Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          Lqk7NBDYyYPcUwU06QxhT+HMj0H8mtW69y2KJUfey7k=
Subject key identifier:   A1:16:A3:CF:F9:50:BD:79:06:74:E2:01:CF:D6:63:96:9C:26:72:60
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       018F87B61E24DCC2C46BBF4049B334DCFF16
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          1175
Signing time:             Fri 17 May 2024 18:00:10 +0000
Manifest this update:     Fri 17 May 2024 18:00:10 +0000
Manifest next update:     Sat 18 May 2024 18:00:10 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: T/EUdwX0vXWKAQFHVd9aGtj/3+EOkQRZoMd2UZNRu9M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:1e:24:dc:c2:c4:6b:bf:40:49:b3:34:dc:ff:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: May 17 18:00:10 2024 GMT
            Not After : May 18 18:00:10 2024 GMT
        Subject: CN=a116a3cff950bd790674e201cfd663969c267260
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:46:73:0d:b8:43:e9:12:ab:59:04:2d:ce:57:
                    b1:d3:25:16:85:b0:95:3f:7a:b6:5d:2c:71:42:1b:
                    05:e3:39:3a:c5:29:01:80:5c:d1:84:38:b4:1a:1a:
                    04:55:a8:de:79:ad:f8:ea:f4:3f:5b:51:e6:b6:f0:
                    30:4f:6c:ba:ac:1e:20:ee:e8:90:30:61:11:f9:c6:
                    f7:50:fb:cb:8d:dc:4d:bf:59:45:28:64:b8:1b:04:
                    73:8f:2b:bf:98:b6:b1:76:26:bf:94:14:0a:d1:88:
                    32:ad:63:5d:9b:1e:40:fd:73:57:e3:36:ec:8c:54:
                    62:90:74:3e:63:db:0d:ed:d7:cf:20:3f:05:bb:58:
                    ce:85:bd:c6:5e:11:48:42:66:12:4d:95:ce:e1:cd:
                    7d:65:31:de:7f:1a:26:27:ca:c4:69:ab:2e:63:d8:
                    d4:08:d5:95:78:d8:fc:f4:ad:fd:79:bb:96:58:17:
                    8b:a0:ce:bf:e6:9f:77:8f:31:8c:5f:28:9c:77:62:
                    d4:d5:ca:6b:69:41:8a:5a:6e:fe:6a:3d:a0:40:68:
                    c4:78:77:32:47:57:85:ea:32:f8:84:7b:14:5b:c2:
                    fb:f7:c9:ea:30:4d:fd:a4:48:f2:5f:c0:7a:bd:51:
                    e3:f2:99:c2:03:0b:91:88:53:58:09:a0:88:9a:43:
                    93:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:16:A3:CF:F9:50:BD:79:06:74:E2:01:CF:D6:63:96:9C:26:72:60
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:bb:0a:f4:f9:3c:35:19:df:f3:50:8c:ef:bb:df:73:dd:af:
         78:9e:09:45:71:6c:5b:55:79:2a:81:35:9b:a0:27:7f:53:0b:
         f8:55:ea:46:3f:c0:df:72:74:52:05:0a:ae:77:ef:32:d0:3b:
         8b:41:a8:2d:10:38:9b:e7:76:e8:9b:42:a3:26:2c:4a:6d:fc:
         56:49:40:28:92:6c:fc:d6:4a:44:88:ac:1e:ef:46:67:a1:e7:
         d1:6f:5b:c1:4c:ff:b7:b9:54:24:16:40:76:84:41:bb:2d:9c:
         ca:cc:fd:96:fc:9a:7d:d7:7f:90:ef:41:32:c2:27:ad:18:a6:
         24:c9:16:ed:52:46:c7:13:73:f5:68:b9:dc:e5:06:22:56:0f:
         94:25:f6:93:8d:1a:68:1a:a3:bf:c1:77:60:25:52:a5:a6:c8:
         fb:59:5a:3c:86:34:c2:0c:f7:98:7c:48:02:29:e7:de:c1:dc:
         fa:54:04:e9:22:c0:a6:d3:0e:ba:39:7d:36:13:db:d6:96:74:
         40:b2:20:67:75:86:87:8f:ea:42:73:f0:fa:59:66:c2:0a:d7:
         06:67:a7:7f:7b:d3:2e:3c:15:aa:05:bb:21:d7:de:21:e2:a1:
         4f:ad:5d:f0:bf:e1:e5:81:48:5e:c5:2c:56:ae:31:7b:72:2d:
         74:cf:c6:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Hth4k3MLEa79ASbM03P8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjQwNTE3MTgwMDEwWhcNMjQwNTE4MTgwMDEwWjAzMTEwLwYDVQQD
EyhhMTE2YTNjZmY5NTBiZDc5MDY3NGUyMDFjZmQ2NjM5NjljMjY3MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0ZzDbhD6RKrWQQtzlex0yUWhbCV
P3q2XSxxQhsF4zk6xSkBgFzRhDi0GhoEVajeea346vQ/W1HmtvAwT2y6rB4g7uiQ
MGER+cb3UPvLjdxNv1lFKGS4GwRzjyu/mLaxdia/lBQK0YgyrWNdmx5A/XNX4zbs
jFRikHQ+Y9sN7dfPID8Fu1jOhb3GXhFIQmYSTZXO4c19ZTHefxomJ8rEaasuY9jU
CNWVeNj89K39ebuWWBeLoM6/5p93jzGMXyicd2LU1cpraUGKWm7+aj2gQGjEeHcy
R1eF6jL4hHsUW8L798nqME39pEjyX8B6vVHj8pnCAwuRiFNYCaCImkOTuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKEWo8/5UL15BnTiAc/WY5acJnJgMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmbsK9Pk8
NRnf81CM77vfc92veJ4JRXFsW1V5KoE1m6Anf1ML+FXqRj/A33J0UgUKrnfvMtA7
i0GoLRA4m+d26JtCoyYsSm38VklAKJJs/NZKRIisHu9GZ6Hn0W9bwUz/t7lUJBZA
doRBuy2cysz9lvyafdd/kO9BMsInrRimJMkW7VJGxxNz9Wi53OUGIlYPlCX2k40a
aBqjv8F3YCVSpabI+1laPIY0wgz3mHxIAinn3sHc+lQE6SLAptMOujl9NhPb1pZ0
QLIgZ3WGh4/qQnPw+llmwgrXBmenf3vTLjwVqgW7IdfeIeKhT61d8L/h5YFIXsUs
Vq4xe3ItdM/G2g==
-----END CERTIFICATE-----