Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
File:                     NbdnbT6rzEXogFTIuEBH7ocyvHM.mft (raw, json)
Hash identifier:          5I1C3Vmd631+ORFQUS630YXa6rx3eVGLWyKYJHdI1JM=
Subject key identifier:   0F:5A:16:A4:28:E6:67:1A:12:5B:59:92:3B:48:C3:A4:E4:C5:80:E6
Authority key identifier: 35:B7:67:6D:3E:AB:CC:45:E8:80:54:C8:B8:40:47:EE:87:32:BC:73
Certificate issuer:       /CN=35b7676d3eabcc45e88054c8b84047ee8732bc73
Certificate serial:       01964CA24F6858939944557A4CA7A8D63D3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
Manifest number:          01ED
Signing time:             Sat 19 Apr 2025 06:00:27 +0000
Manifest this update:     Sat 19 Apr 2025 06:00:27 +0000
Manifest next update:     Sun 20 Apr 2025 06:00:27 +0000
Files and hashes:         1: NbdnbT6rzEXogFTIuEBH7ocyvHM.crl (hash: 5qaaLDX8m1w0iOdVmOkp1/YESPRCtkI6jyMicG5QNf8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 06:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:a2:4f:68:58:93:99:44:55:7a:4c:a7:a8:d6:3d:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35b7676d3eabcc45e88054c8b84047ee8732bc73
        Validity
            Not Before: Apr 19 06:00:27 2025 GMT
            Not After : Apr 20 06:00:27 2025 GMT
        Subject: CN=0f5a16a428e6671a125b59923b48c3a4e4c580e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c5:7a:45:09:48:73:bb:b3:e0:6a:27:cf:48:
                    47:2f:4b:0a:30:41:61:c7:0b:3f:12:20:8f:3f:73:
                    45:84:14:c7:5a:4b:82:97:55:c7:93:36:21:b9:25:
                    34:60:06:a5:22:e4:58:9f:f8:27:34:e4:d9:e3:5c:
                    a7:e5:62:6e:36:d7:5c:cc:3b:6a:90:f4:ae:53:96:
                    62:60:88:4b:d7:a1:31:8f:a8:17:dd:f7:c3:dd:eb:
                    9b:35:7c:45:12:73:62:4c:5f:9f:d2:37:a1:37:d6:
                    60:01:e8:17:2c:b5:86:aa:57:13:6f:ea:3e:84:26:
                    c1:d6:92:86:77:29:48:39:e3:09:11:85:ca:ce:5c:
                    ff:d1:fd:67:67:b0:8b:56:65:f5:e9:a6:ff:b0:c7:
                    53:8b:c2:19:53:d6:3d:45:36:32:ab:40:74:cd:ef:
                    95:3d:c3:90:fa:95:dd:cc:13:4f:77:66:14:15:5c:
                    61:28:2a:49:34:40:e1:fe:6b:ce:64:fd:36:d3:ad:
                    90:18:6a:3f:81:d3:40:9f:10:6c:c4:57:1f:77:86:
                    b5:1d:51:76:68:dd:02:36:00:99:a7:6b:1c:78:e6:
                    9e:48:4f:15:be:36:65:fc:dd:2d:93:b1:52:e0:b3:
                    26:1d:c1:34:b0:87:c7:78:c8:39:6c:26:ec:b7:82:
                    92:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:5A:16:A4:28:E6:67:1A:12:5B:59:92:3B:48:C3:A4:E4:C5:80:E6
