Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
File:                     NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json)
Hash identifier:          CTW5M8RJI6ptLidcfS9OOx5G/ax0qWvmsguF3CpUHVc=
Subject key identifier:   09:E2:55:90:E5:D9:21:AE:B1:E2:9E:B0:E6:66:37:1C:1B:D9:52:C4
Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
Certificate issuer:       /CN=3432f3546de43ce35c7871c554b8b30ef635c251
Certificate serial:       01962B2A12DB946A57090BA528C7720E4E57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
Manifest number:          8F
Signing time:             Sat 12 Apr 2025 18:01:39 +0000
Manifest this update:     Sat 12 Apr 2025 18:01:39 +0000
Manifest next update:     Sun 13 Apr 2025 18:01:39 +0000
Files and hashes:         1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: BdHt4qu7fAVK5E4Y6GvsxufAuWtxRuzlNnUQadIViYU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 13 Apr 2025 18:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:2b:2a:12:db:94:6a:57:09:0b:a5:28:c7:72:0e:4e:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251
        Validity
            Not Before: Apr 12 18:01:39 2025 GMT
            Not After : Apr 13 18:01:39 2025 GMT
        Subject: CN=09e25590e5d921aeb1e29eb0e666371c1bd952c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:14:17:d6:df:d9:82:ad:87:6e:3c:3c:36:9e:
                    09:ab:74:9b:50:20:4b:2d:f5:9e:1a:42:d0:ce:86:
                    e9:c1:0a:e4:21:e8:35:bf:9c:2c:ae:ae:ba:bb:c0:
                    c8:61:9b:cf:04:5f:88:80:fe:79:c5:76:2d:e6:9b:
                    09:6c:4c:e4:61:0e:d0:8a:69:81:38:8a:63:3b:0d:
                    70:6f:a9:c5:5b:0d:2d:3f:d8:2a:fd:19:21:69:bf:
                    6f:6a:17:b4:23:45:01:5a:c6:04:6e:05:56:47:ea:
                    0d:72:2c:91:ac:f1:61:74:8b:e1:7a:09:5d:a4:e3:
                    a1:66:59:5f:1d:2f:b0:78:be:60:77:1a:cb:5d:ee:
                    c2:e0:8f:42:9f:19:a5:86:c8:a9:c3:a3:5b:ce:c2:
                    fe:77:aa:4a:a9:6a:f2:b2:bf:b2:27:45:9f:9e:52:
                    ba:b8:52:1b:c4:76:2e:9c:80:f2:20:59:03:ea:63:
                    62:c0:03:13:a7:03:7a:e8:04:b6:db:3a:01:da:67:
                    4e:1c:71:8c:f8:32:d5:15:c7:f6:1b:78:d3:bf:b8:
                    63:6c:b6:e0:ae:a0:96:bc:d6:ad:94:d2:79:b5:64:
                    35:13:d0:72:8f:d8:53:bd:88:df:77:9f:59:d4:dc:
                    aa:f8:ba:07:c5:13:fa:07:7a:62:6f:8b:08:c8:3f:
                    59:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:E2:55:90:E5:D9:21:AE:B1:E2:9E:B0:E6:66:37:1C:1B:D9:52:C4
            X509v3 Authority Key Identifier:
                keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:3a:5f:81:72:d4:d2:8c:f2:31:56:04:30:d4:bc:6a:47:d7:
         59:71:7c:9f:96:9e:7d:13:04:4c:44:2f:40:5a:16:95:b3:f8:
         cb:5d:bf:3b:bb:04:26:ff:91:a3:26:cb:40:e6:24:cc:47:f9:
         08:0a:f6:46:2d:0f:53:7e:3a:44:ff:33:44:99:3e:7e:ee:7a:
         36:2a:b1:fa:c3:87:22:20:03:44:0c:29:ce:21:7c:7f:ce:a3:
         25:0e:1f:fc:ae:4d:d6:7f:03:eb:d0:55:5c:f1:82:d3:7a:65:
         d8:44:42:17:9a:c5:f3:d0:71:f2:94:b2:f3:81:5d:b5:dd:d7:
         7c:aa:71:f4:87:b2:36:a5:d5:de:82:01:bc:8a:7a:86:93:e8:
         e7:50:53:33:75:ac:9b:d8:78:35:5f:f5:c9:16:7e:b7:7c:69:
         2d:32:c8:3a:51:11:76:e5:37:79:24:2b:35:3b:9d:aa:52:12:
         30:a7:5c:25:9a:68:e2:d3:63:d3:3a:4c:0f:f1:6d:d2:32:83:
         75:6c:4e:e9:3a:49:48:3e:1d:d3:26:c6:ef:34:62:b2:64:98:
         2d:e1:61:a2:dc:97:1a:64:e2:bf:d2:ba:2f:61:3a:8d:ef:6c:
         9e:0a:2f:f9:b7:c0:a6:9b:a8:c4:e0:7d:81:7d:75:2f:61:c0:
         ce:df:27:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYrKhLblGpXCQulKMdyDk5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz
NWMyNTEwHhcNMjUwNDEyMTgwMTM5WhcNMjUwNDEzMTgwMTM5WjAzMTEwLwYDVQQD
EygwOWUyNTU5MGU1ZDkyMWFlYjFlMjllYjBlNjY2MzcxYzFiZDk1MmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxQX1t/Zgq2Hbjw8Np4Jq3SbUCBL
LfWeGkLQzobpwQrkIeg1v5wsrq66u8DIYZvPBF+IgP55xXYt5psJbEzkYQ7QimmB
OIpjOw1wb6nFWw0tP9gq/Rkhab9vahe0I0UBWsYEbgVWR+oNciyRrPFhdIvhegld
pOOhZllfHS+weL5gdxrLXe7C4I9Cnxmlhsipw6NbzsL+d6pKqWrysr+yJ0WfnlK6
uFIbxHYunIDyIFkD6mNiwAMTpwN66AS22zoB2mdOHHGM+DLVFcf2G3jTv7hjbLbg
rqCWvNatlNJ5tWQ1E9Byj9hTvYjfd59Z1Nyq+LoHxRP6B3pib4sIyD9ZvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAniVZDl2SGuseKesOZmNxwb2VLEMB8GA1UdIwQY
MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct
NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3
LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJTpfgXLU
0ozyMVYEMNS8akfXWXF8n5aefRMETEQvQFoWlbP4y12/O7sEJv+RoybLQOYkzEf5
CAr2Ri0PU346RP8zRJk+fu56Niqx+sOHIiADRAwpziF8f86jJQ4f/K5N1n8D69BV
XPGC03pl2ERCF5rF89Bx8pSy84Fdtd3XfKpx9IeyNqXV3oIBvIp6hpPo51BTM3Ws
m9h4NV/1yRZ+t3xpLTLIOlERduU3eSQrNTudqlISMKdcJZpo4tNj0zpMD/Ft0jKD
dWxO6TpJSD4d0ybG7zRismSYLeFhotyXGmTiv9K6L2E6je9sngov+bfAppuoxOB9
gX11L2HAzt8n9w==
-----END CERTIFICATE-----