Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          bKYXBEgbRBTDBbbrUhunemW3UXtKX1CSTuc9D9RWs/o=
Subject key identifier:   C0:B0:DE:5F:A2:6C:88:4F:11:2E:B8:41:EC:17:90:47:7C:B6:A8:6A
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       0197B70EB46393CF7F03D70B1D7994FCFBDF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          1461
Signing time:             Sat 28 Jun 2025 15:01:23 +0000
Manifest this update:     Sat 28 Jun 2025 15:01:23 +0000
Manifest next update:     Sun 29 Jun 2025 15:01:23 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: NP4u+61vbEvnqFVM2fwTrklpTdGlhBynN57wjENfAiY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 15:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:0e:b4:63:93:cf:7f:03:d7:0b:1d:79:94:fc:fb:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: Jun 28 15:01:23 2025 GMT
            Not After : Jun 29 15:01:23 2025 GMT
        Subject: CN=c0b0de5fa26c884f112eb841ec1790477cb6a86a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:bc:29:8e:a2:99:0b:89:52:ab:20:c5:57:f8:
                    c9:7b:2c:65:6a:31:27:b6:c1:77:f9:b5:30:ac:11:
                    27:f4:99:ee:9d:af:f5:09:0c:d5:a6:e2:34:54:ca:
                    fc:f0:61:65:07:c1:e5:b2:b3:c1:c2:81:d6:4f:06:
                    d1:02:06:d6:a3:49:a0:72:42:5e:56:f0:ea:30:db:
                    ae:be:70:3a:aa:b2:79:db:cd:9d:ca:10:e8:7b:df:
                    5d:9c:4a:85:6f:22:a2:8f:ee:59:b2:36:55:1d:df:
                    c7:96:92:a1:68:d1:e3:df:fc:0c:23:dc:f9:0b:e4:
                    a8:62:15:2a:8a:2f:67:bc:63:41:0e:4f:c0:a9:21:
                    49:43:04:4b:ee:9b:e5:a8:06:ad:a0:ce:51:26:18:
                    f8:70:7f:aa:3c:ff:4c:b0:3a:4b:89:ce:0a:d1:60:
                    91:2c:6d:8f:92:f7:2e:57:b5:44:bd:39:1e:b6:96:
                    20:9c:56:23:31:cc:ec:48:4b:75:44:df:a1:b7:7c:
                    8e:54:00:c3:89:e2:d2:86:1a:2d:b1:de:bf:5f:80:
                    76:d2:ad:bd:4f:cf:83:9a:3b:34:1c:5a:1c:52:34:
                    a5:24:db:84:05:a1:a5:68:58:21:f0:8e:14:91:63:
                    94:d4:59:ee:6c:67:35:a0:4a:2a:7f:6a:d0:63:25:
                    cb:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:B0:DE:5F:A2:6C:88:4F:11:2E:B8:41:EC:17:90:47:7C:B6:A8:6A
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:9b:6c:f9:c8:a5:6c:77:b5:35:a0:86:4d:07:fc:b9:11:12:
         60:a0:72:28:9c:5d:8c:e9:05:d5:d0:20:49:26:6e:46:25:54:
         00:5e:19:66:9d:ac:4d:78:54:45:67:60:4b:dd:d5:f8:83:1d:
         79:52:4e:58:46:4f:2b:c8:1c:35:e4:8c:17:86:14:83:2f:ab:
         12:a4:d9:80:c2:2e:9e:ff:54:25:92:5a:61:dc:e1:4d:30:6a:
         22:6b:47:25:70:6e:7a:3d:6f:f6:98:79:48:d0:0d:c7:6c:51:
         6d:ab:67:d5:d2:d0:6e:b0:d6:7d:d2:1c:ad:74:fb:2d:0b:59:
         67:8f:65:f2:74:bb:57:c2:ef:ab:94:53:c2:ce:db:b2:b4:bc:
         98:21:07:69:9c:e9:39:62:95:b1:f9:a5:c4:f0:03:63:b4:29:
         d4:9a:5d:91:25:5b:c5:45:b4:84:51:b1:1a:5d:3a:f9:a5:af:
         f0:41:9b:f8:0f:92:57:f7:b4:91:ad:5d:e0:7e:e5:ba:23:8b:
         e1:88:c8:b6:90:cf:15:69:05:db:25:3a:35:42:f7:ae:c8:9c:
         41:f6:53:b6:48:32:db:92:b9:b3:e3:8d:c2:44:6c:22:f5:92:
         5b:a4:eb:4c:e7:72:4b:d8:79:ab:d4:ce:72:8a:f4:e3:04:20:
         2e:81:b5:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3DrRjk89/A9cLHXmU/PvfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUwNjI4MTUwMTIzWhcNMjUwNjI5MTUwMTIzWjAzMTEwLwYDVQQD
EyhjMGIwZGU1ZmEyNmM4ODRmMTEyZWI4NDFlYzE3OTA0NzdjYjZhODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rwpjqKZC4lSqyDFV/jJeyxlajEn
tsF3+bUwrBEn9Jnuna/1CQzVpuI0VMr88GFlB8HlsrPBwoHWTwbRAgbWo0mgckJe
VvDqMNuuvnA6qrJ5282dyhDoe99dnEqFbyKij+5ZsjZVHd/HlpKhaNHj3/wMI9z5
C+SoYhUqii9nvGNBDk/AqSFJQwRL7pvlqAatoM5RJhj4cH+qPP9MsDpLic4K0WCR
LG2PkvcuV7VEvTketpYgnFYjMczsSEt1RN+ht3yOVADDieLShhotsd6/X4B20q29
T8+Dmjs0HFocUjSlJNuEBaGlaFgh8I4UkWOU1FnubGc1oEoqf2rQYyXLAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCw3l+ibIhPES64QewXkEd8tqhqMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfJts+cil
bHe1NaCGTQf8uRESYKByKJxdjOkF1dAgSSZuRiVUAF4ZZp2sTXhURWdgS93V+IMd
eVJOWEZPK8gcNeSMF4YUgy+rEqTZgMIunv9UJZJaYdzhTTBqImtHJXBuej1v9ph5
SNANx2xRbatn1dLQbrDWfdIcrXT7LQtZZ49l8nS7V8Lvq5RTws7bsrS8mCEHaZzp
OWKVsfmlxPADY7Qp1JpdkSVbxUW0hFGxGl06+aWv8EGb+A+SV/e0ka1d4H7luiOL
4YjItpDPFWkF2yU6NUL3rsicQfZTtkgy25K5s+ONwkRsIvWSW6TrTOdyS9h5q9TO
cor04wQgLoG19Q==
-----END CERTIFICATE-----