Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
File:                     nxFouFcXoUZmABtbL2yQgBmX3gY.mft (raw, json)
Hash identifier:          dKOlq+/fTWKHjGMiIU7M6t7ypeN9zHzsg+F9T2a3xWU=
Subject key identifier:   46:BB:7C:4F:F2:E3:89:6A:0F:F2:9D:5A:1E:B2:29:B5:10:B1:19:B0
Authority key identifier: 9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06
Certificate issuer:       /CN=9f1168b85717a14666001b5b2f6c90801997de06
Certificate serial:       0196A1D26681F00AF86406380962D4FBE1B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
Manifest number:          02D7
Signing time:             Mon 05 May 2025 19:00:42 +0000
Manifest this update:     Mon 05 May 2025 19:00:42 +0000
Manifest next update:     Tue 06 May 2025 19:00:42 +0000
Files and hashes:         1: nxFouFcXoUZmABtbL2yQgBmX3gY.crl (hash: acBKT9HfF6nLepHVqNucTriatQofpebUMSIh9NVYLT8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 06 May 2025 18:19:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:a1:d2:66:81:f0:0a:f8:64:06:38:09:62:d4:fb:e1:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f1168b85717a14666001b5b2f6c90801997de06
        Validity
            Not Before: May  5 19:00:42 2025 GMT
            Not After : May  6 19:00:42 2025 GMT
        Subject: CN=46bb7c4ff2e3896a0ff29d5a1eb229b510b119b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:79:5e:ba:58:cc:1f:2e:28:ef:7c:e6:23:03:
                    9a:9c:3e:2e:e3:d7:68:c0:f7:f6:30:4a:39:33:ad:
                    43:3c:9e:d9:99:ff:12:2b:5b:9b:70:d1:15:48:77:
                    4f:f9:a6:5a:54:7c:b3:ec:aa:f5:bf:5d:d7:5f:4d:
                    5a:20:75:fb:43:94:cf:9a:75:ea:96:08:7c:3d:b5:
                    aa:e6:09:5e:6b:8c:dd:6b:9c:08:3d:59:74:8b:8a:
                    52:b0:b0:70:f6:4b:ca:67:40:ef:66:db:6a:08:87:
                    6e:ce:5a:1b:87:15:40:dc:b0:26:03:87:52:ed:27:
                    b4:83:2e:87:4a:f9:be:06:b6:9d:d6:f6:4a:a5:46:
                    45:7e:1a:3f:a9:af:65:86:a3:fe:98:1d:06:3f:28:
                    6f:71:7d:62:46:6f:a5:cb:40:d0:9b:1b:73:2d:79:
                    72:48:6d:b1:bc:f5:74:fc:03:cf:58:b2:a8:5b:ec:
                    c7:96:78:10:cf:88:33:2e:b7:86:5c:e5:4f:0e:97:
                    d8:d6:b4:24:9d:a6:36:2b:06:9e:3c:5d:dc:77:24:
                    88:f2:8d:c3:0f:f9:71:52:fb:14:13:bf:34:c6:63:
                    d1:41:d8:c6:70:26:55:dd:eb:cf:ca:7c:4f:aa:d0:
                    01:fb:f1:d6:48:d6:de:63:ed:8e:82:a9:2f:bd:b3:
                    60:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:BB:7C:4F:F2:E3:89:6A:0F:F2:9D:5A:1E:B2:29:B5:10:B1:19:B0
            X509v3 Authority Key Identifier:
