Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
File:                     nuC9T-woxBx9-CFI8JHsPzkb23A.mft (raw, json)
Hash identifier:          TN/eclXR3dPduYmgdFNVbUgBIIxvg4Xa6aJ8xxaBeEI=
Subject key identifier:   B8:C2:8C:C0:43:9B:A7:BD:47:B1:15:74:3B:7F:0A:AC:63:C6:C4:92
Authority key identifier: 9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70
Certificate issuer:       /CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
Certificate serial:       0197523513A9579396DC176573F50388B269
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
Manifest number:          072F
Signing time:             Mon 09 Jun 2025 01:01:39 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:39 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:39 +0000
Files and hashes:         1: nuC9T-woxBx9-CFI8JHsPzkb23A.crl (hash: SKVclbCz1IN2BM6O0cvPXp+N9Oqo6IThF5N3guTEHJ8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:35:13:a9:57:93:96:dc:17:65:73:f5:03:88:b2:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ee0bd4fec28c41c7df82148f091ec3f391bdb70
        Validity
            Not Before: Jun  9 01:01:39 2025 GMT
            Not After : Jun 10 01:01:39 2025 GMT
        Subject: CN=b8c28cc0439ba7bd47b115743b7f0aac63c6c492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:06:3d:ad:fd:a2:9a:66:30:7e:a3:74:a8:b0:
                    38:5e:2c:a5:1d:35:3c:a7:23:15:4f:66:22:af:c8:
                    1b:5d:c0:c1:01:94:ce:e3:1e:47:09:8f:62:2d:fb:
                    9d:e1:b2:cc:f2:8d:75:21:14:43:2d:c7:87:d5:4c:
                    bc:fa:0b:dd:a3:36:39:60:35:f3:73:f3:68:a8:ef:
                    45:50:0f:3c:62:18:63:bc:18:c6:58:de:d2:91:5a:
                    87:4b:44:d9:b0:2f:df:5a:c9:55:5c:8b:9d:75:3e:
                    83:e7:9d:b9:47:81:52:26:ee:ff:59:ff:04:9d:c8:
                    0b:ab:56:49:0f:a9:6c:e8:a4:4f:f7:8a:4c:2a:6a:
                    84:11:9b:f8:4c:63:a5:c9:1b:c3:69:63:6a:89:5d:
                    59:5a:d8:fb:99:dd:e3:40:31:68:6d:9d:55:18:5e:
                    98:ea:f9:58:79:91:3c:a3:07:73:d2:5a:22:60:2d:
                    65:bc:fe:a6:1f:e3:ea:ab:ca:ed:6e:8e:da:77:58:
                    a7:17:9c:1b:2b:30:b2:dc:01:32:08:c7:14:ae:51:
                    c6:4a:f2:fa:c9:71:51:4b:9e:8e:f9:a6:5f:3c:10:
                    59:f3:d4:c3:62:d4:c2:f3:9f:e6:3c:60:ed:49:13:
                    bb:b2:c2:ff:10:09:81:75:b9:19:99:64:74:6f:e5:
                    16:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:C2:8C:C0:43:9B:A7:BD:47:B1:15:74:3B:7F:0A:AC:63:C6:C4:92
            X509v3 Authority Key Identifier:
