Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          IRwwqp4jKYV5gPAf0QRTtzdL5AOyK4UMnQtGnsDmKKg=
Subject key identifier:   14:1A:70:BF:C8:03:67:AD:DD:E1:97:6D:E9:B3:F8:BA:48:7A:77:53
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       0196545C5FBB92692CEF61C6C1F2653D310C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          05D6
Signing time:             Sun 20 Apr 2025 18:01:02 +0000
Manifest this update:     Sun 20 Apr 2025 18:01:02 +0000
Manifest next update:     Mon 21 Apr 2025 18:01:02 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: SQvOC0ArSTWtWL9lnvGIlniSxxegGWnb+a7PGPRC79k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 18:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:54:5c:5f:bb:92:69:2c:ef:61:c6:c1:f2:65:3d:31:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Apr 20 18:01:02 2025 GMT
            Not After : Apr 21 18:01:02 2025 GMT
        Subject: CN=141a70bfc80367addde1976de9b3f8ba487a7753
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a6:a9:a9:24:15:7b:a2:33:61:f8:3c:ff:a2:
                    e1:21:4b:74:16:a8:0b:8e:bc:2f:d6:8d:90:0b:e0:
                    1c:66:e4:36:c2:97:ea:b4:3b:4b:a9:c5:5a:b3:5e:
                    43:b8:55:dc:f8:d0:f4:af:60:7c:cd:58:6e:d8:d7:
                    f6:00:13:25:4c:4e:18:44:d0:6e:fd:3d:49:11:68:
                    8a:86:54:c0:3a:e4:ab:62:46:06:8e:c5:2e:75:09:
                    f7:03:a5:d5:1a:02:14:99:98:60:b9:2e:6d:8e:f2:
                    da:b8:7a:c3:45:41:a0:e6:4d:78:6a:a4:b4:df:05:
                    27:c0:4a:20:88:98:0c:ac:80:08:63:67:32:52:fd:
                    1e:9d:bc:88:7b:a4:e7:fe:9e:c1:05:6f:cd:77:71:
                    ca:c3:74:7b:34:6a:e0:6b:e7:6b:98:cf:21:00:54:
                    76:8b:ef:11:9a:66:8e:cf:46:47:3d:2b:aa:4d:9c:
                    a2:9f:62:27:14:34:c5:37:4d:45:60:99:ad:03:2d:
                    f9:3d:f7:b8:58:f7:ca:0d:e6:4a:57:bc:1c:ee:71:
                    a9:9c:8c:bd:39:5a:9d:a3:30:89:83:56:cd:6c:1a:
                    7c:ae:54:70:17:7d:d4:0d:1c:bf:76:88:c9:71:d8:
                    28:71:f9:13:9a:c6:5a:45:ed:47:a8:06:bb:46:75:
                    6e:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:1A:70:BF:C8:03:67:AD:DD:E1:97:6D:E9:B3:F8:BA:48:7A:77:53
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:f7:f6:97:8d:e3:eb:20:f1:ce:e0:3d:87:96:7b:eb:81:89:
         d8:b3:e2:3d:a9:9d:e8:7e:5c:93:fd:23:33:05:23:ad:54:32:
         75:59:bf:fd:12:05:ec:9f:2a:e3:fc:22:16:9d:f0:f5:e1:c4:
         97:06:00:27:e9:8e:4d:ef:c1:95:c9:19:0b:d8:6d:87:fe:77:
         e2:99:fe:6e:7a:e1:8b:d9:83:51:2a:1b:bd:98:64:df:b5:8b:
         ad:a2:78:d4:de:6e:9d:92:9b:cc:49:85:d7:04:1c:fa:46:2c:
         fa:81:65:3d:0a:d4:bc:56:e6:b7:42:8b:87:ab:79:48:3e:72:
         bd:56:18:bc:44:e4:da:8e:b5:38:bf:62:a0:b0:19:3b:43:e0:
         4d:64:41:f0:00:fd:b5:8e:1e:a0:13:b0:be:8f:fd:9a:3e:36:
         7d:20:e8:e6:c4:a9:70:28:f3:6d:94:8a:ac:a5:9d:6a:f2:a1:
         2b:e7:d2:f0:1e:01:35:82:44:e4:e0:11:7e:3d:e4:db:10:40:
         ba:7b:71:48:64:e0:35:02:e7:6a:5e:cc:67:6d:ff:8c:c3:ee:
         d2:5c:5a:05:ac:46:72:c4:9c:36:8d:ba:eb:8d:4d:2a:a9:9d:
         8c:23:31:d5:14:20:cb:77:d3:2b:d2:40:49:50:67:e0:7b:c4:
         ea:32:82:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZUXF+7kmks72HGwfJlPTEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjUwNDIwMTgwMTAyWhcNMjUwNDIxMTgwMTAyWjAzMTEwLwYDVQQD
EygxNDFhNzBiZmM4MDM2N2FkZGRlMTk3NmRlOWIzZjhiYTQ4N2E3NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6apqSQVe6IzYfg8/6LhIUt0FqgL
jrwv1o2QC+AcZuQ2wpfqtDtLqcVas15DuFXc+ND0r2B8zVhu2Nf2ABMlTE4YRNBu
/T1JEWiKhlTAOuSrYkYGjsUudQn3A6XVGgIUmZhguS5tjvLauHrDRUGg5k14aqS0
3wUnwEogiJgMrIAIY2cyUv0enbyIe6Tn/p7BBW/Nd3HKw3R7NGrga+drmM8hAFR2
i+8RmmaOz0ZHPSuqTZyin2InFDTFN01FYJmtAy35Pfe4WPfKDeZKV7wc7nGpnIy9
OVqdozCJg1bNbBp8rlRwF33UDRy/dojJcdgocfkTmsZaRe1HqAa7RnVuLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQacL/IA2et3eGXbemz+LpIendTMB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc/f2l43j
6yDxzuA9h5Z764GJ2LPiPamd6H5ck/0jMwUjrVQydVm//RIF7J8q4/wiFp3w9eHE
lwYAJ+mOTe/BlckZC9hth/534pn+bnrhi9mDUSobvZhk37WLraJ41N5unZKbzEmF
1wQc+kYs+oFlPQrUvFbmt0KLh6t5SD5yvVYYvETk2o61OL9ioLAZO0PgTWRB8AD9
tY4eoBOwvo/9mj42fSDo5sSpcCjzbZSKrKWdavKhK+fS8B4BNYJE5OARfj3k2xBA
untxSGTgNQLnal7MZ23/jMPu0lxaBaxGcsScNo26641NKqmdjCMx1RQgy3fTK9JA
SVBn4HvE6jKCTA==
-----END CERTIFICATE-----