                keyid:9F:11:68:B8:57:17:A1:46:66:00:1B:5B:2F:6C:90:80:19:97:DE:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxFouFcXoUZmABtbL2yQgBmX3gY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8f658c-3fac-498d-b95e-f4219beddb37/1/nxFouFcXoUZmABtbL2yQgBmX3gY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:db:5d:9e:78:b8:c5:eb:4b:cc:e9:a8:70:c5:c4:7b:51:7d:
         86:7f:1e:e4:93:4f:19:d8:11:15:fb:f1:22:35:1c:cd:01:12:
         54:9e:e9:e8:e1:ad:e1:5a:6a:9b:3f:6d:a1:1b:52:53:21:07:
         71:34:3f:33:0f:fe:f2:f9:9a:2a:a6:05:8d:a2:81:cf:40:17:
         95:fa:85:38:10:ad:9f:de:79:b2:a1:54:ca:42:1d:30:92:20:
         50:18:6c:3e:ad:44:aa:b1:ee:ed:88:95:42:5d:fb:20:fa:f6:
         03:ba:9e:41:02:56:76:aa:0c:32:d5:ed:b1:d0:ce:1c:b2:6b:
         91:f6:ad:95:71:71:76:ca:2a:68:85:cc:a4:6a:f8:97:a0:43:
         a6:1b:ad:df:a5:37:65:b8:28:2c:c1:3e:82:2c:33:44:f0:ad:
         01:a4:f3:bc:73:5b:52:ae:2b:dd:42:33:cf:97:6d:54:ca:3b:
         a4:6c:c8:41:50:8b:f1:aa:df:a7:dc:f9:0d:d5:06:8a:cf:8d:
         90:7f:fe:9f:34:8e:d3:93:f5:86:88:38:cb:34:dd:09:20:70:
         33:5c:da:6c:d0:49:a8:28:94:e9:ae:56:2d:65:bc:fe:b0:e7:
         7b:4c:91:6a:d5:90:1f:29:1e:69:1f:eb:3f:6f:db:a1:1d:fd:
         44:cb:d0:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZah0maB8Ar4ZAY4CWLU++GwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMTE2OGI4NTcxN2ExNDY2NjAwMWI1YjJmNmM5MDgwMTk5
N2RlMDYwHhcNMjUwNTA1MTkwMDQyWhcNMjUwNTA2MTkwMDQyWjAzMTEwLwYDVQQD
Eyg0NmJiN2M0ZmYyZTM4OTZhMGZmMjlkNWExZWIyMjliNTEwYjExOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HleuljMHy4o73zmIwOanD4u49do
wPf2MEo5M61DPJ7Zmf8SK1ubcNEVSHdP+aZaVHyz7Kr1v13XX01aIHX7Q5TPmnXq
lgh8PbWq5glea4zda5wIPVl0i4pSsLBw9kvKZ0DvZttqCIduzlobhxVA3LAmA4dS
7Se0gy6HSvm+Brad1vZKpUZFfho/qa9lhqP+mB0GPyhvcX1iRm+ly0DQmxtzLXly
SG2xvPV0/APPWLKoW+zHlngQz4gzLreGXOVPDpfY1rQknaY2KwaePF3cdySI8o3D
D/lxUvsUE780xmPRQdjGcCZV3evPynxPqtAB+/HWSNbeY+2OgqkvvbNgQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEa7fE/y44lqD/KdWh6yKbUQsRmwMB8GA1UdIwQY
MBaAFJ8RaLhXF6FGZgAbWy9skIAZl94GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUt
ZjQyMTliZWRkYjM3LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84ZjY1OGMtM2ZhYy00OThkLWI5NWUtZjQyMTliZWRkYjM3
LzEvbnhGb3VGY1hvVVptQUJ0YkwyeVFnQm1YM2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXdtdnni4
xetLzOmocMXEe1F9hn8e5JNPGdgRFfvxIjUczQESVJ7p6OGt4Vpqmz9toRtSUyEH
cTQ/Mw/+8vmaKqYFjaKBz0AXlfqFOBCtn955sqFUykIdMJIgUBhsPq1EqrHu7YiV
Ql37IPr2A7qeQQJWdqoMMtXtsdDOHLJrkfatlXFxdsoqaIXMpGr4l6BDphut36U3
ZbgoLME+giwzRPCtAaTzvHNbUq4r3UIzz5dtVMo7pGzIQVCL8arfp9z5DdUGis+N
kH/+nzSO05P1hog4yzTdCSBwM1zabNBJqCiU6a5WLWW8/rDne0yRatWQHykeaR/r
P2/boR39RMvQrA==
-----END CERTIFICATE-----