Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
File:                     NJxIN9k5hA1fbHSqwINm70v-SHQ.mft (raw, json)
Hash identifier:          e0QvbR59Dgh1mSoTHybj9X5Y4lymQEtY8V392VsbBy4=
Subject key identifier:   D8:62:C2:A3:FC:87:0D:1D:50:A6:AD:22:4C:E5:A6:3E:D0:7D:3E:AB
Authority key identifier: 34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74
Certificate issuer:       /CN=349c4837d939840d5f6c74aac08366ef4bfe4874
Certificate serial:       01974E57ACA195C640FB52413F84FF14F08B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
Manifest number:          016B
Signing time:             Sun 08 Jun 2025 07:00:58 +0000
Manifest this update:     Sun 08 Jun 2025 07:00:58 +0000
Manifest next update:     Mon 09 Jun 2025 07:00:58 +0000
Files and hashes:         1: NJxIN9k5hA1fbHSqwINm70v-SHQ.crl (hash: RyqO6du3LV4n5DvaK/s6qhLCTmS29u8lqAWcFWROxrY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 03:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4e:57:ac:a1:95:c6:40:fb:52:41:3f:84:ff:14:f0:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349c4837d939840d5f6c74aac08366ef4bfe4874
        Validity
            Not Before: Jun  8 07:00:58 2025 GMT
            Not After : Jun  9 07:00:58 2025 GMT
        Subject: CN=d862c2a3fc870d1d50a6ad224ce5a63ed07d3eab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:d9:9f:1e:26:e1:ec:d9:a1:9e:71:8b:50:c6:
                    fd:5e:83:fd:05:3e:83:5e:5f:af:40:52:21:51:cf:
                    80:4f:db:45:78:9b:14:92:41:11:32:6a:1a:b1:a0:
                    38:b5:da:f9:87:2d:99:22:61:33:10:e2:4e:96:23:
                    77:09:b9:ef:d8:8f:0d:3c:12:5f:5b:bf:db:ac:15:
                    11:0c:76:93:ca:c5:97:d7:49:36:dd:2c:47:af:66:
                    3f:62:0b:76:1a:4d:1f:6d:ea:6a:02:64:9a:17:86:
                    b8:f6:a4:78:d8:f1:e0:c5:40:ad:44:14:f1:1f:82:
                    ba:54:0f:23:23:d8:aa:41:77:50:01:99:59:dd:c1:
                    db:d1:eb:c0:40:ef:e2:09:e0:30:ef:89:65:57:6f:
                    60:f4:c9:3d:ff:19:8a:7b:8e:b4:35:c6:e6:9e:ab:
                    0b:10:4f:a1:69:5c:74:99:7c:82:0e:f4:4b:7f:a6:
                    18:df:72:af:80:bb:65:3d:71:ca:8a:1c:17:f3:4d:
                    45:9f:fe:1a:59:26:64:11:d7:29:77:b6:7c:38:88:
                    c7:55:a3:d2:84:57:d3:db:df:9d:cb:7d:64:6e:b3:
                    4b:b1:4c:c2:f1:f2:a9:c8:ba:b2:1f:c8:9a:ef:ca:
                    b9:fe:5e:89:a1:a2:34:2d:c9:fe:f0:80:c6:c7:15:
                    9b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:62:C2:A3:FC:87:0D:1D:50:A6:AD:22:4C:E5:A6:3E:D0:7D:3E:AB
            X509v3 Authority Key Identifier:
