Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          KSCfhpJt334Gje/+j7hDufFai1eqCCdplByCr7nPSCA=
Subject key identifier:   CF:2A:4D:3E:4F:1D:F0:44:A4:D0:3E:CD:EE:C3:6A:AA:B2:DC:2E:8C
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       01974C6969B520E9A2035DD69EA0BECC59E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 22:01:06 +0000
Manifest this update:     Sat 07 Jun 2025 22:01:06 +0000
Manifest next update:     Sun 08 Jun 2025 22:01:06 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: v/gVWdWGqBmGnAnLvq/+G5Mgz+aL0d5XB+KgPcVbooY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 22:01:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:69:b5:20:e9:a2:03:5d:d6:9e:a0:be:cc:59:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Jun  7 22:01:06 2025 GMT
            Not After : Jun  8 22:01:06 2025 GMT
        Subject: CN=cf2a4d3e4f1df044a4d03ecdeec36aaab2dc2e8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:da:62:43:71:bd:fb:55:a1:97:2c:13:e5:2c:
                    16:6c:cd:b9:77:7e:b4:0f:00:5d:1f:db:00:d3:de:
                    c9:2d:6c:bb:10:79:70:0f:0c:d1:a4:66:16:fa:fe:
                    8e:f9:e0:2f:f5:5f:d2:09:ee:dd:8a:19:d8:00:45:
                    b4:23:16:18:44:ab:7d:48:72:64:bd:60:72:59:30:
                    84:d6:eb:cf:d0:74:7c:bd:78:86:c8:2f:96:08:93:
                    fe:07:01:30:ad:35:b4:3c:b3:53:31:9b:66:68:3e:
                    38:b9:b2:90:fe:ab:28:b0:6e:8b:8c:67:3c:66:c1:
                    0e:3d:d0:8d:d4:87:0e:b2:d6:29:e9:d7:f5:1a:32:
                    68:ec:0e:ee:8e:36:f0:d8:c5:2b:c9:f8:45:8d:4d:
                    de:f9:0f:f4:1d:72:da:47:d3:d2:b0:97:e1:1d:ce:
                    3e:42:f7:72:39:2d:4d:c5:e6:d2:e9:6a:6f:01:17:
                    5c:af:b4:53:31:1c:d9:c6:10:c4:e5:ca:02:19:be:
                    98:35:2f:a1:52:52:7d:88:83:78:70:2c:d8:9b:20:
                    1f:e6:b3:28:89:14:39:54:1b:ba:d1:42:d0:fb:c4:
                    c2:22:e5:72:3d:a8:9b:9a:f4:63:b3:e7:c6:2b:88:
                    87:c3:3c:b3:04:95:af:a2:65:40:b2:5c:48:09:68:
                    43:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:2A:4D:3E:4F:1D:F0:44:A4:D0:3E:CD:EE:C3:6A:AA:B2:DC:2E:8C
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:69:6d:4e:f3:7a:35:d3:8e:27:01:48:39:69:40:c2:bb:7e:
         60:18:e2:65:b3:92:64:46:ba:03:e9:3c:42:0d:b6:68:9e:82:
         18:0e:42:0a:ce:f0:ac:d0:94:63:62:e6:17:11:ac:4b:e1:5e:
         49:90:8c:f9:86:76:bf:1b:36:c7:50:65:06:fb:9f:d1:77:85:
         40:4c:47:f1:94:f9:2c:57:f5:3d:cc:9a:d6:60:7f:46:c4:38:
         4a:f2:1a:cd:fc:64:80:5d:ab:ec:05:41:a6:e0:2e:b4:6d:41:
         cb:65:f9:5c:5c:a0:3f:6f:ba:4f:2d:af:2c:64:d7:a1:2a:94:
         8a:41:15:f1:ac:07:61:cc:ed:30:f7:4a:ed:8f:66:26:85:71:
         51:a8:35:b1:66:8d:ec:ea:e1:5a:4a:68:ff:79:86:a5:af:db:
         a0:50:65:7d:28:42:d0:b6:bb:d5:69:1d:4d:04:02:94:9a:5f:
         03:5f:4a:43:ec:6f:73:0c:29:45:ce:50:35:46:a0:26:76:20:
         33:7e:e5:7d:aa:a1:da:f0:df:5a:ac:48:f9:30:bf:5c:1e:e0:
         31:79:64:a6:8a:13:e7:fb:18:f8:27:26:aa:9a:5e:6e:4e:31:
         30:33:16:26:65:d2:e9:e6:55:b5:7c:d8:54:cf:32:7e:d2:ea:
         38:98:d7:bf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaWm1IOmiA13WnqC+zFnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjUwNjA3MjIwMTA2WhcNMjUwNjA4MjIwMTA2WjAzMTEwLwYDVQQD
EyhjZjJhNGQzZTRmMWRmMDQ0YTRkMDNlY2RlZWMzNmFhYWIyZGMyZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NpiQ3G9+1WhlywT5SwWbM25d360
DwBdH9sA097JLWy7EHlwDwzRpGYW+v6O+eAv9V/SCe7dihnYAEW0IxYYRKt9SHJk
vWByWTCE1uvP0HR8vXiGyC+WCJP+BwEwrTW0PLNTMZtmaD44ubKQ/qsosG6LjGc8
ZsEOPdCN1IcOstYp6df1GjJo7A7ujjbw2MUryfhFjU3e+Q/0HXLaR9PSsJfhHc4+
QvdyOS1NxebS6WpvARdcr7RTMRzZxhDE5coCGb6YNS+hUlJ9iIN4cCzYmyAf5rMo
iRQ5VBu60ULQ+8TCIuVyPaibmvRjs+fGK4iHwzyzBJWvomVAslxICWhDnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8qTT5PHfBEpNA+ze7Daqqy3C6MMB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZmltTvN6
NdOOJwFIOWlAwrt+YBjiZbOSZEa6A+k8Qg22aJ6CGA5CCs7wrNCUY2LmFxGsS+Fe
SZCM+YZ2vxs2x1BlBvuf0XeFQExH8ZT5LFf1Pcya1mB/RsQ4SvIazfxkgF2r7AVB
puAutG1By2X5XFygP2+6Ty2vLGTXoSqUikEV8awHYcztMPdK7Y9mJoVxUag1sWaN
7OrhWkpo/3mGpa/boFBlfShC0La71WkdTQQClJpfA19KQ+xvcwwpRc5QNUagJnYg
M37lfaqh2vDfWqxI+TC/XB7gMXlkpooT5/sY+Ccmqppebk4xMDMWJmXS6eZVtXzY
VM8yftLqOJjXvw==
-----END CERTIFICATE-----