Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
File:                     NJI6ntps8kDsh5WeHcONNh951ho.mft (raw, json)
Hash identifier:          M9cQ/BnO5IdyjdiQHe5v8Xpv/RD5ihnvgOH++/bU50o=
Subject key identifier:   29:DC:A8:03:05:BA:F1:B7:4B:73:19:28:F1:6A:C2:AA:9D:74:4A:A9
Authority key identifier: 34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A
Certificate issuer:       /CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
Certificate serial:       019512102A6232BB0A36A8ADE4828C6924C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
Manifest number:          0266
Signing time:             Mon 17 Feb 2025 04:00:03 +0000
Manifest this update:     Mon 17 Feb 2025 04:00:03 +0000
Manifest next update:     Tue 18 Feb 2025 04:00:03 +0000
Files and hashes:         1: NJI6ntps8kDsh5WeHcONNh951ho.crl (hash: Tr3IxhaN17Fb/xEYFsExNA4KrRgodcjO8EguJOKS3GU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:12:10:2a:62:32:bb:0a:36:a8:ad:e4:82:8c:69:24:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
        Validity
            Not Before: Feb 17 04:00:03 2025 GMT
            Not After : Feb 18 04:00:03 2025 GMT
        Subject: CN=29dca80305baf1b74b731928f16ac2aa9d744aa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:be:81:52:30:d0:ab:d6:ea:b3:11:21:41:08:
                    53:a0:79:c5:23:fa:e6:0b:dc:72:fc:39:3b:3a:e3:
                    57:9b:8a:f9:e9:a8:d8:3a:11:e0:f0:aa:7e:80:70:
                    f0:8b:ba:20:74:d0:3d:32:a4:82:ee:af:0e:27:0c:
                    b5:a6:8f:a1:51:62:af:64:34:16:42:b6:5c:12:8b:
                    03:2a:a6:7b:7e:63:6e:32:27:f0:a0:d9:70:e4:5f:
                    72:7a:77:0a:e0:54:3d:17:12:7d:30:c5:65:55:31:
                    e1:c2:6a:f1:c5:3f:d6:62:da:c5:e5:a5:34:55:aa:
                    51:45:29:48:a5:f3:41:bc:7d:d8:1e:a8:bd:10:0f:
                    5d:60:a2:0f:3e:78:8c:93:8b:5f:e1:e9:df:75:0c:
                    48:c9:dc:02:0c:01:45:64:d9:22:4a:99:bb:22:b7:
                    6f:31:b2:6b:1a:50:52:fe:46:d6:79:18:2c:22:fc:
                    e7:ba:82:09:de:3e:b7:07:4c:ad:df:51:a4:76:bc:
                    a6:93:ff:1c:3b:cb:85:22:ee:68:4e:2f:ab:6e:ac:
                    d7:49:5c:a0:57:f1:71:69:18:7b:72:0a:87:4a:bf:
                    fe:11:d0:91:1d:07:f9:15:f8:bb:c5:32:90:08:41:
                    b6:63:dd:5e:ea:49:50:90:a8:2d:02:68:3c:11:ce:
                    e3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:DC:A8:03:05:BA:F1:B7:4B:73:19:28:F1:6A:C2:AA:9D:74:4A:A9
            X509v3 Authority Key Identifier:
                keyid:34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:6e:c0:66:5b:08:03:95:b3:ee:28:83:1a:8a:ae:21:33:9d:
         ae:46:0c:97:56:a4:7c:39:7e:54:af:d4:d9:98:5e:07:74:82:
         5e:f2:76:81:e5:9a:8c:d5:67:e6:18:c9:c3:5f:b7:db:8b:cb:
         f9:9c:a5:8f:0e:e5:ea:54:0f:df:ea:44:54:c3:06:18:ad:fe:
         61:81:3e:54:96:4f:05:59:46:77:a5:c9:dc:4b:35:1e:2b:e7:
         b5:ec:a7:64:c0:97:3c:a3:8f:71:4d:9c:0f:6a:b1:a6:a9:79:
         25:cb:4e:9d:54:05:4c:27:d8:7e:86:e8:5e:90:de:cb:5c:16:
         26:16:a0:43:52:79:7b:1f:0f:81:13:47:ce:52:f7:1d:02:50:
         a5:e5:1f:ef:9a:e9:7b:43:37:1a:7f:67:66:ec:5c:ca:5a:58:
         c3:e7:65:97:4e:11:9c:d6:eb:0b:f5:ab:f1:2a:ea:f4:f7:68:
         33:7f:25:4d:9e:e5:2b:87:7e:0f:0e:bf:cc:bb:73:b8:05:d4:
         8e:d9:3d:52:bf:65:e3:a6:bd:cc:c0:d6:22:74:25:9e:75:64:
         86:e0:87:6c:45:37:fb:4c:6d:21:07:45:e8:8a:df:31:94:1d:
         34:83:0f:c2:24:67:91:69:1a:b4:a3:35:c0:02:82:55:ad:cb:
         ca:4f:69:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUSECpiMrsKNqit5IKMaSTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTIzYTllZGE2Y2YyNDBlYzg3OTU5ZTFkYzM4ZDM2MWY3
OWQ2MWEwHhcNMjUwMjE3MDQwMDAzWhcNMjUwMjE4MDQwMDAzWjAzMTEwLwYDVQQD
EygyOWRjYTgwMzA1YmFmMWI3NGI3MzE5MjhmMTZhYzJhYTlkNzQ0YWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL6BUjDQq9bqsxEhQQhToHnFI/rm
C9xy/Dk7OuNXm4r56ajYOhHg8Kp+gHDwi7ogdNA9MqSC7q8OJwy1po+hUWKvZDQW
QrZcEosDKqZ7fmNuMifwoNlw5F9yencK4FQ9FxJ9MMVlVTHhwmrxxT/WYtrF5aU0
VapRRSlIpfNBvH3YHqi9EA9dYKIPPniMk4tf4enfdQxIydwCDAFFZNkiSpm7Irdv
MbJrGlBS/kbWeRgsIvznuoIJ3j63B0yt31Gkdrymk/8cO8uFIu5oTi+rbqzXSVyg
V/FxaRh7cgqHSr/+EdCRHQf5Ffi7xTKQCEG2Y91e6klQkKgtAmg8Ec7jQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCncqAMFuvG3S3MZKPFqwqqddEqpMB8GA1UdIwQY
MBaAFDSSOp7abPJA7IeVnh3DjTYfedYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEt
MWY4ZjNhZDA0NjgwLzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEtMWY4ZjNhZDA0Njgw
LzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOW7AZlsI
A5Wz7iiDGoquITOdrkYMl1akfDl+VK/U2ZheB3SCXvJ2geWajNVn5hjJw1+324vL
+Zyljw7l6lQP3+pEVMMGGK3+YYE+VJZPBVlGd6XJ3Es1HivnteynZMCXPKOPcU2c
D2qxpql5JctOnVQFTCfYfoboXpDey1wWJhagQ1J5ex8PgRNHzlL3HQJQpeUf75rp
e0M3Gn9nZuxcylpYw+dll04RnNbrC/Wr8Srq9PdoM38lTZ7lK4d+Dw6/zLtzuAXU
jtk9Ur9l46a9zMDWInQlnnVkhuCHbEU3+0xtIQdF6IrfMZQdNIMPwiRnkWkatKM1
wAKCVa3Lyk9pFQ==
-----END CERTIFICATE-----