Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          iCgIG+S52UpnIqVSSYGcWwUEtoI8vEtFkgcsVAPD1xQ=
Subject key identifier:   C1:BD:B6:29:80:8F:87:9A:83:74:B1:59:4A:1A:F7:4C:CB:72:5A:B0
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       0196C91793DB8246FD708526AD19608144F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          0D48
Signing time:             Tue 13 May 2025 10:01:27 +0000
Manifest this update:     Tue 13 May 2025 10:01:27 +0000
Manifest next update:     Wed 14 May 2025 10:01:27 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: BnUgKcE9GKqqOuT2dJC6wn7PxohBzrZg8Fdhv8ks9Pw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 14 May 2025 10:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c9:17:93:db:82:46:fd:70:85:26:ad:19:60:81:44:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: May 13 10:01:27 2025 GMT
            Not After : May 14 10:01:27 2025 GMT
        Subject: CN=c1bdb629808f879a8374b1594a1af74ccb725ab0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:9a:e5:87:d3:37:6d:7c:8f:50:02:8d:2f:f5:
                    01:a4:83:8f:48:d7:23:f9:ff:e5:05:b2:84:c6:5f:
                    74:8f:75:b0:cf:7c:2c:75:b7:6c:99:c3:45:9b:1c:
                    b2:6e:18:2f:1a:74:76:a2:47:34:0f:df:47:2e:fd:
                    42:57:b3:4f:94:3e:f7:1d:24:bc:a6:cb:65:18:ec:
                    1d:48:61:76:7c:00:77:0b:1a:26:8d:8b:e5:5a:82:
                    c5:ca:e8:95:28:82:b5:2c:66:45:3b:6b:fd:72:27:
                    4a:c9:d0:c7:08:d9:d7:57:b5:cf:eb:10:61:21:23:
                    d9:b1:b6:89:38:d8:e4:a8:7f:c8:ab:44:48:16:31:
                    52:9c:9b:b1:84:cf:71:a8:a3:df:31:84:97:63:1e:
                    00:15:42:d4:e5:ef:a6:70:97:b2:6d:da:c6:93:68:
                    63:2f:2e:e4:5a:13:80:6a:eb:bf:85:86:18:76:8a:
                    8c:b9:f5:f7:5f:bb:9f:c2:44:8f:02:22:3f:91:03:
                    db:17:45:52:14:b8:29:70:9f:b1:60:92:5d:c0:20:
                    e7:9c:02:33:de:44:d2:d7:78:0d:5a:68:11:d5:7c:
                    5a:ea:71:f0:3f:a8:05:1e:66:9e:63:8f:72:1c:85:
                    cc:87:9f:92:f9:7d:10:6e:f8:93:ad:b4:d5:e7:b9:
                    b8:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:BD:B6:29:80:8F:87:9A:83:74:B1:59:4A:1A:F7:4C:CB:72:5A:B0
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:8f:e7:76:25:61:c8:43:9c:bd:74:7e:e2:1d:66:8f:6b:8e:
         f3:74:6e:9a:87:ec:69:68:42:fb:5e:a1:9b:9a:4a:5f:44:ec:
         ff:a8:60:28:6e:70:f2:bc:dd:8c:2d:79:30:e5:e9:65:90:51:
         b7:32:b7:53:e3:c0:66:f1:98:71:10:b0:38:9b:e2:4f:f0:a1:
         0e:52:ac:99:fb:79:b1:29:e8:b0:28:07:e1:e5:87:84:d6:93:
         e9:1f:98:60:e1:dc:b5:75:c5:20:bc:db:42:01:5f:ca:7f:8b:
         54:df:ae:08:e0:eb:6c:09:65:8a:47:f1:6c:4f:5d:19:33:df:
         94:4f:1c:9f:fa:7d:95:e8:93:62:d2:83:8f:98:cb:d6:ea:91:
         22:44:e7:0d:57:8b:6b:e3:86:36:cf:1d:fc:c5:61:88:0b:07:
         d8:82:ff:e3:76:a2:0e:80:35:62:8d:2d:f7:e0:9d:f1:28:70:
         ef:01:47:a0:7e:09:35:cf:df:b8:1f:c6:78:32:dc:60:a7:97:
         69:41:d7:37:8d:af:88:66:db:92:88:a9:27:0b:44:f8:b4:7c:
         a1:a8:8f:02:87:d2:1c:ea:94:2a:c1:75:48:ab:86:02:f8:da:
         8e:a0:0a:8d:b9:d8:71:1d:25:29:b3:23:f1:84:f3:ea:99:45:
         15:b6:33:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbJF5Pbgkb9cIUmrRlggUT3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjUwNTEzMTAwMTI3WhcNMjUwNTE0MTAwMTI3WjAzMTEwLwYDVQQD
EyhjMWJkYjYyOTgwOGY4NzlhODM3NGIxNTk0YTFhZjc0Y2NiNzI1YWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Jrlh9M3bXyPUAKNL/UBpIOPSNcj
+f/lBbKExl90j3Wwz3wsdbdsmcNFmxyybhgvGnR2okc0D99HLv1CV7NPlD73HSS8
pstlGOwdSGF2fAB3CxomjYvlWoLFyuiVKIK1LGZFO2v9cidKydDHCNnXV7XP6xBh
ISPZsbaJONjkqH/Iq0RIFjFSnJuxhM9xqKPfMYSXYx4AFULU5e+mcJeybdrGk2hj
Ly7kWhOAauu/hYYYdoqMufX3X7ufwkSPAiI/kQPbF0VSFLgpcJ+xYJJdwCDnnAIz
3kTS13gNWmgR1Xxa6nHwP6gFHmaeY49yHIXMh5+S+X0QbviTrbTV57m4WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMG9timAj4eag3SxWUoa90zLclqwMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALY/ndiVh
yEOcvXR+4h1mj2uO83RumofsaWhC+16hm5pKX0Ts/6hgKG5w8rzdjC15MOXpZZBR
tzK3U+PAZvGYcRCwOJviT/ChDlKsmft5sSnosCgH4eWHhNaT6R+YYOHctXXFILzb
QgFfyn+LVN+uCODrbAllikfxbE9dGTPflE8cn/p9leiTYtKDj5jL1uqRIkTnDVeL
a+OGNs8d/MVhiAsH2IL/43aiDoA1Yo0t9+Cd8Shw7wFHoH4JNc/fuB/GeDLcYKeX
aUHXN42viGbbkoipJwtE+LR8oaiPAofSHOqUKsF1SKuGAvjajqAKjbnYcR0lKbMj
8YTz6plFFbYzsA==
-----END CERTIFICATE-----