Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
File:                     NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft (raw, json)
Hash identifier:          YM3p+F8CqhA3JKzqfWkIc+ku2Hd0NcZk28lnZ2t6ti0=
Subject key identifier:   9B:53:04:BD:E5:7D:74:B9:32:B3:07:52:1A:D2:7C:15:12:17:A7:CF
Authority key identifier: 35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F
Certificate issuer:       /CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
Certificate serial:       01974C69166DE865931CFFE5A9007726642F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
Manifest number:          082C
Signing time:             Sat 07 Jun 2025 22:00:44 +0000
Manifest this update:     Sat 07 Jun 2025 22:00:44 +0000
Manifest next update:     Sun 08 Jun 2025 22:00:44 +0000
Files and hashes:         1: NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl (hash: zDsz3VeNX+P3ytg9UKdiQ93UrE51gV/ur/n9Kc1VnOM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4c:69:16:6d:e8:65:93:1c:ff:e5:a9:00:77:26:64:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3506bb7ec0666022f03c0bd9f55f78c0a7eada9f
        Validity
            Not Before: Jun  7 22:00:44 2025 GMT
            Not After : Jun  8 22:00:44 2025 GMT
        Subject: CN=9b5304bde57d74b932b307521ad27c151217a7cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:23:d7:99:9e:fb:80:0b:e6:9b:1d:48:f4:3f:
                    89:47:a8:2e:4e:f0:ba:e3:82:72:51:11:89:0f:bb:
                    3e:8f:18:af:3f:c4:75:6a:83:6e:f6:b5:b4:2a:61:
                    42:28:e6:cd:fb:e8:39:6b:0f:06:06:41:b7:84:4e:
                    a5:dc:2f:b0:3b:d5:88:c0:3e:a2:6a:11:41:81:e1:
                    7a:69:28:e4:36:85:d2:ae:55:42:bb:f3:4a:7f:72:
                    5f:95:59:ce:c5:c1:42:2c:55:4a:40:90:11:df:d1:
                    a0:1c:95:e6:ec:10:38:2b:c0:96:26:5c:df:4f:a4:
                    fb:65:3b:49:61:08:38:09:d6:9d:69:9a:58:53:09:
                    59:f6:07:3d:1c:01:0a:fd:12:5b:22:f5:dc:3f:03:
                    b3:34:fc:31:c7:6c:22:e6:af:1b:3c:18:17:cc:37:
                    81:34:d9:9f:fc:96:c0:3d:fe:55:ab:65:c9:61:35:
                    90:47:1d:32:b6:89:6f:7a:7f:94:85:ad:51:67:5a:
                    69:19:ca:d3:35:02:c0:05:aa:0a:a4:18:45:8a:18:
                    d9:2f:80:17:00:61:ee:e9:1c:c7:28:b1:33:3c:6f:
                    36:61:88:84:a4:98:b0:40:f5:a0:59:38:71:8b:37:
                    3a:c9:2f:89:25:d0:6d:73:c0:29:74:5c:b3:ed:5c:
                    d6:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:53:04:BD:E5:7D:74:B9:32:B3:07:52:1A:D2:7C:15:12:17:A7:CF
            X509v3 Authority Key Identifier:
                keyid:35:06:BB:7E:C0:66:60:22:F0:3C:0B:D9:F5:5F:78:C0:A7:EA:DA:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQa7fsBmYCLwPAvZ9V94wKfq2p8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/ae8e47-14b4-4914-826f-413a5958a7f3/1/NQa7fsBmYCLwPAvZ9V94wKfq2p8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:67:8d:95:2c:a6:40:09:2a:de:d1:cc:c1:af:76:c0:a7:01:
         c9:7c:0e:c1:b6:f5:4e:7a:8b:cf:5f:3f:4e:3a:7f:29:15:b1:
         dd:d5:67:ab:63:95:d8:d4:22:33:69:11:dd:80:55:df:9d:2c:
         e7:f9:50:bf:22:bf:e8:9f:09:6c:44:53:26:20:66:ca:c6:0f:
         7f:cd:e5:5d:df:b5:c4:9a:cf:74:87:51:40:8b:bb:d2:0e:81:
         09:10:5f:ef:8b:a5:1a:d4:da:d3:e3:09:ee:9d:35:0f:af:21:
         c9:cb:1c:ff:96:1e:99:20:74:dd:df:89:9e:dd:be:43:b2:90:
         2b:87:8e:62:93:89:19:c4:3a:a7:a1:dc:82:6c:85:b3:78:fa:
         8a:78:34:b7:84:ac:c8:a9:01:74:76:17:26:5b:40:8d:e9:5e:
         d1:ba:ec:8a:62:8d:9e:ec:8d:53:0c:4e:53:55:cd:70:2f:61:
         07:c7:14:30:d7:0e:73:77:05:17:d9:d0:80:03:bc:0e:0e:1d:
         ba:21:5f:10:82:cb:85:38:9c:8a:83:8e:b0:28:58:8e:6c:d4:
         28:03:a4:bd:37:a9:b1:6d:0d:8b:01:17:36:b2:eb:d7:42:44:
         44:0c:ac:97:1e:84:cb:e4:7a:b9:63:2f:da:25:fd:55:05:e4:
         3f:25:84:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdMaRZt6GWTHP/lqQB3JmQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDZiYjdlYzA2NjYwMjJmMDNjMGJkOWY1NWY3OGMwYTdl
YWRhOWYwHhcNMjUwNjA3MjIwMDQ0WhcNMjUwNjA4MjIwMDQ0WjAzMTEwLwYDVQQD
Eyg5YjUzMDRiZGU1N2Q3NGI5MzJiMzA3NTIxYWQyN2MxNTEyMTdhN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyPXmZ77gAvmmx1I9D+JR6guTvC6
44JyURGJD7s+jxivP8R1aoNu9rW0KmFCKObN++g5aw8GBkG3hE6l3C+wO9WIwD6i
ahFBgeF6aSjkNoXSrlVCu/NKf3JflVnOxcFCLFVKQJAR39GgHJXm7BA4K8CWJlzf
T6T7ZTtJYQg4CdadaZpYUwlZ9gc9HAEK/RJbIvXcPwOzNPwxx2wi5q8bPBgXzDeB
NNmf/JbAPf5Vq2XJYTWQRx0ytolven+Uha1RZ1ppGcrTNQLABaoKpBhFihjZL4AX
AGHu6RzHKLEzPG82YYiEpJiwQPWgWThxizc6yS+JJdBtc8ApdFyz7VzWQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJtTBL3lfXS5MrMHUhrSfBUSF6fPMB8GA1UdIwQY
MBaAFDUGu37AZmAi8DwL2fVfeMCn6tqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYt
NDEzYTU5NThhN2YzLzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hZThlNDctMTRiNC00OTE0LTgyNmYtNDEzYTU5NThhN2Yz
LzEvTlFhN2ZzQm1ZQ0x3UEF2WjlWOTR3S2ZxMnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMGeNlSym
QAkq3tHMwa92wKcByXwOwbb1TnqLz18/Tjp/KRWx3dVnq2OV2NQiM2kR3YBV350s
5/lQvyK/6J8JbERTJiBmysYPf83lXd+1xJrPdIdRQIu70g6BCRBf74ulGtTa0+MJ
7p01D68hycsc/5YemSB03d+Jnt2+Q7KQK4eOYpOJGcQ6p6HcgmyFs3j6ing0t4Ss
yKkBdHYXJltAjele0brsimKNnuyNUwxOU1XNcC9hB8cUMNcOc3cFF9nQgAO8Dg4d
uiFfEILLhTicioOOsChYjmzUKAOkvTepsW0NiwEXNrLr10JERAyslx6Ey+R6uWMv
2iX9VQXkPyWEdg==
-----END CERTIFICATE-----