Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
File:                     NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft (raw, json)
Hash identifier:          Oi1F6q0GrdPpLY3OrfBj8CVRBnZSr6FkH542tbsFNYk=
Subject key identifier:   89:8F:26:5A:43:FE:76:2B:01:31:98:97:E7:CA:A7:5F:73:B1:47:AE
Authority key identifier: 35:E4:B0:33:9A:0B:CB:35:39:4B:0B:CD:1E:03:10:97:C5:AB:3D:9E
Certificate issuer:       /CN=35e4b0339a0bcb35394b0bcd1e031097c5ab3d9e
Certificate serial:       019749D5E36E65D921D8BE306FF67EEF1CA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
Manifest number:          0991
Signing time:             Sat 07 Jun 2025 10:00:43 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:43 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:43 +0000
Files and hashes:         1: NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl (hash: ZnlqPSq0i2UYPUoH96o/XzJC9wuqGJGPeld78kwD/to=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:e3:6e:65:d9:21:d8:be:30:6f:f6:7e:ef:1c:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35e4b0339a0bcb35394b0bcd1e031097c5ab3d9e
        Validity
            Not Before: Jun  7 10:00:43 2025 GMT
            Not After : Jun  8 10:00:43 2025 GMT
        Subject: CN=898f265a43fe762b01319897e7caa75f73b147ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8e:55:98:51:4e:30:7f:ce:09:90:b6:7c:2f:
                    ec:46:1f:40:ff:1f:97:c6:8d:ae:67:ce:c4:ef:22:
                    fc:2d:ea:27:69:0d:e2:20:fa:bb:37:a4:5e:45:cb:
                    3d:e3:ac:ae:b6:50:42:b1:b8:e0:ce:09:2c:a9:93:
                    72:79:cb:7c:40:24:26:e4:1e:05:1a:fd:fe:b7:99:
                    33:dd:1f:1c:e3:6c:8e:24:56:07:c8:7b:5c:ab:67:
                    78:81:3d:1b:7d:0a:d3:6b:d5:4b:82:a6:ce:fe:b5:
                    d8:ec:8d:d8:c9:4f:c6:35:33:ec:6e:71:6f:30:ba:
                    4c:41:92:2c:46:bf:5b:9c:9f:2d:2c:80:0f:04:2e:
                    42:c3:dd:c3:7a:47:d0:d7:e0:29:b2:d7:17:cd:54:
                    ef:db:74:c1:ed:68:ac:ed:c5:c1:56:cf:4e:eb:ab:
                    04:8a:7b:08:f7:1e:dd:b6:59:66:93:7c:05:cf:b5:
                    71:db:ab:33:a8:6d:03:a2:44:36:54:c0:86:f5:85:
                    d2:92:b8:82:b7:93:c7:d6:45:32:b6:5e:ba:45:7c:
                    62:fb:e1:87:8e:2b:60:b8:47:be:15:9f:e7:cf:75:
                    79:72:98:fb:18:0f:ae:0c:27:d4:6d:07:46:57:2c:
                    ac:99:a4:ba:21:48:3b:ae:4b:d2:ea:3f:d4:08:52:
                    88:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:8F:26:5A:43:FE:76:2B:01:31:98:97:E7:CA:A7:5F:73:B1:47:AE
            X509v3 Authority Key Identifier:
