Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
File:                     Nq6kWA8QexEmjJbqMYko1O11_5M.mft (raw, json)
Hash identifier:          RC4R6+I5//aFCNAt9gvhbNRf2frAtoMWtEjBQN6WKc4=
Subject key identifier:   05:41:1C:6F:76:D0:6F:55:DE:4C:54:AB:57:E0:52:D3:D6:F1:D3:38
Authority key identifier: 36:AE:A4:58:0F:10:7B:11:26:8C:96:EA:31:89:28:D4:ED:75:FF:93
Certificate issuer:       /CN=36aea4580f107b11268c96ea318928d4ed75ff93
Certificate serial:       01964CD9304B722AB1C2D0F738818E0DE019
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
Manifest number:          03B1
Signing time:             Sat 19 Apr 2025 07:00:24 +0000
Manifest this update:     Sat 19 Apr 2025 07:00:24 +0000
Manifest next update:     Sun 20 Apr 2025 07:00:24 +0000
Files and hashes:         1: Nq6kWA8QexEmjJbqMYko1O11_5M.crl (hash: MPPn8Hd2uyvqaF2R4aN6KTh1R7FhT5izuyTgCsik8Ug=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4c:d9:30:4b:72:2a:b1:c2:d0:f7:38:81:8e:0d:e0:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36aea4580f107b11268c96ea318928d4ed75ff93
        Validity
            Not Before: Apr 19 07:00:24 2025 GMT
            Not After : Apr 20 07:00:24 2025 GMT
        Subject: CN=05411c6f76d06f55de4c54ab57e052d3d6f1d338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:14:37:6f:f2:95:16:85:b5:a0:a7:53:fd:0b:
                    f3:ac:59:5e:5c:98:3e:f4:8f:de:da:fb:d8:7b:fa:
                    75:52:81:2a:9f:e3:71:dc:95:54:d6:9f:5c:8f:62:
                    7c:3a:e8:ba:55:48:24:00:e6:f7:9a:42:d7:c1:24:
                    81:db:92:91:65:22:ba:dc:85:2d:c3:eb:9b:98:4a:
                    13:f5:33:6d:43:3f:9b:d8:7e:b2:38:d4:f3:4f:76:
                    bd:1f:d5:68:51:08:a4:3c:f3:24:f7:38:e4:b1:30:
                    18:fd:8d:87:c9:f4:43:55:0f:ed:62:af:33:ab:d7:
                    4c:06:55:a5:55:96:cd:71:4c:08:31:c3:86:e7:18:
                    8e:5e:38:cd:5b:45:79:65:9c:23:24:ae:b4:42:a8:
                    76:21:f9:de:5a:06:ed:e2:bb:d9:8b:6e:a1:cc:eb:
                    12:d3:3e:f8:6f:22:cd:0b:b4:fd:7f:7f:42:e4:60:
                    f8:8a:b1:0f:45:6e:0f:fd:9d:75:76:42:29:c1:9b:
                    ff:68:61:50:05:70:98:66:3b:16:85:8b:59:9d:c1:
                    3f:86:69:1f:b8:fa:6e:bc:4d:b1:a6:d9:bc:4c:64:
                    fc:d8:58:3e:bd:e9:41:ca:24:43:05:c6:04:b8:db:
                    77:31:ee:4e:61:d0:a6:3c:18:72:24:1e:57:73:ff:
                    0b:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:41:1C:6F:76:D0:6F:55:DE:4C:54:AB:57:E0:52:D3:D6:F1:D3:38