                keyid:9E:E0:BD:4F:EC:28:C4:1C:7D:F8:21:48:F0:91:EC:3F:39:1B:DB:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nuC9T-woxBx9-CFI8JHsPzkb23A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/bdd17a-fad4-4249-ac0f-edfbab3361bb/1/nuC9T-woxBx9-CFI8JHsPzkb23A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:31:8c:14:06:66:2b:ce:79:e4:56:35:9f:00:48:b9:85:6a:
         ac:f2:e9:bb:f6:7b:19:bc:00:05:9a:8c:ff:46:35:11:3f:30:
         9d:43:98:0b:07:71:8f:c2:5c:e3:4e:6d:dc:d9:cb:fd:94:48:
         05:54:12:b7:26:fc:81:ac:3e:c6:13:5f:26:f2:2c:b2:03:07:
         8f:5b:ed:d5:96:d3:20:f3:11:da:fb:03:34:ca:09:e2:9a:0e:
         a5:8c:66:5d:06:5c:98:3b:d9:24:c7:7a:b8:ff:66:06:1e:d6:
         91:c1:88:fd:dc:61:77:e5:7a:b4:bc:26:42:f9:54:71:c8:f1:
         24:04:bc:b8:52:0a:69:1c:8b:55:b0:fe:17:f5:c1:b6:61:5d:
         26:f5:44:87:e7:db:f4:80:cd:62:31:20:0a:34:6c:76:9b:63:
         7d:c4:ab:ea:2c:64:a2:c8:66:1c:b9:7b:88:aa:ce:0b:26:20:
         4a:fd:99:14:3f:5c:3f:b9:16:a6:d2:7d:58:c0:2a:36:be:6c:
         49:24:ed:bf:b6:ca:52:a8:a9:0e:73:f3:a6:61:bd:dd:c4:94:
         b6:51:89:17:d1:b6:6d:fb:f6:3c:ab:8d:16:66:93:5e:2c:04:
         6b:53:f9:3f:6c:f7:af:98:d2:db:f7:6a:58:31:b6:fd:54:af:
         00:aa:f9:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNROpV5OW3Bdlc/UDiLJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZTBiZDRmZWMyOGM0MWM3ZGY4MjE0OGYwOTFlYzNmMzkx
YmRiNzAwHhcNMjUwNjA5MDEwMTM5WhcNMjUwNjEwMDEwMTM5WjAzMTEwLwYDVQQD
EyhiOGMyOGNjMDQzOWJhN2JkNDdiMTE1NzQzYjdmMGFhYzYzYzZjNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwY9rf2immYwfqN0qLA4XiylHTU8
pyMVT2Yir8gbXcDBAZTO4x5HCY9iLfud4bLM8o11IRRDLceH1Uy8+gvdozY5YDXz
c/NoqO9FUA88YhhjvBjGWN7SkVqHS0TZsC/fWslVXIuddT6D5525R4FSJu7/Wf8E
ncgLq1ZJD6ls6KRP94pMKmqEEZv4TGOlyRvDaWNqiV1ZWtj7md3jQDFobZ1VGF6Y
6vlYeZE8owdz0loiYC1lvP6mH+Pqq8rtbo7ad1inF5wbKzCy3AEyCMcUrlHGSvL6
yXFRS56O+aZfPBBZ89TDYtTC85/mPGDtSRO7ssL/EAmBdbkZmWR0b+UWSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLjCjMBDm6e9R7EVdDt/CqxjxsSSMB8GA1UdIwQY
MBaAFJ7gvU/sKMQcffghSPCR7D85G9twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYt
ZWRmYmFiMzM2MWJiLzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZGQxN2EtZmFkNC00MjQ5LWFjMGYtZWRmYmFiMzM2MWJi
LzEvbnVDOVQtd294Qng5LUNGSThKSHNQemtiMjNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlTGMFAZm
K8555FY1nwBIuYVqrPLpu/Z7GbwABZqM/0Y1ET8wnUOYCwdxj8Jc405t3NnL/ZRI
BVQStyb8gaw+xhNfJvIssgMHj1vt1ZbTIPMR2vsDNMoJ4poOpYxmXQZcmDvZJMd6
uP9mBh7WkcGI/dxhd+V6tLwmQvlUccjxJAS8uFIKaRyLVbD+F/XBtmFdJvVEh+fb
9IDNYjEgCjRsdptjfcSr6ixkoshmHLl7iKrOCyYgSv2ZFD9cP7kWptJ9WMAqNr5s
SSTtv7bKUqipDnPzpmG93cSUtlGJF9G2bfv2PKuNFmaTXiwEa1P5P2z3r5jS2/dq
WDG2/VSvAKr5lQ==
-----END CERTIFICATE-----