Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
File:                     NWlXUM1GUx3eil-yZyzcgw09DG4.mft (raw, json)
Hash identifier:          za92QA50kwcY5tpmcAhjMSD0pva6gphMXB/U3A3J5Bg=
Subject key identifier:   7F:85:86:99:7E:2E:B8:41:D7:73:01:A8:D0:D5:94:90:E6:93:50:76
Authority key identifier: 35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E
Certificate issuer:       /CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
Certificate serial:       0196545C750053BC938285C5432E46BE6F85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
Manifest number:          031A
Signing time:             Sun 20 Apr 2025 18:01:07 +0000
Manifest this update:     Sun 20 Apr 2025 18:01:07 +0000
Manifest next update:     Mon 21 Apr 2025 18:01:07 +0000
Files and hashes:         1: NWlXUM1GUx3eil-yZyzcgw09DG4.crl (hash: yw2DVu0AIA3O4NL87bx4l+9WF7UgXWKExctB6qGPXB8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 18:01:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:5c:75:00:53:bc:93:82:85:c5:43:2e:46:be:6f:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35695750cd46531dde8a5fb2672cdc830d3d0c6e
        Validity
            Not Before: Apr 20 18:01:07 2025 GMT
            Not After : Apr 21 18:01:07 2025 GMT
        Subject: CN=7f8586997e2eb841d77301a8d0d59490e6935076
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:52:93:24:94:ba:01:b8:7e:76:11:37:0e:c3:
                    24:c3:1b:dd:61:fc:29:f5:ad:04:34:07:9c:0c:97:
                    64:bb:52:92:64:d1:c9:8c:6c:e8:90:83:42:e2:ee:
                    71:93:ab:fb:5f:fa:89:d1:64:df:72:d7:df:3b:1b:
                    79:1a:96:3e:12:77:cf:e0:41:76:50:88:de:8f:51:
                    9a:f7:02:da:83:9a:82:51:01:6e:12:c0:43:44:f3:
                    ec:bf:f2:c4:d1:a8:a7:99:8f:f8:d1:54:51:7d:35:
                    5d:11:b8:c2:b6:ad:7d:e7:d9:bb:fe:63:78:90:66:
                    79:c3:a0:6d:c5:da:d3:e5:06:10:a1:7a:79:6b:e7:
                    a2:d3:9b:a9:3f:f2:c1:c6:11:1d:38:46:5f:47:85:
                    19:57:f3:b7:3c:04:11:cd:0e:75:59:98:d6:34:97:
                    a8:1d:e7:12:52:7f:dd:f1:23:bd:63:16:91:b5:a5:
                    da:28:5f:fb:cd:de:21:03:d3:56:e2:b5:a0:25:bd:
                    fe:71:0e:cd:9e:69:cb:0b:14:96:f4:3c:d5:5c:e4:
                    62:4c:cd:4c:3f:e9:ce:41:77:f7:d6:25:f6:e6:2f:
                    3c:71:38:e7:78:9d:5c:3c:1e:85:21:0f:8b:ef:96:
                    6b:07:ac:ea:d8:67:0c:b5:ff:b3:67:6d:07:f2:f4:
                    24:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:85:86:99:7E:2E:B8:41:D7:73:01:A8:D0:D5:94:90:E6:93:50:76
            X509v3 Authority Key Identifier:
