Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
File:                     nD_Ua11gbBzKtVixc24mIaS8BAM.mft (raw, json)
Hash identifier:          l7rvIFawhf85EdxBsS2RnT3LIxhkZmLUq3Tpeh7nQZc=
Subject key identifier:   58:D7:38:9D:A5:50:A1:23:F6:57:7D:41:6F:99:1F:21:FE:4D:E9:77
Authority key identifier: 9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03
Certificate issuer:       /CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
Certificate serial:       019761DE08AEC11CCEF2A67AC3E0C95A0875
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
Manifest number:          0816
Signing time:             Thu 12 Jun 2025 02:00:30 +0000
Manifest this update:     Thu 12 Jun 2025 02:00:30 +0000
Manifest next update:     Fri 13 Jun 2025 02:00:30 +0000
Files and hashes:         1: nD_Ua11gbBzKtVixc24mIaS8BAM.crl (hash: QpDhCxGicy/GqICpMEOXeb7VuBLqpw/P84+5sBYx98k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Jun 2025 02:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:61:de:08:ae:c1:1c:ce:f2:a6:7a:c3:e0:c9:5a:08:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c3fd46b5d606c1ccab558b1736e2621a4bc0403
        Validity
            Not Before: Jun 12 02:00:30 2025 GMT
            Not After : Jun 13 02:00:30 2025 GMT
        Subject: CN=58d7389da550a123f6577d416f991f21fe4de977
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a6:d0:ca:69:91:bf:75:de:60:37:7d:77:92:
                    42:99:e2:10:ae:0c:08:22:b3:15:b1:5e:c8:3a:46:
                    be:98:4e:bd:d5:4c:f3:22:42:cb:1d:af:7c:c1:fd:
                    ae:bf:22:d3:7e:61:65:25:77:e6:ba:75:bf:df:75:
                    b0:cb:39:9d:1f:4d:49:16:a6:57:6c:ef:35:fe:79:
                    85:f5:dc:b7:20:4b:00:7b:e6:31:86:b6:df:4a:59:
                    68:e4:0b:2a:4c:63:03:fa:50:2a:a5:62:a5:78:53:
                    c9:85:de:5d:4a:1a:f4:d8:ae:9f:11:20:27:e5:f0:
                    c9:2e:46:8f:dd:10:4e:49:a5:ea:ea:9e:31:82:f1:
                    2d:2c:f3:3b:b4:51:87:fd:eb:be:0c:11:55:e0:95:
                    1f:4c:6a:ea:4d:30:07:98:29:1f:a0:18:2e:98:3e:
                    55:99:78:48:e8:07:ee:cd:22:cd:ee:43:9f:48:83:
                    bb:bf:86:00:67:d0:e7:63:66:79:36:3b:76:9d:18:
                    69:83:d0:ef:57:57:ab:40:dc:9a:0e:20:c4:04:7e:
                    7a:50:54:77:c2:09:84:1e:1f:83:2b:c4:90:a7:a1:
                    5c:e3:82:3d:8a:13:8e:46:b6:e5:6e:d6:f7:71:dc:
                    59:1a:32:37:10:a8:65:4b:57:b7:ba:a5:2e:a4:2d:
                    fb:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:D7:38:9D:A5:50:A1:23:F6:57:7D:41:6F:99:1F:21:FE:4D:E9:77
            X509v3 Authority Key Identifier:
                keyid:9C:3F:D4:6B:5D:60:6C:1C:CA:B5:58:B1:73:6E:26:21:A4:BC:04:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nD_Ua11gbBzKtVixc24mIaS8BAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/5ced25-9096-4750-8219-0b31c332d50d/1/nD_Ua11gbBzKtVixc24mIaS8BAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:7f:6d:29:ce:f4:0b:0a:4d:c2:7d:20:2f:57:ec:57:5c:74:
         1e:37:05:1a:0a:56:7c:0a:73:ce:9d:9a:38:cf:98:11:d0:96:
         2f:61:81:48:cf:91:81:ac:43:cd:24:af:54:03:c3:8c:a0:82:
         b5:f3:3d:6d:33:ca:d6:93:2a:ca:e9:8f:3f:56:04:a6:08:8d:
         1d:3c:de:84:07:f8:91:28:49:d4:2b:e2:d3:5d:04:eb:ee:3d:
         47:93:54:b7:24:88:89:78:b0:52:bc:b3:14:f9:15:95:f5:f1:
         03:39:7c:0f:5a:74:fd:46:8f:e0:2d:9b:79:d9:e4:be:de:e7:
         f0:e9:2e:0c:62:9a:2e:f6:39:17:72:8b:ef:ac:77:80:76:ac:
         92:14:74:bf:49:ea:dc:62:e4:00:21:f2:7b:01:ed:07:4e:66:
         0a:2d:ab:49:4c:fd:2c:fa:33:4d:e0:e5:2f:a1:a1:96:92:65:
         36:57:b0:f0:53:a2:ec:de:ba:5e:e9:28:23:ca:7e:72:45:c0:
         09:45:a0:f6:23:4b:bb:2f:78:8f:bb:98:0d:8a:ec:20:11:cd:
         89:9c:43:81:7f:41:49:d5:21:95:f0:37:6b:cd:4a:ee:25:8c:
         dc:a4:3e:a5:2e:47:76:8f:a3:06:ad:45:23:9d:80:f1:3f:82:
         d9:e6:e9:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdh3giuwRzO8qZ6w+DJWgh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljM2ZkNDZiNWQ2MDZjMWNjYWI1NThiMTczNmUyNjIxYTRi
YzA0MDMwHhcNMjUwNjEyMDIwMDMwWhcNMjUwNjEzMDIwMDMwWjAzMTEwLwYDVQQD
Eyg1OGQ3Mzg5ZGE1NTBhMTIzZjY1NzdkNDE2Zjk5MWYyMWZlNGRlOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApabQymmRv3XeYDd9d5JCmeIQrgwI
IrMVsV7IOka+mE691UzzIkLLHa98wf2uvyLTfmFlJXfmunW/33WwyzmdH01JFqZX
bO81/nmF9dy3IEsAe+YxhrbfSllo5AsqTGMD+lAqpWKleFPJhd5dShr02K6fESAn
5fDJLkaP3RBOSaXq6p4xgvEtLPM7tFGH/eu+DBFV4JUfTGrqTTAHmCkfoBgumD5V
mXhI6AfuzSLN7kOfSIO7v4YAZ9DnY2Z5Njt2nRhpg9DvV1erQNyaDiDEBH56UFR3
wgmEHh+DK8SQp6Fc44I9ihOORrblbtb3cdxZGjI3EKhlS1e3uqUupC37pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjXOJ2lUKEj9ld9QW+ZHyH+Tel3MB8GA1UdIwQY
MBaAFJw/1GtdYGwcyrVYsXNuJiGkvAQDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTkt
MGIzMWMzMzJkNTBkLzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81Y2VkMjUtOTA5Ni00NzUwLTgyMTktMGIzMWMzMzJkNTBk
LzEvbkRfVWExMWdiQnpLdFZpeGMyNG1JYVM4QkFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKX9tKc70
CwpNwn0gL1fsV1x0HjcFGgpWfApzzp2aOM+YEdCWL2GBSM+RgaxDzSSvVAPDjKCC
tfM9bTPK1pMqyumPP1YEpgiNHTzehAf4kShJ1Cvi010E6+49R5NUtySIiXiwUryz
FPkVlfXxAzl8D1p0/UaP4C2bednkvt7n8OkuDGKaLvY5F3KL76x3gHaskhR0v0nq
3GLkACHyewHtB05mCi2rSUz9LPozTeDlL6GhlpJlNlew8FOi7N66XukoI8p+ckXA
CUWg9iNLuy94j7uYDYrsIBHNiZxDgX9BSdUhlfA3a81K7iWM3KQ+pS5Hdo+jBq1F
I52A8T+C2ebpLQ==
-----END CERTIFICATE-----