Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          RhxHYLzfzJe6OFqAA3DbNF6NaO9lkPkxGdxZu+wNWgo=
Subject key identifier:   5C:37:E5:D2:F4:58:47:E8:11:73:96:19:EB:8E:75:73:B4:06:12:ED
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       019748FA5F6A5DB2EBA83EC1A4350435D0D9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          1579
Signing time:             Sat 07 Jun 2025 06:00:57 +0000
Manifest this update:     Sat 07 Jun 2025 06:00:57 +0000
Manifest next update:     Sun 08 Jun 2025 06:00:57 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: VEE9WXgVxS4TydE8L8j1wBa/TzoEDV08uDw5RiqXNjM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 07 Jun 2025 22:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:5f:6a:5d:b2:eb:a8:3e:c1:a4:35:04:35:d0:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: Jun  7 06:00:57 2025 GMT
            Not After : Jun  8 06:00:57 2025 GMT
        Subject: CN=5c37e5d2f45847e811739619eb8e7573b40612ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:13:9a:90:13:6c:19:97:0b:f7:15:da:1f:2a:
                    9d:29:36:b7:7c:ad:da:7e:cc:50:db:9e:be:4d:24:
                    4f:ba:dd:1f:2d:50:56:24:81:e0:72:cb:e7:2c:4e:
                    86:f2:a5:72:a5:e7:60:b0:5b:7a:7b:35:5f:58:1e:
                    a3:c5:a0:d0:13:11:41:e4:e9:24:cb:22:49:c3:ad:
                    0f:d8:5c:68:32:5f:45:64:0f:10:47:5f:7d:27:03:
                    e2:ae:47:63:e1:42:c5:a5:64:45:a1:ae:30:db:90:
                    65:36:16:8c:96:71:57:ac:be:91:d8:f0:22:d5:11:
                    21:f4:0e:e0:cc:68:80:5e:c4:57:d7:96:b1:3c:43:
                    b9:23:ba:be:b0:b2:4d:ae:43:db:f2:cb:e2:97:5e:
                    0e:6f:69:8c:13:ee:ee:d9:ee:fe:57:8b:4c:eb:fd:
                    27:78:98:9e:4b:b1:9c:ef:7d:01:90:12:c4:47:a7:
                    6a:fc:e9:24:2d:ff:03:ba:b7:ea:72:c5:7d:c8:28:
                    1f:26:cd:6c:52:f0:cc:63:ce:d3:b9:6f:84:fb:77:
                    b0:d1:58:4a:a7:6a:01:4a:c3:2b:c7:0a:12:72:ff:
                    09:16:29:15:82:66:9c:b0:4a:f5:9e:b6:d4:0d:d3:
                    bb:03:82:8d:c9:d2:53:33:cd:37:fe:60:51:a4:7f:
                    3e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:37:E5:D2:F4:58:47:E8:11:73:96:19:EB:8E:75:73:B4:06:12:ED
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:1e:14:f3:0f:c8:f2:52:1e:11:de:b3:07:a8:0d:9a:25:5e:
         2f:6f:c2:06:96:ce:66:be:2d:a1:44:88:ec:cf:e6:43:1e:f4:
         91:3b:d6:19:f6:cb:f9:82:96:dd:1e:24:23:29:14:4d:5d:a3:
         19:d4:51:99:60:8a:90:d5:aa:1b:5b:1e:7d:b5:f4:8b:ef:4d:
         ab:0e:fe:84:1e:8f:27:01:d9:bf:b2:42:dd:c1:f6:4b:ac:7c:
         9a:a6:43:df:b2:4c:36:9c:a8:a6:7b:e2:e5:51:86:3d:ce:a6:
         31:5c:0e:0c:9f:69:64:ce:50:09:be:52:e9:7a:4e:44:e6:41:
         85:cf:23:f5:95:cc:5d:0d:e1:09:0e:c1:38:aa:fe:fe:e5:24:
         dc:71:76:72:ee:d2:95:5e:e9:5e:8d:42:df:09:8f:4d:df:8f:
         16:53:50:e2:04:58:80:21:1a:e3:79:ec:ea:c6:7b:71:28:a6:
         f5:58:82:00:01:cc:5a:78:db:83:5e:85:f0:99:93:87:3a:19:
         cb:ac:4f:8c:1c:69:6b:57:4e:13:5f:dc:a2:76:13:f4:02:d8:
         b2:cb:13:37:6e:0f:f0:c4:f1:32:ea:e1:26:df:f2:15:9f:0a:
         71:50:55:8b:ff:f9:0b:73:11:63:51:e0:af:bc:5e:27:b5:e0:
         de:8e:83:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+l9qXbLrqD7BpDUENdDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUwNjA3MDYwMDU3WhcNMjUwNjA4MDYwMDU3WjAzMTEwLwYDVQQD
Eyg1YzM3ZTVkMmY0NTg0N2U4MTE3Mzk2MTllYjhlNzU3M2I0MDYxMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBOakBNsGZcL9xXaHyqdKTa3fK3a
fsxQ256+TSRPut0fLVBWJIHgcsvnLE6G8qVypedgsFt6ezVfWB6jxaDQExFB5Okk
yyJJw60P2FxoMl9FZA8QR199JwPirkdj4ULFpWRFoa4w25BlNhaMlnFXrL6R2PAi
1REh9A7gzGiAXsRX15axPEO5I7q+sLJNrkPb8svil14Ob2mME+7u2e7+V4tM6/0n
eJieS7Gc730BkBLER6dq/OkkLf8DurfqcsV9yCgfJs1sUvDMY87TuW+E+3ew0VhK
p2oBSsMrxwoScv8JFikVgmacsEr1nrbUDdO7A4KNydJTM803/mBRpH8+jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFw35dL0WEfoEXOWGeuOdXO0BhLtMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKx4U8w/I
8lIeEd6zB6gNmiVeL2/CBpbOZr4toUSI7M/mQx70kTvWGfbL+YKW3R4kIykUTV2j
GdRRmWCKkNWqG1sefbX0i+9Nqw7+hB6PJwHZv7JC3cH2S6x8mqZD37JMNpyopnvi
5VGGPc6mMVwODJ9pZM5QCb5S6XpOROZBhc8j9ZXMXQ3hCQ7BOKr+/uUk3HF2cu7S
lV7pXo1C3wmPTd+PFlNQ4gRYgCEa43ns6sZ7cSim9ViCAAHMWnjbg16F8JmThzoZ
y6xPjBxpa1dOE1/conYT9ALYsssTN24P8MTxMurhJt/yFZ8KcVBVi//5C3MRY1Hg
r7xeJ7Xg3o6Dgw==
-----END CERTIFICATE-----