDMzMy00OThhLWI2YjYtMzUyMzgwNDBlOGY5
LzEvTnYzMmpPeWpkcDZSc09ka2pSLVZXTzFNZkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACBeZav/F
Y8tMj5ht9xnxu4Y/Cdm0pWPA3XkUQKvGPKXqwJxTNhe9oJezgtjqz218NT1QnA3B
uuWEnb7pJq3nXTd5yl1ShLhhI0fV7q1XiExpEp+F5QBfjgbeG5m/dwHTupojyrvu
1GG1GzdHipSgKEbmpwARz3hWr6ygLUdiLsfzoRXriVmqUr4ctkWxSD2wAWSXefvs
rk9C9UDXBFfPavqtD8A9Y0UqPtDQq9eqZcs0gt5STdghsAEb2EaE90ePD8UrHEwD
m+fgZv/65ii2VAXfrV9Znix8tsa2nkEMQijUChlbnVOIdluN1eSeD0L9NXn+iar2
FRgvqXb2tI+Vcw==
-----END CERTIFICATE-----