                keyid:34:9C:48:37:D9:39:84:0D:5F:6C:74:AA:C0:83:66:EF:4B:FE:48:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJxIN9k5hA1fbHSqwINm70v-SHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/afd71b-0268-4409-a383-584a76399414/1/NJxIN9k5hA1fbHSqwINm70v-SHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:f2:19:e2:a5:77:ff:3f:5c:c6:d2:8d:15:dc:3c:25:a0:32:
         e5:83:e9:ff:04:83:e1:e0:c3:9b:f2:de:69:0c:55:7c:68:3f:
         d5:19:e2:ed:7e:0a:98:03:97:46:ee:a1:7f:05:f4:50:3b:c7:
         8a:45:99:63:cd:cc:da:15:f1:ac:0a:24:18:c0:7a:8d:65:a4:
         74:f0:31:58:ab:c8:0f:0f:f7:92:8a:4c:0b:8a:35:9d:e8:e1:
         86:53:ce:32:f7:8e:d4:1f:7c:c0:86:23:a7:5b:38:4d:82:f7:
         99:8f:7d:73:79:22:fc:8c:6e:67:3f:f1:41:b9:a6:32:cf:0a:
         8a:a6:39:f5:03:59:97:06:f3:7a:db:35:1e:83:0a:e4:15:d0:
         a1:32:13:5f:b9:cc:13:21:f1:5c:72:2b:57:3e:e8:c6:1c:64:
         d5:03:ed:61:c3:4e:1e:1e:fc:bd:e6:7a:51:1c:93:27:3f:c5:
         45:23:4a:0a:63:0e:d4:d5:22:5a:d8:f9:bf:44:8e:0d:19:d0:
         0a:86:0a:a9:15:17:77:77:3e:b9:df:ec:f8:cd:a8:2d:cc:f6:
         92:d7:47:ae:d4:fe:fe:75:68:3e:90:45:d6:63:3a:db:1f:53:
         a7:9c:fc:80:d7:06:dc:7e:79:01:9c:61:d5:7a:9d:39:e5:ad:
         00:6f:92:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdOV6yhlcZA+1JBP4T/FPCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWM0ODM3ZDkzOTg0MGQ1ZjZjNzRhYWMwODM2NmVmNGJm
ZTQ4NzQwHhcNMjUwNjA4MDcwMDU4WhcNMjUwNjA5MDcwMDU4WjAzMTEwLwYDVQQD
EyhkODYyYzJhM2ZjODcwZDFkNTBhNmFkMjI0Y2U1YTYzZWQwN2QzZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/dmfHibh7NmhnnGLUMb9XoP9BT6D
Xl+vQFIhUc+AT9tFeJsUkkERMmoasaA4tdr5hy2ZImEzEOJOliN3Cbnv2I8NPBJf
W7/brBURDHaTysWX10k23SxHr2Y/Ygt2Gk0fbepqAmSaF4a49qR42PHgxUCtRBTx
H4K6VA8jI9iqQXdQAZlZ3cHb0evAQO/iCeAw74llV29g9Mk9/xmKe460NcbmnqsL
EE+haVx0mXyCDvRLf6YY33KvgLtlPXHKihwX801Fn/4aWSZkEdcpd7Z8OIjHVaPS
hFfT29+dy31kbrNLsUzC8fKpyLqyH8ia78q5/l6JoaI0Lcn+8IDGxxWbRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNhiwqP8hw0dUKatIkzlpj7QfT6rMB8GA1UdIwQY
MBaAFDScSDfZOYQNX2x0qsCDZu9L/kh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMt
NTg0YTc2Mzk5NDE0LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hZmQ3MWItMDI2OC00NDA5LWEzODMtNTg0YTc2Mzk5NDE0
LzEvTkp4SU45azVoQTFmYkhTcXdJTm03MHYtU0hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXPIZ4qV3
/z9cxtKNFdw8JaAy5YPp/wSD4eDDm/LeaQxVfGg/1Rni7X4KmAOXRu6hfwX0UDvH
ikWZY83M2hXxrAokGMB6jWWkdPAxWKvIDw/3kopMC4o1nejhhlPOMveO1B98wIYj
p1s4TYL3mY99c3ki/IxuZz/xQbmmMs8KiqY59QNZlwbzets1HoMK5BXQoTITX7nM
EyHxXHIrVz7oxhxk1QPtYcNOHh78veZ6URyTJz/FRSNKCmMO1NUiWtj5v0SODRnQ
CoYKqRUXd3c+ud/s+M2oLcz2ktdHrtT+/nVoPpBF1mM62x9Tp5z8gNcG3H55AZxh
1XqdOeWtAG+S7w==
-----END CERTIFICATE-----