            X509v3 Authority Key Identifier:
                keyid:35:B7:67:6D:3E:AB:CC:45:E8:80:54:C8:B8:40:47:EE:87:32:BC:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:a7:e4:e9:c0:d3:3d:5a:47:d0:ea:b3:81:5d:56:07:fb:7c:
         91:51:93:3a:b1:f5:70:c4:49:5c:27:5c:4f:f4:75:3e:e4:fa:
         ac:03:f2:29:aa:c6:22:ee:6d:19:41:f3:f9:2c:30:cd:c3:4b:
         9f:75:39:4d:fb:41:f7:f7:02:d2:5a:ab:63:01:aa:3e:63:26:
         24:f0:1d:b5:0b:7a:6f:a0:34:5d:f5:39:ab:96:14:52:f9:fe:
         13:6e:6e:ff:86:ed:04:9f:41:0b:42:29:c9:19:17:88:46:f2:
         67:ad:fb:a0:0c:97:f5:d0:6a:ad:7b:eb:4c:06:c0:12:be:e9:
         f3:a4:e7:93:55:67:d5:42:2d:a1:e5:64:84:2f:d2:1d:c9:fd:
         eb:6d:98:1a:ab:80:11:d7:4c:58:c1:8a:3e:ac:07:c6:b2:d1:
         af:a1:13:b5:a7:7c:69:03:13:5a:64:c0:7f:90:0e:df:b6:f1:
         7a:db:f9:86:11:cc:51:6d:dd:ca:54:b5:91:d7:16:2f:42:33:
         50:4b:13:69:ee:4c:62:d5:7d:4f:9a:94:a9:2b:03:ab:84:aa:
         d3:73:2b:fd:b9:4d:af:25:a2:b8:f2:35:d9:88:25:94:7e:54:
         f5:69:8d:df:64:a6:13:6f:05:f0:43:7a:db:9b:ca:48:34:a9:
         29:93:03:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZMok9oWJOZRFV6TKeo1j0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yjc2NzZkM2VhYmNjNDVlODgwNTRjOGI4NDA0N2VlODcz
MmJjNzMwHhcNMjUwNDE5MDYwMDI3WhcNMjUwNDIwMDYwMDI3WjAzMTEwLwYDVQQD
EygwZjVhMTZhNDI4ZTY2NzFhMTI1YjU5OTIzYjQ4YzNhNGU0YzU4MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsV6RQlIc7uz4Gonz0hHL0sKMEFh
xws/EiCPP3NFhBTHWkuCl1XHkzYhuSU0YAalIuRYn/gnNOTZ41yn5WJuNtdczDtq
kPSuU5ZiYIhL16Exj6gX3ffD3eubNXxFEnNiTF+f0jehN9ZgAegXLLWGqlcTb+o+
hCbB1pKGdylIOeMJEYXKzlz/0f1nZ7CLVmX16ab/sMdTi8IZU9Y9RTYyq0B0ze+V
PcOQ+pXdzBNPd2YUFVxhKCpJNEDh/mvOZP02062QGGo/gdNAnxBsxFcfd4a1HVF2
aN0CNgCZp2sceOaeSE8VvjZl/N0tk7FS4LMmHcE0sIfHeMg5bCbst4KSzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA9aFqQo5mcaEltZkjtIw6TkxYDmMB8GA1UdIwQY
MBaAFDW3Z20+q8xF6IBUyLhAR+6HMrxzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wYzcxZTgtNmMwOS00ODUwLWE2YzUt
YmUyMDNmMDEzMDRkLzEvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wYzcxZTgtNmMwOS00ODUwLWE2YzUtYmUyMDNmMDEzMDRk
LzEvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApafk6cDT
PVpH0OqzgV1WB/t8kVGTOrH1cMRJXCdcT/R1PuT6rAPyKarGIu5tGUHz+SwwzcNL
n3U5TftB9/cC0lqrYwGqPmMmJPAdtQt6b6A0XfU5q5YUUvn+E25u/4btBJ9BC0Ip
yRkXiEbyZ637oAyX9dBqrXvrTAbAEr7p86Tnk1Vn1UItoeVkhC/SHcn9622YGquA
EddMWMGKPqwHxrLRr6ETtad8aQMTWmTAf5AO37bxetv5hhHMUW3dylS1kdcWL0Iz
UEsTae5MYtV9T5qUqSsDq4Sq03Mr/blNryWiuPI12YgllH5U9WmN32SmE28F8EN6
25vKSDSpKZMDXw==
-----END CERTIFICATE-----