Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
File:                     NbdnbT6rzEXogFTIuEBH7ocyvHM.mft (raw, json)
Hash identifier:          ar3CMf3+RQPbwYaedBfVB9iIBL0tFEkauWCZBzaZweE=
Subject key identifier:   72:A6:B0:98:20:2C:5B:D1:A3:4B:D7:D8:9F:9D:E1:D8:2F:A0:42:00
Authority key identifier: 35:B7:67:6D:3E:AB:CC:45:E8:80:54:C8:B8:40:47:EE:87:32:BC:73
Certificate issuer:       /CN=35b7676d3eabcc45e88054c8b84047ee8732bc73
Certificate serial:       019511D93DB0C2690808660258C50508E9E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
Manifest number:          014A
Signing time:             Mon 17 Feb 2025 03:00:04 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:04 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:04 +0000
Files and hashes:         1: NbdnbT6rzEXogFTIuEBH7ocyvHM.crl (hash: EsbFhHpJToBzoQILH+dFvH4ZkkLG5VVRLrU7VRwvLys=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:3d:b0:c2:69:08:08:66:02:58:c5:05:08:e9:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35b7676d3eabcc45e88054c8b84047ee8732bc73
        Validity
            Not Before: Feb 17 03:00:04 2025 GMT
            Not After : Feb 18 03:00:04 2025 GMT
        Subject: CN=72a6b098202c5bd1a34bd7d89f9de1d82fa04200
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:02:f0:a3:e7:32:a6:d7:29:5d:d0:1d:cb:71:
                    ff:72:3e:f1:12:45:d3:a7:6a:04:cd:de:6e:0e:cd:
                    f7:1e:e7:51:11:89:17:d6:63:84:2f:79:6b:27:c8:
                    41:9c:44:5c:4d:6a:d4:9b:a7:b3:37:ec:a1:ec:e5:
                    34:52:19:4a:99:f1:71:36:d7:cd:41:d1:12:17:c9:
                    9a:bc:85:8b:bd:e0:d2:93:d0:cc:e7:13:80:a8:b3:
                    56:1a:57:9f:0c:d5:f9:ca:26:b7:e1:f4:a0:82:e4:
                    8f:55:34:86:9f:31:eb:fe:bd:6d:98:a4:89:b0:6f:
                    3f:44:bc:8a:5e:ab:ab:bc:8d:a3:4e:56:15:9e:5e:
                    97:53:a0:d6:3f:f3:28:9b:98:c5:61:ad:89:da:c1:
                    6f:73:e3:d1:97:c7:f5:5d:cb:20:48:30:34:32:fb:
                    3a:0f:56:37:8f:e5:06:5f:9f:d0:6c:a7:35:6d:7a:
                    54:ab:d5:46:f7:b6:95:f9:35:6f:b8:67:9e:e0:7f:
                    0d:54:0e:f5:06:eb:21:f0:0e:10:62:9c:df:56:f3:
                    10:19:4d:11:1d:cb:64:c9:0f:fd:fc:d1:04:0c:c0:
                    07:07:ef:08:e7:b1:8c:97:51:94:29:8d:db:57:c5:
                    d6:fd:a0:16:6e:60:0f:8b:e0:75:b8:c4:3b:d6:1e:
                    7e:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:A6:B0:98:20:2C:5B:D1:A3:4B:D7:D8:9F:9D:E1:D8:2F:A0:42:00
            X509v3 Authority Key Identifier:
