Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          g3NtmfGWs+TibT8ncv8lelJ5iOqrwn5oM3aVEzBQVto=
Subject key identifier:   07:73:00:30:78:54:19:B0:00:08:06:CD:17:57:52:18:E5:25:D1:37
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       019648208ABB16B129AB582F6AB7C1431190
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          14F4
Signing time:             Fri 18 Apr 2025 09:00:14 +0000
Manifest this update:     Fri 18 Apr 2025 09:00:14 +0000
Manifest next update:     Sat 19 Apr 2025 09:00:14 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: JRsNC4YEPvlXcYdzXKURnSH5SsVGy+8elVAUV46+DQ0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 19 Apr 2025 09:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:48:20:8a:bb:16:b1:29:ab:58:2f:6a:b7:c1:43:11:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: Apr 18 09:00:14 2025 GMT
            Not After : Apr 19 09:00:14 2025 GMT
        Subject: CN=07730030785419b0000806cd17575218e525d137
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:bd:b3:d2:b1:3f:66:37:aa:9a:1b:e5:eb:ae:
                    61:c8:ef:e8:d9:0c:aa:b4:7f:aa:d8:c4:16:b4:4c:
                    17:e2:b2:7f:91:ca:d3:eb:96:73:46:4f:ea:5a:28:
                    2a:29:55:b3:21:80:f7:c4:a6:5d:1c:d1:27:eb:91:
                    67:a5:c2:3d:7f:00:ac:27:f8:3b:76:1c:4d:bf:e6:
                    1f:64:3f:d0:2c:c0:43:04:65:5b:66:fa:25:a5:60:
                    02:7c:2e:41:b4:f7:5a:ee:1d:a5:be:93:e6:65:4f:
                    62:41:b6:99:01:ab:24:51:b6:69:4a:89:8c:73:53:
                    1c:19:08:86:6f:7e:e6:77:fa:be:10:ab:f5:ba:a3:
                    22:ef:b8:36:e5:f4:02:8a:5c:30:0d:f4:bf:cb:d5:
                    ca:eb:89:15:91:c9:30:9e:d2:d4:4a:b2:d5:48:13:
                    63:f4:74:33:d9:6d:79:0b:82:2a:86:2f:de:bd:57:
                    3f:33:00:2d:7a:f3:13:5b:d9:d6:5e:a4:0e:bc:c8:
                    67:f3:e1:96:85:79:66:c0:a7:3b:48:80:3e:45:89:
                    da:b0:f7:7a:99:c5:95:d7:f5:d3:60:79:d2:75:be:
                    23:70:95:34:cb:b2:f3:cc:5a:90:67:a6:41:d0:52:
                    f4:60:5a:3b:7c:5d:31:d2:b7:71:d2:04:b0:83:27:
                    c5:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:73:00:30:78:54:19:B0:00:08:06:CD:17:57:52:18:E5:25:D1:37
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:44:84:2a:7f:5f:1e:b0:b4:00:b7:d0:aa:ec:39:dc:5d:da:
         82:ed:8d:c3:72:22:c7:92:71:ed:02:12:78:f3:86:a3:5d:b9:
         ea:1c:37:97:eb:75:81:cd:ef:ff:22:10:50:7d:35:d8:a0:d6:
         58:6a:c5:00:80:50:79:ca:eb:82:a6:53:c5:ee:68:dc:18:c5:
         5b:50:8d:58:1a:17:f9:59:66:74:64:39:c2:6e:f8:35:80:b6:
         82:d2:a4:b2:12:b8:f1:6e:de:d1:12:29:68:fb:45:91:fb:8b:
         8d:6d:18:4e:bc:a1:47:4c:35:73:dc:b2:2a:ca:8e:bf:d1:c4:
         9c:5b:de:c1:21:c7:09:37:60:eb:64:3f:83:85:c1:26:42:bf:
         26:c8:e9:c7:87:eb:30:cd:26:bc:9b:c1:68:e5:66:c6:88:46:
         d7:cf:ef:e8:9b:a9:57:b5:26:88:7e:37:ab:c5:3c:d3:57:fc:
         bb:6c:a4:d5:10:27:96:50:8e:66:d4:30:45:d1:c7:58:29:56:
         8f:4a:47:27:0e:d2:cf:83:8c:90:5b:4c:4d:09:10:b1:b0:bf:
         1f:49:9f:f8:da:9a:ea:2b:66:2b:1a:14:1b:a0:01:14:98:e4:
         6e:33:72:b2:02:db:25:6b:51:84:1c:91:f2:9a:25:06:26:09:
         d9:a6:27:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZIIIq7FrEpq1gvarfBQxGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUwNDE4MDkwMDE0WhcNMjUwNDE5MDkwMDE0WjAzMTEwLwYDVQQD
EygwNzczMDAzMDc4NTQxOWIwMDAwODA2Y2QxNzU3NTIxOGU1MjVkMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv72z0rE/Zjeqmhvl665hyO/o2Qyq
tH+q2MQWtEwX4rJ/kcrT65ZzRk/qWigqKVWzIYD3xKZdHNEn65FnpcI9fwCsJ/g7
dhxNv+YfZD/QLMBDBGVbZvolpWACfC5BtPda7h2lvpPmZU9iQbaZAaskUbZpSomM
c1McGQiGb37md/q+EKv1uqMi77g25fQCilwwDfS/y9XK64kVkckwntLUSrLVSBNj
9HQz2W15C4Iqhi/evVc/MwAtevMTW9nWXqQOvMhn8+GWhXlmwKc7SIA+RYnasPd6
mcWV1/XTYHnSdb4jcJU0y7LzzFqQZ6ZB0FL0YFo7fF0x0rdx0gSwgyfFuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAdzADB4VBmwAAgGzRdXUhjlJdE3MB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0SEKn9f
HrC0ALfQquw53F3agu2Nw3Iix5Jx7QISePOGo1256hw3l+t1gc3v/yIQUH012KDW
WGrFAIBQecrrgqZTxe5o3BjFW1CNWBoX+VlmdGQ5wm74NYC2gtKkshK48W7e0RIp
aPtFkfuLjW0YTryhR0w1c9yyKsqOv9HEnFvewSHHCTdg62Q/g4XBJkK/Jsjpx4fr
MM0mvJvBaOVmxohG18/v6JupV7UmiH43q8U801f8u2yk1RAnllCOZtQwRdHHWClW
j0pHJw7Sz4OMkFtMTQkQsbC/H0mf+Nqa6itmKxoUG6ABFJjkbjNysgLbJWtRhByR
8polBiYJ2aYnpw==
-----END CERTIFICATE-----