                keyid:35:E4:B0:33:9A:0B:CB:35:39:4B:0B:CD:1E:03:10:97:C5:AB:3D:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/432623-06b1-4847-9829-ff333fc3c64c/1/NeSwM5oLyzU5SwvNHgMQl8WrPZ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:f6:69:e7:50:81:de:35:5a:b6:26:8b:d2:01:ca:9a:f2:8c:
         f7:94:a0:3f:6c:d3:30:20:72:ce:f3:19:bc:5c:35:7a:0f:49:
         b0:95:0a:14:c5:61:09:29:20:d8:1e:40:a0:a1:32:43:3f:0f:
         61:07:d4:8f:b0:4b:5b:15:80:7b:23:eb:64:4e:cb:93:d0:a4:
         f3:29:8c:d9:ed:4c:22:ef:2e:94:1a:6e:75:3e:64:9f:34:3c:
         16:5d:f4:23:da:f2:54:ca:a7:72:34:47:a3:37:dd:68:c1:2d:
         a5:24:a0:ec:e4:5c:f2:fc:e4:5b:fd:b3:3c:e6:9d:1e:fc:6c:
         0e:1a:24:10:d5:5d:9c:b3:a3:84:6b:ee:97:66:3c:b3:3b:a5:
         7d:a6:a7:a4:2b:2a:54:2f:8d:b0:5c:7c:58:3a:03:0b:0e:a1:
         bf:f9:da:d2:48:6c:d5:32:5c:6a:f3:b9:ca:32:9b:a5:43:9b:
         40:71:91:51:11:58:f3:49:10:bc:b0:9c:44:46:06:b2:87:ca:
         21:90:f2:f0:41:e9:7f:81:71:dd:3d:29:d4:f5:3a:14:ea:60:
         21:1a:09:e7:b1:18:2f:8e:f6:e6:65:01:7c:e1:42:f5:0e:80:
         31:11:42:a4:0a:99:59:d5:9e:dd:72:ec:8b:8e:71:5b:cd:d5:
         0f:1c:4d:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1eNuZdkh2L4wb/Z+7xykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTRiMDMzOWEwYmNiMzUzOTRiMGJjZDFlMDMxMDk3YzVh
YjNkOWUwHhcNMjUwNjA3MTAwMDQzWhcNMjUwNjA4MTAwMDQzWjAzMTEwLwYDVQQD
Eyg4OThmMjY1YTQzZmU3NjJiMDEzMTk4OTdlN2NhYTc1ZjczYjE0N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo45VmFFOMH/OCZC2fC/sRh9A/x+X
xo2uZ87E7yL8LeonaQ3iIPq7N6ReRcs946yutlBCsbjgzgksqZNyect8QCQm5B4F
Gv3+t5kz3R8c42yOJFYHyHtcq2d4gT0bfQrTa9VLgqbO/rXY7I3YyU/GNTPsbnFv
MLpMQZIsRr9bnJ8tLIAPBC5Cw93DekfQ1+ApstcXzVTv23TB7Wis7cXBVs9O66sE
insI9x7dtllmk3wFz7Vx26szqG0DokQ2VMCG9YXSkriCt5PH1kUytl66RXxi++GH
jitguEe+FZ/nz3V5cpj7GA+uDCfUbQdGVyysmaS6IUg7rkvS6j/UCFKIXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFImPJlpD/nYrATGYl+fKp19zsUeuMB8GA1UdIwQY
MBaAFDXksDOaC8s1OUsLzR4DEJfFqz2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80MzI2MjMtMDZiMS00ODQ3LTk4Mjkt
ZmYzMzNmYzNjNjRjLzEvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80MzI2MjMtMDZiMS00ODQ3LTk4MjktZmYzMzNmYzNjNjRj
LzEvTmVTd001b0x5elU1U3d2TkhnTVFsOFdyUFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApfZp51CB
3jVatiaL0gHKmvKM95SgP2zTMCByzvMZvFw1eg9JsJUKFMVhCSkg2B5AoKEyQz8P
YQfUj7BLWxWAeyPrZE7Lk9Ck8ymM2e1MIu8ulBpudT5knzQ8Fl30I9ryVMqncjRH
ozfdaMEtpSSg7ORc8vzkW/2zPOadHvxsDhokENVdnLOjhGvul2Y8szulfaanpCsq
VC+NsFx8WDoDCw6hv/na0khs1TJcavO5yjKbpUObQHGRURFY80kQvLCcREYGsofK
IZDy8EHpf4Fx3T0p1PU6FOpgIRoJ57EYL4725mUBfOFC9Q6AMRFCpAqZWdWe3XLs
i45xW83VDxxNhg==
-----END CERTIFICATE-----