Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          D6rVk6CAOM3wALQpZ4AZAdKdRUVeeYSHSgaWAwF5NUY=
Subject key identifier:   37:BF:C6:1C:7E:E6:CF:59:E7:59:CE:EA:B8:F8:5D:F3:19:2D:F7:4C
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       01951134E36B9CB315B369D83B0A5B40AA37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          1453
Signing time:             Mon 17 Feb 2025 00:00:33 +0000
Manifest this update:     Mon 17 Feb 2025 00:00:33 +0000
Manifest next update:     Tue 18 Feb 2025 00:00:33 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: 0kQzP993Nm1leVvE6wNHy/0BPw0wQPFPAy/Rba3eW1A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:34:e3:6b:9c:b3:15:b3:69:d8:3b:0a:5b:40:aa:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: Feb 17 00:00:33 2025 GMT
            Not After : Feb 18 00:00:33 2025 GMT
        Subject: CN=37bfc61c7ee6cf59e759ceeab8f85df3192df74c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ca:ef:14:a8:49:f4:3d:c0:c6:80:93:fe:ed:
                    1c:54:47:66:0f:f2:fb:a2:a0:52:ca:e3:39:51:c4:
                    46:89:fa:21:b1:64:8a:5e:15:e2:b8:02:08:cc:bf:
                    9a:1f:a4:f8:56:ac:11:a6:b0:05:f5:f5:ad:c7:e0:
                    66:de:1f:1e:dd:64:46:3e:17:f4:d8:fe:d6:63:91:
                    0d:e4:e2:10:b9:0a:12:6e:e4:a9:51:58:8b:e2:61:
                    a9:b1:de:bc:47:3c:26:dc:95:75:54:5b:67:14:9d:
                    ef:ee:96:74:cc:11:bc:ae:ee:44:d5:d6:c7:39:28:
                    66:5d:0b:a5:d4:64:9f:33:5f:52:18:4e:42:a0:7e:
                    37:4f:e4:16:6c:5b:78:05:48:2d:d8:26:5e:1f:10:
                    5d:06:31:c1:5b:42:b7:45:0d:2f:be:8a:2f:67:da:
                    b3:21:da:43:ac:19:82:be:10:10:fd:9b:9d:99:7e:
                    52:81:d5:47:2b:11:af:79:c6:79:27:c8:b7:28:31:
                    a1:94:8c:6e:17:13:b3:ec:28:b2:de:16:71:91:06:
                    e9:04:1f:47:03:d0:3c:c1:97:8d:1f:84:c9:bb:4f:
                    71:e4:f9:19:2c:05:73:7b:6a:e3:8d:a0:1d:c9:fc:
                    11:56:de:5a:cb:f7:44:c2:91:f8:14:67:ac:77:58:
                    52:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:BF:C6:1C:7E:E6:CF:59:E7:59:CE:EA:B8:F8:5D:F3:19:2D:F7:4C
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:5f:99:f9:78:be:fe:34:42:13:1f:87:47:7d:ac:17:3e:7a:
         a6:62:c7:a7:1b:89:ff:09:cb:ba:d8:68:14:17:6c:0d:1e:40:
         c7:8b:a5:5c:df:59:8c:2e:14:3b:aa:76:8b:ad:02:ea:76:22:
         79:4a:ea:e1:9d:87:ba:8b:9a:e9:0f:3c:22:dd:9c:bc:e8:f5:
         1d:90:d3:ae:b4:7e:d0:2b:d9:81:4f:56:c2:89:7b:56:9d:65:
         67:48:73:c3:9a:a8:10:1a:23:02:3a:51:56:6b:12:24:3d:49:
         d6:36:38:cd:25:db:10:12:a5:2f:76:a1:7e:ca:45:8a:72:05:
         eb:62:96:28:19:6b:16:97:1a:ef:03:f2:17:fc:3b:c4:7a:cd:
         d2:d7:1d:9e:71:3b:e8:99:86:f9:be:e5:4a:7a:1b:07:a9:92:
         92:6d:44:cb:c8:b3:30:4d:11:0a:46:7a:00:ef:99:b4:e6:3a:
         29:21:41:af:66:c3:08:9c:51:62:ca:aa:5f:be:3b:ae:57:71:
         bf:1a:55:cf:13:fe:2f:8b:5f:67:b3:54:f3:2a:b7:da:71:b6:
         cc:62:5e:d9:ed:08:4f:e4:d7:72:fd:0b:a5:5d:e6:6d:1e:98:
         cf:3e:fa:10:97:eb:9a:55:c6:b8:a9:52:e7:76:80:78:5f:26:
         ef:c1:4d:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURNONrnLMVs2nYOwpbQKo3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUwMjE3MDAwMDMzWhcNMjUwMjE4MDAwMDMzWjAzMTEwLwYDVQQD
EygzN2JmYzYxYzdlZTZjZjU5ZTc1OWNlZWFiOGY4NWRmMzE5MmRmNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMrvFKhJ9D3AxoCT/u0cVEdmD/L7
oqBSyuM5UcRGifohsWSKXhXiuAIIzL+aH6T4VqwRprAF9fWtx+Bm3h8e3WRGPhf0
2P7WY5EN5OIQuQoSbuSpUViL4mGpsd68Rzwm3JV1VFtnFJ3v7pZ0zBG8ru5E1dbH
OShmXQul1GSfM19SGE5CoH43T+QWbFt4BUgt2CZeHxBdBjHBW0K3RQ0vvoovZ9qz
IdpDrBmCvhAQ/ZudmX5SgdVHKxGvecZ5J8i3KDGhlIxuFxOz7Ciy3hZxkQbpBB9H
A9A8wZeNH4TJu09x5PkZLAVze2rjjaAdyfwRVt5ay/dEwpH4FGesd1hSvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDe/xhx+5s9Z51nO6rj4XfMZLfdMMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXl+Z+Xi+
/jRCEx+HR32sFz56pmLHpxuJ/wnLuthoFBdsDR5Ax4ulXN9ZjC4UO6p2i60C6nYi
eUrq4Z2Huoua6Q88It2cvOj1HZDTrrR+0CvZgU9Wwol7Vp1lZ0hzw5qoEBojAjpR
VmsSJD1J1jY4zSXbEBKlL3ahfspFinIF62KWKBlrFpca7wPyF/w7xHrN0tcdnnE7
6JmG+b7lSnobB6mSkm1Ey8izME0RCkZ6AO+ZtOY6KSFBr2bDCJxRYsqqX747rldx
vxpVzxP+L4tfZ7NU8yq32nG2zGJe2e0IT+TXcv0LpV3mbR6Yzz76EJfrmlXGuKlS
53aAeF8m78FN4A==
-----END CERTIFICATE-----