            X509v3 Authority Key Identifier:
                keyid:36:AE:A4:58:0F:10:7B:11:26:8C:96:EA:31:89:28:D4:ED:75:FF:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:8e:08:36:4d:c5:fe:28:33:96:ad:48:eb:0e:b2:ea:ca:03:
         01:16:20:d4:54:29:55:60:94:1f:ec:9a:df:fe:b5:4e:33:45:
         d5:b6:d9:e6:b9:91:1e:cf:8e:fa:d0:b9:f3:b3:37:b7:13:cf:
         7c:42:dc:f6:c2:51:61:66:f1:57:ab:09:92:84:0b:8c:10:48:
         bb:b1:7f:90:8d:ca:ee:cc:5b:66:0c:d0:78:24:5b:86:ac:f7:
         8b:b2:15:80:6c:6d:8c:ba:50:87:bc:f9:53:84:d7:9e:d1:ca:
         82:47:5d:a3:93:15:14:a0:a7:32:cb:6b:97:1e:8b:df:64:ad:
         52:86:e0:ea:3d:f6:52:24:79:6a:89:cf:af:a3:7a:b5:08:38:
         3d:3f:6f:37:f8:52:a6:1e:e5:e7:7a:4b:d3:29:c8:1f:ed:96:
         45:83:47:88:e3:a2:d3:20:4f:c4:3d:9f:75:b1:fb:55:ef:a7:
         91:28:e0:bc:33:22:1f:59:f5:0e:18:a4:b5:0b:ac:d9:0a:01:
         6f:89:53:0b:a8:b7:9a:81:7a:b9:b9:cd:f8:34:b0:e2:76:1c:
         f2:bf:95:5c:bd:66:03:ec:f2:26:36:2b:4f:53:29:17:b0:08:
         cb:ee:f4:d8:b6:a7:4a:dd:9d:c4:4a:e7:5e:2c:af:2e:5c:64:
         1c:ae:d4:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZM2TBLciqxwtD3OIGODeAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YWVhNDU4MGYxMDdiMTEyNjhjOTZlYTMxODkyOGQ0ZWQ3
NWZmOTMwHhcNMjUwNDE5MDcwMDI0WhcNMjUwNDIwMDcwMDI0WjAzMTEwLwYDVQQD
EygwNTQxMWM2Zjc2ZDA2ZjU1ZGU0YzU0YWI1N2UwNTJkM2Q2ZjFkMzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRQ3b/KVFoW1oKdT/QvzrFleXJg+
9I/e2vvYe/p1UoEqn+Nx3JVU1p9cj2J8Oui6VUgkAOb3mkLXwSSB25KRZSK63IUt
w+ubmEoT9TNtQz+b2H6yONTzT3a9H9VoUQikPPMk9zjksTAY/Y2HyfRDVQ/tYq8z
q9dMBlWlVZbNcUwIMcOG5xiOXjjNW0V5ZZwjJK60Qqh2IfneWgbt4rvZi26hzOsS
0z74byLNC7T9f39C5GD4irEPRW4P/Z11dkIpwZv/aGFQBXCYZjsWhYtZncE/hmkf
uPpuvE2xptm8TGT82Fg+velByiRDBcYEuNt3Me5OYdCmPBhyJB5Xc/8LiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVBHG920G9V3kxUq1fgUtPW8dM4MB8GA1UdIwQY
MBaAFDaupFgPEHsRJoyW6jGJKNTtdf+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zMDU5ZGUtYmFmYy00YTRiLTg2YjYt
ZjI4ZDk3MmM4ODA4LzEvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zMDU5ZGUtYmFmYy00YTRiLTg2YjYtZjI4ZDk3MmM4ODA4
LzEvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl44INk3F
/igzlq1I6w6y6soDARYg1FQpVWCUH+ya3/61TjNF1bbZ5rmRHs+O+tC587M3txPP
fELc9sJRYWbxV6sJkoQLjBBIu7F/kI3K7sxbZgzQeCRbhqz3i7IVgGxtjLpQh7z5
U4TXntHKgkddo5MVFKCnMstrlx6L32StUobg6j32UiR5aonPr6N6tQg4PT9vN/hS
ph7l53pL0ynIH+2WRYNHiOOi0yBPxD2fdbH7Ve+nkSjgvDMiH1n1DhiktQus2QoB
b4lTC6i3moF6ubnN+DSw4nYc8r+VXL1mA+zyJjYrT1MpF7AIy+702LanSt2dxErn
XiyvLlxkHK7UTw==
-----END CERTIFICATE-----