Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          nuvniPoNH6Z0jC5tUX/tAOH6+CiSWDNLFpa9YWLeZDg=
Subject key identifier:   CA:D3:AC:D4:B1:A3:50:CE:16:DF:2B:07:BE:F0:2E:C0:08:D8:59:22
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       019748FA6ADFBCCEBA4B1C28753CA8B59BE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          09DE
Signing time:             Sat 07 Jun 2025 06:01:00 +0000
Manifest this update:     Sat 07 Jun 2025 06:01:00 +0000
Manifest next update:     Sun 08 Jun 2025 06:01:00 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: jLooN2uGD9QYlaMVrQIAg14ei7s0ewiT0EgkI8nJgUY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 06:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:48:fa:6a:df:bc:ce:ba:4b:1c:28:75:3c:a8:b5:9b:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: Jun  7 06:01:00 2025 GMT
            Not After : Jun  8 06:01:00 2025 GMT
        Subject: CN=cad3acd4b1a350ce16df2b07bef02ec008d85922
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:b2:c7:81:66:5c:c3:b6:79:b8:74:d0:48:fe:
                    1c:6c:85:1c:86:81:a5:cb:69:15:c9:87:c8:9f:2b:
                    5d:23:86:36:39:14:94:94:74:60:35:56:c6:37:ff:
                    22:ec:45:9f:5b:fa:ff:5a:d4:8c:c6:dc:70:c9:1a:
                    b8:80:fc:18:22:7d:b1:b3:8e:74:73:4b:00:11:b4:
                    56:86:4c:66:d0:2b:3a:10:2a:05:86:07:49:0d:cb:
                    86:69:4e:c3:a1:e7:9f:f0:42:0e:4f:02:02:0c:ff:
                    b8:9a:4c:b5:9d:55:55:04:9a:21:e5:27:7c:35:63:
                    dd:dd:ee:22:e6:d0:27:05:9c:90:db:1a:f8:db:d7:
                    53:62:e5:24:c1:6f:e1:95:d0:73:2b:ed:26:37:cb:
                    90:83:96:e9:09:f7:e1:77:e5:d0:64:74:ba:0a:95:
                    81:f2:d3:d0:a3:2c:e0:71:f2:65:d3:eb:f1:09:f4:
                    cb:e1:f5:63:83:ec:e5:4d:60:a3:e6:53:9a:70:ff:
                    29:8d:56:7f:84:c7:b9:2e:1e:9e:eb:a5:4e:f9:33:
                    a3:8c:59:80:b5:a3:8e:25:66:5f:bb:48:05:46:5b:
                    41:f9:41:e7:0a:00:82:f8:cb:e8:01:c6:95:f1:be:
                    4a:b5:f3:f2:46:ba:06:cd:a4:ca:b7:7e:e6:1b:3c:
                    88:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:D3:AC:D4:B1:A3:50:CE:16:DF:2B:07:BE:F0:2E:C0:08:D8:59:22
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:44:83:f7:c0:66:89:00:e1:07:cb:4b:9f:21:c8:05:33:7f:
         a4:0b:70:87:cf:46:80:f1:60:97:6d:fe:2e:ce:48:3b:08:a4:
         59:9b:67:84:8c:56:de:cf:a5:53:91:15:1a:e2:1c:7a:35:77:
         39:14:ee:c8:75:bb:30:b8:46:a2:f3:d0:f2:17:50:44:7a:34:
         f7:cb:b6:cf:9d:fd:f6:b5:ed:87:f6:c7:e2:36:53:3e:4c:73:
         25:1d:2a:98:55:41:86:f7:e8:5d:df:e1:2e:d6:be:65:c1:54:
         d0:51:0a:53:34:4f:70:d5:3e:1a:9b:1f:9f:da:43:a7:78:07:
         49:d0:d9:ca:3b:ba:29:19:63:fd:e2:6c:8f:eb:29:23:23:f1:
         d2:67:41:12:f1:a2:59:79:5c:4a:55:5f:20:1c:98:ea:1b:f0:
         9c:5b:9c:9e:90:55:ca:62:77:a2:1b:2c:71:fc:af:81:25:c7:
         27:b6:bf:a4:bc:81:cb:a0:66:63:50:64:9f:2e:dd:eb:88:57:
         2f:f3:e0:52:bb:e8:2e:46:56:3b:95:54:35:4d:a9:7a:6a:82:
         e6:7a:27:12:b8:aa:41:4b:9c:a4:fe:91:27:bf:5e:46:53:0e:
         77:93:2e:32:4c:43:ce:72:ad:8c:a3:3a:48:97:40:93:9c:97:
         0c:13:40:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdI+mrfvM66SxwodTyotZvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjUwNjA3MDYwMTAwWhcNMjUwNjA4MDYwMTAwWjAzMTEwLwYDVQQD
EyhjYWQzYWNkNGIxYTM1MGNlMTZkZjJiMDdiZWYwMmVjMDA4ZDg1OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7LHgWZcw7Z5uHTQSP4cbIUchoGl
y2kVyYfInytdI4Y2ORSUlHRgNVbGN/8i7EWfW/r/WtSMxtxwyRq4gPwYIn2xs450
c0sAEbRWhkxm0Cs6ECoFhgdJDcuGaU7Doeef8EIOTwICDP+4mky1nVVVBJoh5Sd8
NWPd3e4i5tAnBZyQ2xr429dTYuUkwW/hldBzK+0mN8uQg5bpCffhd+XQZHS6CpWB
8tPQoyzgcfJl0+vxCfTL4fVjg+zlTWCj5lOacP8pjVZ/hMe5Lh6e66VO+TOjjFmA
taOOJWZfu0gFRltB+UHnCgCC+MvoAcaV8b5KtfPyRroGzaTKt37mGzyICwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrTrNSxo1DOFt8rB77wLsAI2FkiMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtESD98Bm
iQDhB8tLnyHIBTN/pAtwh89GgPFgl23+Ls5IOwikWZtnhIxW3s+lU5EVGuIcejV3
ORTuyHW7MLhGovPQ8hdQRHo098u2z5399rXth/bH4jZTPkxzJR0qmFVBhvfoXd/h
Lta+ZcFU0FEKUzRPcNU+Gpsfn9pDp3gHSdDZyju6KRlj/eJsj+spIyPx0mdBEvGi
WXlcSlVfIByY6hvwnFucnpBVymJ3ohsscfyvgSXHJ7a/pLyBy6BmY1Bkny7d64hX
L/PgUrvoLkZWO5VUNU2pemqC5nonEriqQUucpP6RJ79eRlMOd5MuMkxDznKtjKM6
SJdAk5yXDBNABA==
-----END CERTIFICATE-----