Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
File:                     NDLzVG3kPONceHHFVLizDvY1wlE.mft (raw, json)
Hash identifier:          PVRwQJ+s4lBctVmCdNLYwKq+WHQg2KOeKJkIkKgGPt4=
Subject key identifier:   79:A7:04:66:C3:47:F4:CE:C3:55:69:F8:DF:35:F6:53:AF:2C:A6:70
Authority key identifier: 34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51
Certificate issuer:       /CN=3432f3546de43ce35c7871c554b8b30ef635c251
Certificate serial:       01974AE8A9EF97626700EDC82B6368B1F4F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
Manifest number:          0124
Signing time:             Sat 07 Jun 2025 15:00:51 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:51 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:51 +0000
Files and hashes:         1: NDLzVG3kPONceHHFVLizDvY1wlE.crl (hash: cbOhDCwgiEqW5EvTwL/7KaUCc5FOATFyEG7u5mYsUm4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 15:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:a9:ef:97:62:67:00:ed:c8:2b:63:68:b1:f4:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3432f3546de43ce35c7871c554b8b30ef635c251
        Validity
            Not Before: Jun  7 15:00:51 2025 GMT
            Not After : Jun  8 15:00:51 2025 GMT
        Subject: CN=79a70466c347f4cec35569f8df35f653af2ca670
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:27:8e:ea:e7:1e:b2:3e:14:20:4f:be:c6:ad:
                    bd:1d:0d:2d:45:b2:b0:c9:cd:18:67:79:21:ad:81:
                    c0:f8:24:4d:24:c0:6c:eb:f6:1f:09:94:20:e6:b9:
                    74:85:ea:b5:cd:da:38:7f:fb:ba:07:3d:ff:cf:0a:
                    ec:84:4a:a8:68:37:3d:04:05:ce:68:f1:09:d4:62:
                    6a:a1:bb:d0:3e:ed:75:ec:8e:b8:11:ac:14:02:2e:
                    70:48:39:8b:a1:28:45:43:37:c0:1f:8b:cd:e4:dd:
                    d2:68:97:fb:b3:7b:9d:75:ca:e7:95:f5:db:3f:21:
                    f3:d1:05:67:72:9d:e8:ff:74:5c:cb:18:e9:34:b8:
                    59:49:d3:a4:eb:bb:ac:59:24:dd:38:aa:3e:56:64:
                    46:ca:fb:e0:5a:83:81:d5:93:7b:57:92:b0:2e:1f:
                    75:f6:21:1b:07:04:93:fd:fb:f6:fe:0c:a8:0e:ea:
                    27:e7:c4:2b:49:03:80:5f:6b:ce:ba:49:9f:61:94:
                    e0:67:4a:c0:1a:f5:e7:c0:34:2f:25:1d:42:f7:66:
                    30:2c:9e:2d:1e:48:9b:73:a4:cb:89:49:de:9c:1e:
                    74:05:01:c6:18:be:92:dc:24:2e:b2:ed:6c:c6:89:
                    9d:b2:bd:fc:22:d3:55:49:39:b1:cd:42:bc:bf:58:
                    fa:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:A7:04:66:C3:47:F4:CE:C3:55:69:F8:DF:35:F6:53:AF:2C:A6:70
            X509v3 Authority Key Identifier:
                keyid:34:32:F3:54:6D:E4:3C:E3:5C:78:71:C5:54:B8:B3:0E:F6:35:C2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDLzVG3kPONceHHFVLizDvY1wlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/de77ae-29e3-4a04-a027-6638c3eb4027/1/NDLzVG3kPONceHHFVLizDvY1wlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:c9:87:78:e7:11:65:52:ad:5e:d0:a1:9a:e8:ac:eb:90:4e:
         55:af:47:9b:5a:5b:cc:9e:a0:e8:72:86:a3:39:30:a9:c8:f8:
         37:1c:b9:ff:70:a2:04:f0:48:69:c5:f7:e3:ed:f5:8f:c9:d8:
         66:5a:1d:3e:1d:f8:fe:10:51:ca:e2:d2:22:20:45:f6:0f:9c:
         f0:ba:ca:91:ae:97:a1:55:35:f1:9a:dd:d8:47:d7:df:af:0b:
         43:be:f1:be:ca:5c:59:05:0c:07:5b:c2:8e:72:96:51:b8:cd:
         32:4a:21:f0:13:f7:46:9a:2d:85:c7:2b:cf:ce:d1:34:0a:db:
         6c:3b:60:fe:8b:2f:2a:ef:cb:9d:02:79:39:b8:50:90:a3:05:
         cd:78:d8:2d:f5:87:6a:35:cb:c9:f6:d6:77:1c:01:56:0d:0d:
         d3:5e:68:f7:f6:54:77:26:32:a7:65:e9:87:7d:7e:fb:08:b4:
         12:0b:ce:f7:03:93:4a:18:80:52:a9:ac:0f:83:1f:96:f8:28:
         57:5e:52:b3:a8:3e:4d:2e:89:a1:93:5e:98:a7:11:c6:8e:1a:
         d5:bb:86:cb:28:34:8a:b8:fe:e4:53:3d:4a:30:4b:0f:e8:ca:
         6b:28:94:1a:11:56:f4:72:15:e2:23:f0:ff:19:3d:da:e7:65:
         f9:bd:ac:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6Knvl2JnAO3IK2NosfTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzJmMzU0NmRlNDNjZTM1Yzc4NzFjNTU0YjhiMzBlZjYz
NWMyNTEwHhcNMjUwNjA3MTUwMDUxWhcNMjUwNjA4MTUwMDUxWjAzMTEwLwYDVQQD
Eyg3OWE3MDQ2NmMzNDdmNGNlYzM1NTY5ZjhkZjM1ZjY1M2FmMmNhNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyeO6ucesj4UIE++xq29HQ0tRbKw
yc0YZ3khrYHA+CRNJMBs6/YfCZQg5rl0heq1zdo4f/u6Bz3/zwrshEqoaDc9BAXO
aPEJ1GJqobvQPu117I64EawUAi5wSDmLoShFQzfAH4vN5N3SaJf7s3uddcrnlfXb
PyHz0QVncp3o/3RcyxjpNLhZSdOk67usWSTdOKo+VmRGyvvgWoOB1ZN7V5KwLh91
9iEbBwST/fv2/gyoDuon58QrSQOAX2vOukmfYZTgZ0rAGvXnwDQvJR1C92YwLJ4t
Hkibc6TLiUnenB50BQHGGL6S3CQusu1sxomdsr38ItNVSTmxzUK8v1j6vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHmnBGbDR/TOw1Vp+N819lOvLKZwMB8GA1UdIwQY
MBaAFDQy81Rt5DzjXHhxxVS4sw72NcJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjct
NjYzOGMzZWI0MDI3LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kZTc3YWUtMjllMy00YTA0LWEwMjctNjYzOGMzZWI0MDI3
LzEvTkRMelZHM2tQT05jZUhIRlZMaXpEdlkxd2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg8mHeOcR
ZVKtXtChmuis65BOVa9Hm1pbzJ6g6HKGozkwqcj4Nxy5/3CiBPBIacX34+31j8nY
ZlodPh34/hBRyuLSIiBF9g+c8LrKka6XoVU18Zrd2EfX368LQ77xvspcWQUMB1vC
jnKWUbjNMkoh8BP3Rpothccrz87RNArbbDtg/osvKu/LnQJ5ObhQkKMFzXjYLfWH
ajXLyfbWdxwBVg0N015o9/ZUdyYyp2Xph31++wi0EgvO9wOTShiAUqmsD4Mflvgo
V15Ss6g+TS6JoZNemKcRxo4a1buGyyg0irj+5FM9SjBLD+jKayiUGhFW9HIV4iPw
/xk92udl+b2sRA==
-----END CERTIFICATE-----