Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          hXURu8d5GHP3atNX9tVeQauoQgDugcChXjyYJh/O/DM=
Subject key identifier:   44:B8:D4:2B:FC:A8:3C:2F:C2:FD:ED:54:45:47:4D:F3:77:47:62:59
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       0196C3B9E492F96C05C94886CA0C471E12E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          13E3
Signing time:             Mon 12 May 2025 09:01:01 +0000
Manifest this update:     Mon 12 May 2025 09:01:01 +0000
Manifest next update:     Tue 13 May 2025 09:01:01 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: gIyRwyA3nQP0IU0ak1rfX6ncd5Xg6Lg8JlNLiqRXuz8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 13 May 2025 09:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:c3:b9:e4:92:f9:6c:05:c9:48:86:ca:0c:47:1e:12:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: May 12 09:01:01 2025 GMT
            Not After : May 13 09:01:01 2025 GMT
        Subject: CN=44b8d42bfca83c2fc2fded5445474df377476259
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d3:98:41:79:73:17:54:05:fe:0b:cd:24:2b:
                    d3:87:98:a7:68:34:a5:fe:93:75:c2:68:ed:17:f9:
                    70:4b:6c:2c:dc:9f:1f:be:94:d8:5d:03:57:a4:7e:
                    d4:3d:f5:42:f8:b5:08:43:f9:11:f5:6e:dc:23:85:
                    60:ef:30:80:b3:4b:03:03:db:6c:6d:7d:93:0e:8c:
                    03:01:78:1d:03:fe:98:39:69:f2:c5:99:e7:51:4b:
                    a7:be:1e:1b:81:77:87:6e:fc:b2:90:a8:c9:6f:f7:
                    d1:89:ac:bc:0f:b6:9f:2e:98:67:c8:89:86:b4:1a:
                    14:31:97:71:27:d6:ab:90:c6:5e:9a:bc:43:8d:bb:
                    f5:1d:88:9c:f4:4c:27:1d:24:ed:ac:af:89:c3:5a:
                    5e:9d:91:57:dd:18:3f:08:75:52:de:cb:96:ff:c5:
                    3b:a0:cd:c0:67:13:9a:c8:f9:0f:65:35:95:95:51:
                    d4:80:b1:6b:5b:e2:7c:d6:3c:e5:06:7c:6c:39:e3:
                    b3:a7:24:47:f5:4a:c7:1f:53:16:be:d0:f5:3b:e2:
                    50:c3:c0:10:cc:5d:fb:c1:50:df:f2:3d:55:42:fa:
                    ac:2c:e2:7f:d2:6e:d8:82:c8:22:56:8d:00:e2:d1:
                    db:a6:91:f6:11:11:35:07:e6:06:1e:67:35:6f:36:
                    16:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:B8:D4:2B:FC:A8:3C:2F:C2:FD:ED:54:45:47:4D:F3:77:47:62:59
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:06:37:b0:70:94:a6:1e:1a:eb:97:31:d9:b6:d0:1b:c2:c5:
         3c:67:fa:3c:ef:50:58:ad:47:ba:90:24:cc:e2:d5:f4:62:6f:
         73:2e:ba:73:ab:f1:58:30:33:bd:a6:5b:25:bd:83:c8:07:2c:
         85:c7:87:86:a8:b0:37:7f:c8:01:5a:b5:62:10:e6:c4:51:3c:
         11:b8:9c:88:1b:7c:2a:68:34:88:b6:bd:00:58:c9:58:c3:5e:
         e2:b5:9f:f6:5a:b0:da:83:50:6e:66:93:43:0b:a5:84:fa:98:
         25:e8:ca:b5:f0:d7:82:08:22:ad:29:6d:1e:d2:c9:74:9a:44:
         72:30:68:09:db:a9:8b:54:46:fe:db:44:cc:fc:1d:4c:11:8b:
         b2:0d:01:d1:c4:71:ec:48:d5:cf:03:a3:fc:de:ff:11:6d:aa:
         b9:94:a6:91:fe:11:74:04:56:7c:19:0a:d8:68:5e:04:ba:d9:
         51:9a:ea:94:19:dd:e6:e1:cc:b2:e6:f5:47:df:01:00:c9:6c:
         3f:07:b9:9a:79:ec:9f:d8:d4:94:4e:91:6e:bb:20:98:06:ed:
         de:4b:67:ca:10:89:3f:e4:24:6f:2b:5f:79:4f:46:5a:38:3d:
         35:48:9d:75:d2:ed:b9:2e:03:7a:a5:c0:f3:86:6a:c7:02:2f:
         bc:36:30:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZbDueSS+WwFyUiGygxHHhLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUwNTEyMDkwMTAxWhcNMjUwNTEzMDkwMTAxWjAzMTEwLwYDVQQD
Eyg0NGI4ZDQyYmZjYTgzYzJmYzJmZGVkNTQ0NTQ3NGRmMzc3NDc2MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtOYQXlzF1QF/gvNJCvTh5inaDSl
/pN1wmjtF/lwS2ws3J8fvpTYXQNXpH7UPfVC+LUIQ/kR9W7cI4Vg7zCAs0sDA9ts
bX2TDowDAXgdA/6YOWnyxZnnUUunvh4bgXeHbvyykKjJb/fRiay8D7afLphnyImG
tBoUMZdxJ9arkMZemrxDjbv1HYic9EwnHSTtrK+Jw1penZFX3Rg/CHVS3suW/8U7
oM3AZxOayPkPZTWVlVHUgLFrW+J81jzlBnxsOeOzpyRH9UrHH1MWvtD1O+JQw8AQ
zF37wVDf8j1VQvqsLOJ/0m7YgsgiVo0A4tHbppH2ERE1B+YGHmc1bzYWkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFES41Cv8qDwvwv3tVEVHTfN3R2JZMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGgY3sHCU
ph4a65cx2bbQG8LFPGf6PO9QWK1HupAkzOLV9GJvcy66c6vxWDAzvaZbJb2DyAcs
hceHhqiwN3/IAVq1YhDmxFE8EbiciBt8Kmg0iLa9AFjJWMNe4rWf9lqw2oNQbmaT
QwulhPqYJejKtfDXgggirSltHtLJdJpEcjBoCdupi1RG/ttEzPwdTBGLsg0B0cRx
7EjVzwOj/N7/EW2quZSmkf4RdARWfBkK2GheBLrZUZrqlBnd5uHMsub1R98BAMls
Pwe5mnnsn9jUlE6RbrsgmAbt3ktnyhCJP+QkbytfeU9GWjg9NUidddLtuS4DeqXA
84ZqxwIvvDYwqw==
-----END CERTIFICATE-----