Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
File:                     NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json)
Hash identifier:          P7ddrJP9T8RDmozrvHhaFVSiXipmas+BUrzAeV706q0=
Subject key identifier:   EC:DB:F7:A5:E8:27:C8:01:32:B3:33:6C:A8:57:2E:5A:71:F9:A8:AD
Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74
Certificate issuer:       /CN=349c4837d939840d5f6c74aac08366ef4bfe4874
Certificate serial:       01965725E400A6CA6ED81A5C4852B69AF262
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
Manifest number:          EB
Signing time:             Mon 21 Apr 2025 07:00:23 +0000
Manifest this update:     Mon 21 Apr 2025 07:00:23 +0000
Manifest next update:     Tue 22 Apr 2025 07:00:23 +0000
Files and hashes:         1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: J/45KD+U5tsliRAr7yjAmR2/bLrHGkxSrxWLMrN7vaE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 22 Apr 2025 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:57:25:e4:00:a6:ca:6e:d8:1a:5c:48:52:b6:9a:f2:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874
        Validity
            Not Before: Apr 21 07:00:23 2025 GMT
            Not After : Apr 22 07:00:23 2025 GMT
        Subject: CN=ecdbf7a5e827c80132b3336ca8572e5a71f9a8ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ef:d6:c2:f6:02:7b:38:47:bf:1d:5b:79:64:
                    e4:11:58:bf:2f:de:34:10:94:61:9f:fe:5a:6e:82:
                    7f:ec:23:78:19:d7:c1:eb:9f:c8:0e:c0:53:02:87:
                    07:7f:0d:81:f4:62:f2:92:45:ec:64:e1:fd:e5:21:
                    df:7e:8a:c4:a6:18:96:22:17:bc:35:5c:24:c6:7e:
                    12:65:e3:b5:d5:ad:18:9c:6e:f7:be:d7:db:84:ca:
                    54:c1:f3:c3:74:72:d6:00:86:92:94:b0:93:a4:f2:
                    21:c1:36:ca:42:2a:a0:e9:b3:f8:11:e1:ee:3e:0c:
                    01:a5:60:ac:cc:c0:6d:8b:ba:32:bc:c2:b3:26:76:
                    f9:59:57:58:63:24:d0:83:78:38:31:4c:a8:1b:22:
                    45:31:41:96:3c:44:ee:b2:7f:64:ae:c6:fe:3d:80:
                    a9:65:49:19:9b:79:18:ec:75:30:89:29:73:b8:06:
                    f3:3c:ff:d2:06:55:e8:29:6e:3e:35:98:6f:b2:44:
                    a8:7f:e6:7c:52:f4:89:2c:2e:1f:83:94:7c:65:e4:
                    07:a0:8b:56:86:b5:11:27:f9:7f:0c:07:f0:6f:b7:
                    60:be:ba:d9:d3:46:a1:0f:37:33:36:68:f2:c8:2b:
                    c8:8a:3f:d4:48:18:b5:7b:d5:62:4f:bc:32:24:b5:
                    69:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:DB:F7:A5:E8:27:C8:01:32:B3:33:6C:A8:57:2E:5A:71:F9:A8:AD
            X509v3 Authority Key Identifier:
                keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:81:f5:e3:76:9a:05:ac:4f:8c:e9:87:3a:88:32:65:55:7a:
         df:0c:fe:19:37:87:75:f5:60:d8:18:83:84:77:60:ae:63:5e:
         2f:84:b2:a6:df:f5:7f:1a:69:0a:89:d8:2e:2a:1f:55:c6:46:
         1f:00:69:47:8f:6d:c8:fc:5e:d2:e7:2c:a2:d5:17:98:8c:ee:
         86:07:f2:d4:ee:f5:98:9a:e9:10:3a:7c:4f:25:fb:6f:91:d7:
         e3:ea:97:06:c2:5e:9d:c6:5f:e6:1f:6d:ed:65:61:79:af:a6:
         00:f9:dc:63:88:d6:8f:25:19:9b:bb:7c:5f:44:2d:0d:8b:66:
         77:bb:7d:77:ea:e8:69:28:dd:1b:3a:bd:20:fe:cf:18:0a:8b:
         9d:4e:42:5e:00:88:bc:78:d0:0f:78:61:ab:b8:eb:67:d1:52:
         79:16:47:46:93:65:ed:41:91:1a:c5:2c:76:ea:1f:6a:7e:3c:
         ef:9a:82:75:2f:a5:1c:9b:00:c0:2d:10:c5:c0:58:0d:f9:c8:
         4d:5d:ea:91:ba:f0:7f:d1:98:27:95:f0:f1:eb:1a:f7:a5:ea:
         28:e5:37:48:60:ad:bd:41:c5:9d:18:f8:eb:0e:52:f8:7f:df:
         a7:f9:d9:db:d6:e4:43:9c:e7:07:d4:d9:b6:ed:a8:e5:51:c6:
         e7:ca:1f:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZXJeQApspu2BpcSFK2mvJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm
ZTQ4NzQwHhcNMjUwNDIxMDcwMDIzWhcNMjUwNDIyMDcwMDIzWjAzMTEwLwYDVQQD
EyhlY2RiZjdhNWU4MjdjODAxMzJiMzMzNmNhODU3MmU1YTcxZjlhOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+/WwvYCezhHvx1beWTkEVi/L940
EJRhn/5aboJ/7CN4GdfB65/IDsBTAocHfw2B9GLykkXsZOH95SHfforEphiWIhe8
NVwkxn4SZeO11a0YnG73vtfbhMpUwfPDdHLWAIaSlLCTpPIhwTbKQiqg6bP4EeHu
PgwBpWCszMBti7oyvMKzJnb5WVdYYyTQg3g4MUyoGyJFMUGWPETusn9krsb+PYCp
ZUkZm3kY7HUwiSlzuAbzPP/SBlXoKW4+NZhvskSof+Z8UvSJLC4fg5R8ZeQHoItW
hrURJ/l/DAfwb7dgvrrZ00ahDzczNmjyyCvIij/USBi1e9ViT7wyJLVp0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzb96XoJ8gBMrMzbKhXLlpx+aitMB8GA1UdIwQY
MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt
NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0
LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqIH143aa
BaxPjOmHOogyZVV63wz+GTeHdfVg2BiDhHdgrmNeL4Sypt/1fxppConYLiofVcZG
HwBpR49tyPxe0ucsotUXmIzuhgfy1O71mJrpEDp8TyX7b5HX4+qXBsJencZf5h9t
7WVhea+mAPncY4jWjyUZm7t8X0QtDYtmd7t9d+roaSjdGzq9IP7PGAqLnU5CXgCI
vHjQD3hhq7jrZ9FSeRZHRpNl7UGRGsUsduofan4875qCdS+lHJsAwC0QxcBYDfnI
TV3qkbrwf9GYJ5Xw8esa96XqKOU3SGCtvUHFnRj46w5S+H/fp/nZ29bkQ5znB9TZ
tu2o5VHG58ofBw==
-----END CERTIFICATE-----