                keyid:35:B7:67:6D:3E:AB:CC:45:E8:80:54:C8:B8:40:47:EE:87:32:BC:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NbdnbT6rzEXogFTIuEBH7ocyvHM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0c71e8-6c09-4850-a6c5-be203f01304d/1/NbdnbT6rzEXogFTIuEBH7ocyvHM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:11:ba:4c:7c:cc:1e:9f:aa:11:2c:59:2f:f1:f1:bf:15:08:
         57:6f:c2:ee:6c:6d:5c:7d:09:b2:a2:6b:02:1a:22:f1:e1:f0:
         da:24:b6:39:0e:60:2b:c3:df:1c:0e:8f:49:96:3a:db:17:45:
         a1:4a:ca:06:cf:d3:d4:14:0f:79:6f:9c:7e:2d:04:95:87:3a:
         a5:4d:10:03:1d:56:2e:08:60:6a:79:96:28:fd:47:f9:e2:fe:
         48:f9:39:a8:00:56:d1:f2:5f:a5:9f:1d:6c:88:40:e0:e1:52:
         20:34:a2:ab:bf:19:6b:ef:cf:31:c2:be:6d:2b:9c:b3:f2:83:
         eb:64:42:4e:03:5f:b2:57:8b:58:a0:3d:8d:7f:12:54:ba:90:
         d1:d4:ad:c2:36:91:6d:d8:68:fb:d0:11:99:bb:07:06:49:1c:
         9b:fc:4c:7c:b0:5c:88:71:7f:fa:bf:37:d8:64:0e:8b:7d:6b:
         8b:3c:dd:ae:28:1e:a1:2d:54:a3:b4:4c:79:3b:4f:4a:40:3a:
         8d:6e:74:9d:4b:06:7a:4c:3c:8e:06:8f:e4:40:9a:8a:21:de:
         a0:2a:eb:ef:b3:43:34:4e:ee:cd:02:40:2d:f4:8f:78:b9:92:
         43:cf:50:10:52:72:1d:48:0d:5b:68:2a:1c:21:79:2b:9b:4b:
         e6:be:1b:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2T2wwmkICGYCWMUFCOnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yjc2NzZkM2VhYmNjNDVlODgwNTRjOGI4NDA0N2VlODcz
MmJjNzMwHhcNMjUwMjE3MDMwMDA0WhcNMjUwMjE4MDMwMDA0WjAzMTEwLwYDVQQD
Eyg3MmE2YjA5ODIwMmM1YmQxYTM0YmQ3ZDg5ZjlkZTFkODJmYTA0MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ALwo+cyptcpXdAdy3H/cj7xEkXT
p2oEzd5uDs33HudREYkX1mOEL3lrJ8hBnERcTWrUm6ezN+yh7OU0UhlKmfFxNtfN
QdESF8mavIWLveDSk9DM5xOAqLNWGlefDNX5yia34fSgguSPVTSGnzHr/r1tmKSJ
sG8/RLyKXqurvI2jTlYVnl6XU6DWP/Mom5jFYa2J2sFvc+PRl8f1XcsgSDA0Mvs6
D1Y3j+UGX5/QbKc1bXpUq9VG97aV+TVvuGee4H8NVA71Bush8A4QYpzfVvMQGU0R
HctkyQ/9/NEEDMAHB+8I57GMl1GUKY3bV8XW/aAWbmAPi+B1uMQ71h5+YwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKmsJggLFvRo0vX2J+d4dgvoEIAMB8GA1UdIwQY
MBaAFDW3Z20+q8xF6IBUyLhAR+6HMrxzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wYzcxZTgtNmMwOS00ODUwLWE2YzUt
YmUyMDNmMDEzMDRkLzEvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wYzcxZTgtNmMwOS00ODUwLWE2YzUtYmUyMDNmMDEzMDRk
LzEvTmJkbmJUNnJ6RVhvZ0ZUSXVFQkg3b2N5dkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHRG6THzM
Hp+qESxZL/HxvxUIV2/C7mxtXH0JsqJrAhoi8eHw2iS2OQ5gK8PfHA6PSZY62xdF
oUrKBs/T1BQPeW+cfi0ElYc6pU0QAx1WLghganmWKP1H+eL+SPk5qABW0fJfpZ8d
bIhA4OFSIDSiq78Za+/PMcK+bSucs/KD62RCTgNfsleLWKA9jX8SVLqQ0dStwjaR
bdho+9ARmbsHBkkcm/xMfLBciHF/+r832GQOi31rizzdrigeoS1Uo7RMeTtPSkA6
jW50nUsGekw8jgaP5ECaiiHeoCrr77NDNE7uzQJALfSPeLmSQ89QEFJyHUgNW2gq
HCF5K5tL5r4bQg==
-----END CERTIFICATE-----