Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
File:                     NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft (raw, json)
Hash identifier:          UltHDKPQS948Vov62zs9HYrVJ5reD0+KKXlQ/KKyq3c=
Subject key identifier:   DA:D3:6E:0D:3F:2E:5B:04:A3:65:F5:00:6F:52:BF:08:31:7D:58:63
Authority key identifier: 35:E4:B0:33:9A:0B:CB:35:39:4B:0B:CD:1E:03:10:97:C5:AB:3D:9E
Certificate issuer:       /CN=35e4b0339a0bcb35394b0bcd1e031097c5ab3d9e
Certificate serial:       0194BB2952B5FDDED33866F3D79E2DEBB2F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
Manifest number:          083E
Signing time:             Fri 31 Jan 2025 07:00:34 +0000
Manifest this update:     Fri 31 Jan 2025 07:00:34 +0000
Manifest next update:     Sat 01 Feb 2025 07:00:34 +0000
Files and hashes:         1: NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl (hash: WYaraGSxKRxizTNwfaJEnJi1RnrnavSNfnM4OUXIJa0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 01 Feb 2025 07:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:bb:29:52:b5:fd:de:d3:38:66:f3:d7:9e:2d:eb:b2:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35e4b0339a0bcb35394b0bcd1e031097c5ab3d9e
        Validity
            Not Before: Jan 31 07:00:34 2025 GMT
            Not After : Feb  1 07:00:34 2025 GMT
        Subject: CN=dad36e0d3f2e5b04a365f5006f52bf08317d5863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:a1:5e:ff:98:c9:e7:9b:86:f2:4a:04:35:99:
                    8a:76:64:e3:be:52:4f:8d:2f:de:e7:72:f8:1c:68:
                    8d:b1:b1:ba:e6:c3:92:fc:c4:c7:1f:03:f1:4d:43:
                    cd:ce:43:57:95:96:d5:14:ed:b3:43:37:1a:18:5f:
                    5e:a0:68:82:d5:0e:f3:24:2a:13:b0:cc:38:fc:56:
                    cc:ac:bd:c4:63:ff:88:4a:66:9b:2f:32:68:c7:6a:
                    98:71:29:35:41:eb:7c:29:ae:d3:c0:eb:6c:c7:bc:
                    29:ce:58:22:70:20:47:a0:7e:25:cc:19:26:cc:4d:
                    1e:b3:f6:ac:39:f0:bd:2d:ca:9f:be:06:6e:1f:25:
                    05:c6:a3:aa:d0:a0:78:0c:0c:77:62:d2:8c:ce:a9:
                    ba:85:15:6d:ac:96:38:6a:48:8a:04:71:9f:7c:3a:
                    ab:f6:53:51:ce:69:df:dc:35:22:53:6c:62:a8:9d:
                    4a:5a:03:7f:db:38:2e:71:ba:0d:c9:8c:55:50:82:
                    57:75:73:09:e5:06:37:a4:35:54:ac:1e:92:34:32:
                    b2:44:bc:69:bf:9e:6d:ca:e5:70:b8:7f:d5:f9:94:
                    9d:26:bf:e3:3d:24:9a:5a:e2:d9:60:b4:07:0d:f3:
                    a6:2c:0a:e9:6c:5b:3f:56:65:8c:20:8c:7d:3e:47:
                    45:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:D3:6E:0D:3F:2E:5B:04:A3:65:F5:00:6F:52:BF:08:31:7D:58:63