                keyid:35:69:57:50:CD:46:53:1D:DE:8A:5F:B2:67:2C:DC:83:0D:3D:0C:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWlXUM1GUx3eil-yZyzcgw09DG4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/615617-092d-4228-a407-77bfa37fa071/1/NWlXUM1GUx3eil-yZyzcgw09DG4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:d4:40:91:14:6a:bf:e8:10:45:ee:54:ea:9b:58:94:57:b5:
         22:9c:fa:eb:8f:61:a0:1a:28:70:85:0d:5a:33:cb:92:25:f6:
         4b:3f:ef:8b:47:47:5f:64:d3:27:38:0f:fb:7f:5b:d0:a8:ea:
         72:0f:02:d8:65:07:2e:32:ba:73:48:b1:5e:fa:b6:f6:46:15:
         09:0b:2b:76:a3:bd:73:e5:bf:94:f5:5f:2e:ba:64:fb:4f:0c:
         da:18:7d:33:8e:3e:58:c3:75:09:ca:5a:00:a8:61:d5:45:5a:
         06:e7:01:bd:17:4f:74:ea:da:1d:fc:75:f8:c6:6d:6f:1d:c6:
         3d:b8:c1:65:e7:7a:69:d4:ea:c0:91:2b:f6:d9:3f:07:4d:1e:
         06:29:6f:cc:70:ff:7e:a7:53:c7:8a:7e:fc:67:03:50:c1:06:
         4d:69:84:ea:91:90:2f:c0:bf:f5:35:a2:7a:91:f0:86:1e:8d:
         73:ee:60:7d:7d:6e:84:34:0e:c0:2a:9c:c4:a4:cd:b0:12:41:
         38:c9:45:fe:03:af:72:dc:22:17:5d:b3:ba:b8:f5:93:38:9d:
         45:6b:7f:0f:77:4f:53:78:97:d0:2a:71:90:58:c5:95:46:58:
         ae:e6:c9:28:fb:e8:4a:63:af:13:5b:db:25:72:d7:0f:79:89:
         76:f6:a9:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUXHUAU7yTgoXFQy5Gvm+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Njk1NzUwY2Q0NjUzMWRkZThhNWZiMjY3MmNkYzgzMGQz
ZDBjNmUwHhcNMjUwNDIwMTgwMTA3WhcNMjUwNDIxMTgwMTA3WjAzMTEwLwYDVQQD
Eyg3Zjg1ODY5OTdlMmViODQxZDc3MzAxYThkMGQ1OTQ5MGU2OTM1MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVKTJJS6Abh+dhE3DsMkwxvdYfwp
9a0ENAecDJdku1KSZNHJjGzokINC4u5xk6v7X/qJ0WTfctffOxt5GpY+EnfP4EF2
UIjej1Ga9wLag5qCUQFuEsBDRPPsv/LE0ainmY/40VRRfTVdEbjCtq1959m7/mN4
kGZ5w6BtxdrT5QYQoXp5a+ei05upP/LBxhEdOEZfR4UZV/O3PAQRzQ51WZjWNJeo
HecSUn/d8SO9YxaRtaXaKF/7zd4hA9NW4rWgJb3+cQ7NnmnLCxSW9DzVXORiTM1M
P+nOQXf31iX25i88cTjneJ1cPB6FIQ+L75ZrB6zq2GcMtf+zZ20H8vQklwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH+Fhpl+LrhB13MBqNDVlJDmk1B2MB8GA1UdIwQY
MBaAFDVpV1DNRlMd3opfsmcs3IMNPQxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDct
NzdiZmEzN2ZhMDcxLzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MTU2MTctMDkyZC00MjI4LWE0MDctNzdiZmEzN2ZhMDcx
LzEvTldsWFVNMUdVeDNlaWwteVp5emNndzA5REc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEdRAkRRq
v+gQRe5U6ptYlFe1Ipz6649hoBoocIUNWjPLkiX2Sz/vi0dHX2TTJzgP+39b0Kjq
cg8C2GUHLjK6c0ixXvq29kYVCQsrdqO9c+W/lPVfLrpk+08M2hh9M44+WMN1Ccpa
AKhh1UVaBucBvRdPdOraHfx1+MZtbx3GPbjBZed6adTqwJEr9tk/B00eBilvzHD/
fqdTx4p+/GcDUMEGTWmE6pGQL8C/9TWiepHwhh6Nc+5gfX1uhDQOwCqcxKTNsBJB
OMlF/gOvctwiF12zurj1kzidRWt/D3dPU3iX0CpxkFjFlUZYrubJKPvoSmOvE1vb
JXLXD3mJdvapPA==
-----END CERTIFICATE-----