Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          0iBFOsqBqvmhYYJ7plCOS1dlzmqKvGI/8VzKCpEwG9U=
Subject key identifier:   78:9D:F4:43:1F:89:B8:F2:18:C7:EB:C8:F4:E3:27:30:40:F8:65:30
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       019751C5FD7F5DA6A1ACB4085CB8B25C0FD8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          033E
Signing time:             Sun 08 Jun 2025 23:00:19 +0000
Manifest this update:     Sun 08 Jun 2025 23:00:19 +0000
Manifest next update:     Mon 09 Jun 2025 23:00:19 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: DMJRfji4hZDO8QyyFyXle19UOd1wHIFncCeTNfrjrh4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:51:c5:fd:7f:5d:a6:a1:ac:b4:08:5c:b8:b2:5c:0f:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Jun  8 23:00:19 2025 GMT
            Not After : Jun  9 23:00:19 2025 GMT
        Subject: CN=789df4431f89b8f218c7ebc8f4e3273040f86530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:89:9f:2a:5d:47:2c:f0:be:ff:b6:7a:7e:f3:
                    4f:01:4b:06:91:47:f9:c5:63:2f:ad:01:85:e7:e1:
                    7f:3e:c7:a5:03:4b:75:f0:c2:12:06:01:43:12:b1:
                    ce:0d:9f:13:fa:c5:41:aa:05:af:c9:fa:57:03:f4:
                    5b:5b:c7:2d:7e:22:5c:e7:6b:29:ab:ac:18:f0:b4:
                    81:45:3f:9a:12:36:c1:2f:e4:38:d5:4b:6b:f1:ff:
                    60:2d:dd:8c:8c:c6:3a:d9:66:86:a3:be:cc:a2:7a:
                    0a:4f:13:d3:18:0c:ee:07:18:23:ac:42:63:29:10:
                    bc:63:02:ec:a3:ec:b5:50:ca:90:b3:c7:4d:1b:72:
                    4d:00:c0:b8:8b:ea:96:9e:55:77:40:b7:bc:32:4e:
                    1b:10:9b:38:9d:d0:3b:7d:a0:cb:3e:1a:8d:19:cf:
                    8e:a3:25:2e:ab:47:a7:12:d4:18:ab:c5:25:56:ac:
                    48:36:46:2f:3d:80:b3:bc:91:e0:08:25:a1:6d:a7:
                    30:0e:36:e6:df:0e:3a:f6:dc:52:39:90:7d:2d:16:
                    15:d3:2b:55:e8:30:ab:4a:b5:bd:0a:3e:1d:4b:3e:
                    d8:0e:51:f2:de:15:f4:d3:db:40:4b:52:48:8b:89:
                    4e:fa:98:e3:c3:ea:79:17:a3:57:47:79:aa:7d:c2:
                    96:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:9D:F4:43:1F:89:B8:F2:18:C7:EB:C8:F4:E3:27:30:40:F8:65:30
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:fe:11:7c:40:90:1d:e1:a3:6b:9a:a4:e2:d4:82:b7:25:5f:
         d4:d5:a4:1e:6d:c7:80:53:ed:e4:a5:ed:be:d1:b5:ac:81:7a:
         e9:ba:62:17:e7:48:56:ba:da:7e:b9:88:03:61:bc:c5:54:d5:
         89:df:72:43:e0:b1:f2:32:03:c1:7d:e5:04:2c:04:37:4d:42:
         df:90:3e:24:05:78:86:1f:52:72:16:b1:e9:be:44:c3:38:23:
         1b:df:75:aa:8e:6f:1c:f0:56:b7:7d:ca:da:90:5a:f5:e1:41:
         2b:93:46:59:53:30:06:95:fd:93:d1:0d:e6:a2:16:27:c0:eb:
         28:31:37:25:78:7c:91:49:76:7b:28:47:8b:84:51:9b:f7:37:
         d3:c3:86:6e:7f:21:ee:b7:db:16:b1:06:fe:3d:b4:a0:50:1d:
         ac:ee:13:af:e5:59:75:c2:7c:0c:e3:7f:a5:8e:f6:46:09:64:
         f2:c7:52:c2:63:7a:70:ce:82:a3:85:f0:28:4c:7b:08:aa:19:
         87:16:6c:5d:77:a5:a9:8a:0c:83:40:36:e8:21:55:de:58:5a:
         d7:10:e0:99:76:f0:69:e7:15:1e:a0:b1:78:bc:54:e5:89:aa:
         b2:cb:60:4b:b9:76:ac:33:38:b9:de:c1:65:2c:ae:eb:a4:dc:
         35:a0:50:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdRxf1/XaahrLQIXLiyXA/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjUwNjA4MjMwMDE5WhcNMjUwNjA5MjMwMDE5WjAzMTEwLwYDVQQD
Eyg3ODlkZjQ0MzFmODliOGYyMThjN2ViYzhmNGUzMjczMDQwZjg2NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYmfKl1HLPC+/7Z6fvNPAUsGkUf5
xWMvrQGF5+F/PselA0t18MISBgFDErHODZ8T+sVBqgWvyfpXA/RbW8ctfiJc52sp
q6wY8LSBRT+aEjbBL+Q41Utr8f9gLd2MjMY62WaGo77MonoKTxPTGAzuBxgjrEJj
KRC8YwLso+y1UMqQs8dNG3JNAMC4i+qWnlV3QLe8Mk4bEJs4ndA7faDLPhqNGc+O
oyUuq0enEtQYq8UlVqxINkYvPYCzvJHgCCWhbacwDjbm3w469txSOZB9LRYV0ytV
6DCrSrW9Cj4dSz7YDlHy3hX009tAS1JIi4lO+pjjw+p5F6NXR3mqfcKWqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHid9EMfibjyGMfryPTjJzBA+GUwMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMv4RfECQ
HeGja5qk4tSCtyVf1NWkHm3HgFPt5KXtvtG1rIF66bpiF+dIVrrafrmIA2G8xVTV
id9yQ+Cx8jIDwX3lBCwEN01C35A+JAV4hh9Schax6b5EwzgjG991qo5vHPBWt33K
2pBa9eFBK5NGWVMwBpX9k9EN5qIWJ8DrKDE3JXh8kUl2eyhHi4RRm/c308OGbn8h
7rfbFrEG/j20oFAdrO4Tr+VZdcJ8DON/pY72Rglk8sdSwmN6cM6Co4XwKEx7CKoZ
hxZsXXelqYoMg0A26CFV3lha1xDgmXbwaecVHqCxeLxU5YmqsstgS7l2rDM4ud7B
ZSyu66TcNaBQEA==
-----END CERTIFICATE-----