            X509v3 Authority Key Identifier:
                keyid:35:E4:B0:33:9A:0B:CB:35:39:4B:0B:CD:1E:03:10:97:C5:AB:3D:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:06:e2:1a:64:01:1b:41:24:5a:93:c9:f8:e2:20:91:99:0a:
         bd:e5:6d:75:70:7f:98:5a:88:44:55:78:2f:3b:62:17:f3:e1:
         26:3a:ef:92:bb:1b:67:a1:2f:69:72:7e:8a:81:f7:69:0d:3f:
         18:ce:fb:9c:7d:0d:1e:42:30:f7:d5:67:35:a9:57:93:ef:07:
         8b:b3:16:32:db:69:ed:d8:2f:3a:7a:a6:00:2c:9a:dd:66:63:
         dc:96:e0:99:8e:0c:c8:96:4e:a4:17:83:73:e6:07:05:00:52:
         f8:bb:8c:19:e3:65:8e:28:a9:bc:c3:67:a1:60:a0:f4:70:5e:
         71:e3:30:89:a8:31:e9:f8:3a:e5:8a:4b:74:1a:fb:8e:94:c8:
         d1:2a:43:6a:4c:f7:13:61:c3:f0:34:51:6f:45:4b:aa:a4:cc:
         91:f5:96:04:4e:f8:b5:8a:75:bc:80:6c:47:a6:4c:50:e6:0f:
         08:c7:e2:9b:ae:d1:2f:4e:63:7a:62:dc:74:b0:43:00:93:17:
         60:58:96:79:66:41:60:61:45:82:d2:66:5f:03:9c:af:01:ed:
         92:97:02:47:47:d1:14:c9:4a:7d:a9:21:a9:00:77:7d:5b:ca:
         af:49:7c:b3:53:c5:d5:1b:3c:14:73:cd:b6:f4:e1:00:6c:fb:
         71:f6:e2:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZS7KVK1/d7TOGbz154t67LxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTRiMDMzOWEwYmNiMzUzOTRiMGJjZDFlMDMxMDk3YzVh
YjNkOWUwHhcNMjUwMTMxMDcwMDM0WhcNMjUwMjAxMDcwMDM0WjAzMTEwLwYDVQQD
EyhkYWQzNmUwZDNmMmU1YjA0YTM2NWY1MDA2ZjUyYmYwODMxN2Q1ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaFe/5jJ55uG8koENZmKdmTjvlJP
jS/e53L4HGiNsbG65sOS/MTHHwPxTUPNzkNXlZbVFO2zQzcaGF9eoGiC1Q7zJCoT
sMw4/FbMrL3EY/+ISmabLzJox2qYcSk1Qet8Ka7TwOtsx7wpzlgicCBHoH4lzBkm
zE0es/asOfC9LcqfvgZuHyUFxqOq0KB4DAx3YtKMzqm6hRVtrJY4akiKBHGffDqr
9lNRzmnf3DUiU2xiqJ1KWgN/2zgucboNyYxVUIJXdXMJ5QY3pDVUrB6SNDKyRLxp
v55tyuVwuH/V+ZSdJr/jPSSaWuLZYLQHDfOmLArpbFs/VmWMIIx9PkdFoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrTbg0/LlsEo2X1AG9SvwgxfVhjMB8GA1UdIwQY
MBaAFDXksDOaC8s1OUsLzR4DEJfFqz2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80MzI2MjMtMDZiMS00ODQ3LTk4Mjkt
ZmYzMzNmYzNjNjRjLzEvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80MzI2MjMtMDZiMS00ODQ3LTk4MjktZmYzMzNmYzNjNjRj
LzEvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHAbiGmQB
G0EkWpPJ+OIgkZkKveVtdXB/mFqIRFV4LztiF/PhJjrvkrsbZ6EvaXJ+ioH3aQ0/
GM77nH0NHkIw99VnNalXk+8Hi7MWMttp7dgvOnqmACya3WZj3JbgmY4MyJZOpBeD
c+YHBQBS+LuMGeNljiipvMNnoWCg9HBeceMwiagx6fg65YpLdBr7jpTI0SpDakz3
E2HD8DRRb0VLqqTMkfWWBE74tYp1vIBsR6ZMUOYPCMfim67RL05jemLcdLBDAJMX
YFiWeWZBYGFFgtJmXwOcrwHtkpcCR0fRFMlKfakhqQB3fVvKr0l8s1PF1Rs8FHPN
tvThAGz7cfbihQ==
-----END CERTIFICATE-----