Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
File:                     nc28ow8_5XpR57bAt_MgOvFnKiI.mft (raw, json)
Hash identifier:          mxg2NbBpiud0yDFWP8WGUGHVjJnHQVWStBq5YX5cIos=
Subject key identifier:   C4:91:F5:87:3B:F1:6C:3C:09:29:27:35:E7:F5:A7:8D:BE:0B:62:B9
Authority key identifier: 9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22
Certificate issuer:       /CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
Certificate serial:       019655385BBF61BC0D63E8F4AA59DBD61A09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
Manifest number:          14F8
Signing time:             Sun 20 Apr 2025 22:01:18 +0000
Manifest this update:     Sun 20 Apr 2025 22:01:18 +0000
Manifest next update:     Mon 21 Apr 2025 22:01:18 +0000
Files and hashes:         1: nc28ow8_5XpR57bAt_MgOvFnKiI.crl (hash: DVzbHIUKLr7JUXhgMPkUACJI+139U2wJZ0fIx24gGqE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:38:5b:bf:61:bc:0d:63:e8:f4:aa:59:db:d6:1a:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dcdbca30f3fe57a51e7b6c0b7f3203af1672a22
        Validity
            Not Before: Apr 20 22:01:18 2025 GMT
            Not After : Apr 21 22:01:18 2025 GMT
        Subject: CN=c491f5873bf16c3c09292735e7f5a78dbe0b62b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:6d:b4:bd:c3:d1:fa:f1:e5:d5:13:8c:a5:e1:
                    55:b8:33:be:ad:69:52:25:92:b6:b9:ad:19:19:71:
                    74:cf:8f:31:df:76:f7:f6:57:95:ea:6f:8a:e8:69:
                    01:30:51:51:4c:3a:98:70:0e:85:b5:e2:3b:0a:09:
                    c0:51:eb:3c:c2:11:c6:28:b1:01:f6:8d:2c:25:10:
                    0e:d0:15:d3:36:c4:94:13:c8:25:45:6c:3e:db:de:
                    f7:3c:83:d3:7e:9f:6c:a3:4b:b4:59:12:d5:1d:a8:
                    16:6a:97:d7:96:8e:68:2a:63:4e:25:bb:7e:2a:2f:
                    ec:86:76:4b:19:82:3b:9c:cf:97:14:86:f0:8a:49:
                    33:20:ee:bd:1d:40:61:35:c7:2c:f3:4f:34:01:ff:
                    0d:de:6f:92:92:ab:ae:65:64:5c:0d:0d:2e:a3:05:
                    03:65:c5:78:ac:b8:01:86:c1:d7:27:19:26:01:90:
                    98:7a:65:00:f9:8b:5b:77:47:1b:f0:52:af:3d:b3:
                    c3:24:65:97:44:7a:6e:89:60:ca:54:02:83:f5:f3:
                    98:a0:25:8e:f6:01:06:05:8a:e6:df:9f:64:9e:c8:
                    e5:d5:cd:8e:d4:fb:8a:e1:ec:f8:dc:bc:83:d1:41:
                    8e:4e:b3:c4:94:31:f4:2f:51:56:4d:a1:d4:10:02:
                    db:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:91:F5:87:3B:F1:6C:3C:09:29:27:35:E7:F5:A7:8D:BE:0B:62:B9
            X509v3 Authority Key Identifier:
