Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.mft
File:                     nxuJ5urGEf1TMtcOuvUxH61lErg.mft (raw, json)
Hash identifier:          Z8eiYIFtqNojb37umtadKd64fJXSlEfHI9i6243u7JA=
Subject key identifier:   DC:85:E9:7E:7A:A8:8C:91:C2:3F:7F:72:8B:36:99:A2:21:1E:6A:60
Authority key identifier: 9F:1B:89:E6:EA:C6:11:FD:53:32:D7:0E:BA:F5:31:1F:AD:65:12:B8
Certificate issuer:       /CN=9f1b89e6eac611fd5332d70ebaf5311fad6512b8
Certificate serial:       019657CB574980325D78D863CD8D9032621B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nxuJ5urGEf1TMtcOuvUxH61lErg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.mft
Manifest number:          0E2D
Signing time:             Mon 21 Apr 2025 10:01:06 +0000
Manifest this update:     Mon 21 Apr 2025 10:01:06 +0000
Manifest next update:     Tue 22 Apr 2025 10:01:06 +0000
Files and hashes:         1: nxuJ5urGEf1TMtcOuvUxH61lErg.crl (hash: gO5jKJqw787VdcLbjWQqBvDniHmX2WUJNrtlT84Bums=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nxuJ5urGEf1TMtcOuvUxH61lErg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:cb:57:49:80:32:5d:78:d8:63:cd:8d:90:32:62:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f1b89e6eac611fd5332d70ebaf5311fad6512b8
        Validity
            Not Before: Apr 21 10:01:06 2025 GMT
            Not After : Apr 22 10:01:06 2025 GMT
        Subject: CN=dc85e97e7aa88c91c23f7f728b3699a2211e6a60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e2:34:35:d9:c1:f5:cc:c5:c7:46:e7:d9:8a:
                    28:74:af:f2:23:83:9d:9c:68:ee:86:4c:2a:a3:7a:
                    31:1d:47:32:4b:91:7e:26:cf:4b:78:86:b6:6b:6e:
                    d0:e2:be:f2:37:11:3c:f9:bd:b0:f5:3b:85:9a:e7:
                    02:03:58:0f:ae:77:b6:ed:3a:26:91:b6:6a:f8:c5:
                    2e:3c:57:93:68:13:37:9f:ac:33:71:e0:9d:bf:82:
                    66:84:25:73:72:64:42:92:32:a8:18:56:1a:cb:a1:
                    85:24:8c:52:09:7f:ec:9d:6e:06:42:1f:42:6e:be:
                    9f:2e:ff:0f:69:81:47:de:e6:5f:25:c1:dc:83:e6:
                    a3:3c:72:e9:40:f8:89:dd:e9:0b:72:fd:46:98:6a:
                    e8:d6:26:d6:47:1a:ff:c3:90:cb:ed:16:86:3a:58:
                    01:30:1e:eb:da:bf:2f:7f:a8:4d:01:16:86:61:99:
                    cc:dd:93:fe:06:ec:20:90:bb:27:e0:07:b6:a8:be:
                    90:4f:8c:bb:fa:7e:fd:eb:4d:b9:85:ae:d9:bf:54:
                    3d:1f:3d:9f:49:5b:17:a4:5b:12:52:2f:91:77:9a:
                    a2:35:91:c1:45:f1:14:82:60:14:cf:16:b6:6a:de:
                    d3:a2:86:49:d7:7f:b6:39:e1:98:90:ab:02:c8:c3:
                    f5:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:85:E9:7E:7A:A8:8C:91:C2:3F:7F:72:8B:36:99:A2:21:1E:6A:60
            X509v3 Authority Key Identifier:
                keyid:9F:1B:89:E6:EA:C6:11:FD:53:32:D7:0E:BA:F5:31:1F:AD:65:12:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nxuJ5urGEf1TMtcOuvUxH61lErg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/a1841e-0106-47de-923b-744fb21b5598/1/nxuJ5urGEf1TMtcOuvUxH61lErg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:db:86:83:d2:13:ef:f1:da:3e:94:79:be:6b:29:26:04:2e:
         33:d1:8d:34:4a:45:4b:98:27:0b:af:d0:7d:75:08:87:83:3b:
         78:a2:17:e2:c6:5d:3a:da:ca:3b:ee:5d:34:4f:43:1c:c8:7a:
         3e:4e:20:1a:ea:e2:c3:83:15:20:eb:6c:dc:55:c2:de:95:f6:
         9e:6a:7a:17:50:84:05:76:e7:71:f8:a3:cb:52:c1:ea:e0:2c:
         89:58:a5:98:2c:14:8c:f6:87:15:2d:5b:24:ff:43:1a:16:70:
         85:b2:02:ca:7f:f4:4a:28:7f:8a:e7:00:bd:a7:00:95:6f:31:
         c1:fc:8d:30:70:c9:ec:05:67:4a:b6:15:50:99:4e:2b:9f:a6:
         0a:9b:d2:54:b4:ab:69:37:9c:cc:1f:86:97:81:bb:d7:4e:56:
         96:47:70:1d:39:50:b1:05:ad:be:e7:54:29:44:33:03:e1:79:
         7f:c7:ca:4a:14:2c:a1:06:34:53:06:44:01:51:c6:16:76:71:
         97:1d:d7:d5:93:41:6a:10:4b:3e:ab:b3:3d:17:a4:de:99:d9:
         72:6b:71:aa:cf:51:fb:89:2e:f0:ca:4a:90:91:4f:25:b8:3a:
         f5:a6:6f:d1:d7:d1:42:3d:31:0c:8e:bb:8a:6e:d4:82:c9:ae:
         11:c1:84:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXy1dJgDJdeNhjzY2QMmIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMWI4OWU2ZWFjNjExZmQ1MzMyZDcwZWJhZjUzMTFmYWQ2
NTEyYjgwHhcNMjUwNDIxMTAwMTA2WhcNMjUwNDIyMTAwMTA2WjAzMTEwLwYDVQQD
EyhkYzg1ZTk3ZTdhYTg4YzkxYzIzZjdmNzI4YjM2OTlhMjIxMWU2YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+I0NdnB9czFx0bn2YoodK/yI4Od
nGjuhkwqo3oxHUcyS5F+Js9LeIa2a27Q4r7yNxE8+b2w9TuFmucCA1gPrne27Tom
kbZq+MUuPFeTaBM3n6wzceCdv4JmhCVzcmRCkjKoGFYay6GFJIxSCX/snW4GQh9C
br6fLv8PaYFH3uZfJcHcg+ajPHLpQPiJ3ekLcv1GmGro1ibWRxr/w5DL7RaGOlgB
MB7r2r8vf6hNARaGYZnM3ZP+BuwgkLsn4Ae2qL6QT4y7+n796025ha7Zv1Q9Hz2f
SVsXpFsSUi+Rd5qiNZHBRfEUgmAUzxa2at7TooZJ13+2OeGYkKsCyMP1OQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNyF6X56qIyRwj9/cos2maIhHmpgMB8GA1UdIwQY
MBaAFJ8biebqxhH9UzLXDrr1MR+tZRK4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnh1SjV1ckdFZjFUTXRjT3V2VXhINjFsRXJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9hMTg0MWUtMDEwNi00N2RlLTkyM2It
NzQ0ZmIyMWI1NTk4LzEvbnh1SjV1ckdFZjFUTXRjT3V2VXhINjFsRXJnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9hMTg0MWUtMDEwNi00N2RlLTkyM2ItNzQ0ZmIyMWI1NTk4
LzEvbnh1SjV1ckdFZjFUTXRjT3V2VXhINjFsRXJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9uGg9IT
7/HaPpR5vmspJgQuM9GNNEpFS5gnC6/QfXUIh4M7eKIX4sZdOtrKO+5dNE9DHMh6
Pk4gGuriw4MVIOts3FXC3pX2nmp6F1CEBXbncfijy1LB6uAsiVilmCwUjPaHFS1b
JP9DGhZwhbICyn/0Sih/iucAvacAlW8xwfyNMHDJ7AVnSrYVUJlOK5+mCpvSVLSr
aTeczB+Gl4G7105WlkdwHTlQsQWtvudUKUQzA+F5f8fKShQsoQY0UwZEAVHGFnZx
lx3X1ZNBahBLPquzPRek3pnZcmtxqs9R+4ku8MpKkJFPJbg69aZv0dfRQj0xDI67
im7UgsmuEcGESg==
-----END CERTIFICATE-----