                keyid:9D:CD:BC:A3:0F:3F:E5:7A:51:E7:B6:C0:B7:F3:20:3A:F1:67:2A:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nc28ow8_5XpR57bAt_MgOvFnKiI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/ac72a6-b836-4043-bd23-fa060b9a3b40/1/nc28ow8_5XpR57bAt_MgOvFnKiI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:42:e2:f9:47:ef:85:9f:72:c2:d1:95:a7:4a:29:66:f1:c7:
         5f:81:54:1b:a8:ff:36:c4:72:62:69:37:f0:5c:a4:dd:11:9b:
         72:82:72:81:5f:d3:31:26:65:e5:06:67:f4:b0:66:c7:e3:74:
         2f:64:92:a6:65:5d:33:be:19:09:d5:33:5a:0a:c8:2b:d5:59:
         24:4c:4e:5d:c7:39:d0:a7:af:4c:9f:46:24:1a:2d:b3:27:14:
         4b:54:b7:fc:6f:ef:fc:a9:f1:0e:f5:df:97:31:c2:52:4b:b3:
         0a:35:66:cb:bd:6a:ed:98:30:ec:57:49:29:e7:98:c2:f2:56:
         12:46:6b:a2:a7:0d:2e:28:df:97:ca:13:4c:63:02:d0:41:dd:
         a1:97:2c:a8:86:05:5c:a4:9b:48:45:84:30:12:1b:33:5d:e3:
         d9:db:28:10:7a:94:8f:07:a2:bd:db:64:89:1c:b8:89:34:85:
         66:3e:cf:69:2e:be:9b:0f:67:17:20:9a:83:da:c8:fe:4a:87:
         b4:00:96:e3:1e:2f:98:92:36:ae:60:5b:96:c4:86:9f:fc:72:
         31:6f:56:87:11:7e:cd:27:29:bd:56:e0:aa:da:3d:11:d0:3f:
         eb:3d:69:c3:ad:52:e2:17:73:4f:42:5b:c2:6c:4d:0b:73:f7:
         f0:3d:fc:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVOFu/YbwNY+j0qlnb1hoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkY2RiY2EzMGYzZmU1N2E1MWU3YjZjMGI3ZjMyMDNhZjE2
NzJhMjIwHhcNMjUwNDIwMjIwMTE4WhcNMjUwNDIxMjIwMTE4WjAzMTEwLwYDVQQD
EyhjNDkxZjU4NzNiZjE2YzNjMDkyOTI3MzVlN2Y1YTc4ZGJlMGI2MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG20vcPR+vHl1ROMpeFVuDO+rWlS
JZK2ua0ZGXF0z48x33b39leV6m+K6GkBMFFRTDqYcA6FteI7CgnAUes8whHGKLEB
9o0sJRAO0BXTNsSUE8glRWw+2973PIPTfp9so0u0WRLVHagWapfXlo5oKmNOJbt+
Ki/shnZLGYI7nM+XFIbwikkzIO69HUBhNccs8080Af8N3m+SkquuZWRcDQ0uowUD
ZcV4rLgBhsHXJxkmAZCYemUA+Ytbd0cb8FKvPbPDJGWXRHpuiWDKVAKD9fOYoCWO
9gEGBYrm359knsjl1c2O1PuK4ez43LyD0UGOTrPElDH0L1FWTaHUEALbIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMSR9Yc78Ww8CSknNef1p42+C2K5MB8GA1UdIwQY
MBaAFJ3NvKMPP+V6Uee2wLfzIDrxZyoiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMt
ZmEwNjBiOWEzYjQwLzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hYzcyYTYtYjgzNi00MDQzLWJkMjMtZmEwNjBiOWEzYjQw
LzEvbmMyOG93OF81WHBSNTdiQXRfTWdPdkZuS2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANELi+Ufv
hZ9ywtGVp0opZvHHX4FUG6j/NsRyYmk38Fyk3RGbcoJygV/TMSZl5QZn9LBmx+N0
L2SSpmVdM74ZCdUzWgrIK9VZJExOXcc50KevTJ9GJBotsycUS1S3/G/v/KnxDvXf
lzHCUkuzCjVmy71q7Zgw7FdJKeeYwvJWEkZroqcNLijfl8oTTGMC0EHdoZcsqIYF
XKSbSEWEMBIbM13j2dsoEHqUjweivdtkiRy4iTSFZj7PaS6+mw9nFyCag9rI/kqH
tACW4x4vmJI2rmBblsSGn/xyMW9WhxF+zScpvVbgqto9EdA/6z1pw61S4hdzT0Jb
wmxNC3P38D38BA==
-----END CERTIFICATE-----