Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
File:                     nvnDHh7MuhkCs_YiWT3pcspxi1w.mft (raw, json)
Hash identifier:          mxsK0Lwc8yiy+dA8XpDly/Vh3n0XMM5kAsDB+iPnEvk=
Subject key identifier:   36:7B:14:DA:F9:EC:99:F3:1F:24:DE:67:FF:C2:59:96:B6:52:2D:66
Authority key identifier: 9E:F9:C3:1E:1E:CC:BA:19:02:B3:F6:22:59:3D:E9:72:CA:71:8B:5C
Certificate issuer:       /CN=9ef9c31e1eccba1902b3f622593de972ca718b5c
Certificate serial:       01974D44831D0916CC2285F56CA65E8B6740
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
Manifest number:          0CD6
Signing time:             Sun 08 Jun 2025 02:00:25 +0000
Manifest this update:     Sun 08 Jun 2025 02:00:25 +0000
Manifest next update:     Mon 09 Jun 2025 02:00:25 +0000
Files and hashes:         1: nvnDHh7MuhkCs_YiWT3pcspxi1w.crl (hash: OfB2chssIpaPrhjY+ZWlrkrKc/xBJMQ7j92wA+54lJU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 02:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4d:44:83:1d:09:16:cc:22:85:f5:6c:a6:5e:8b:67:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ef9c31e1eccba1902b3f622593de972ca718b5c
        Validity
            Not Before: Jun  8 02:00:25 2025 GMT
            Not After : Jun  9 02:00:25 2025 GMT
        Subject: CN=367b14daf9ec99f31f24de67ffc25996b6522d66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:66:ab:a4:a8:a4:8d:93:00:be:be:f6:e5:87:
                    50:26:83:e6:fc:34:e8:a2:5b:83:37:a3:d0:6c:a7:
                    d5:28:85:b4:79:87:23:88:83:b3:bb:27:a9:a8:c8:
                    62:43:f4:13:4c:7a:d9:42:00:16:8c:0c:60:30:f8:
                    cd:c9:ac:0d:e6:e0:65:29:b1:30:6e:27:a3:81:66:
                    8d:9f:e5:dc:7e:a6:94:4f:50:52:a6:b1:3e:78:41:
                    58:ab:62:5a:e7:35:d3:fe:57:c9:98:13:86:5c:50:
                    9d:c1:13:0b:01:9f:9c:25:e5:a4:21:07:17:78:24:
                    ef:87:cc:47:ea:20:87:60:53:f5:7a:6f:0b:49:71:
                    8f:cc:ed:bd:6b:95:df:fd:84:86:b4:a2:9c:91:80:
                    d9:cf:d5:3e:8d:31:9d:b1:d3:e5:8e:24:6e:77:55:
                    1e:fa:ed:f3:40:fb:7c:1e:12:32:64:82:f3:d3:8d:
                    8c:04:f6:6c:00:28:2b:3c:6d:cc:d2:81:f0:2b:c5:
                    34:37:03:44:c0:e6:8d:27:b7:e8:42:7e:ac:2b:07:
                    31:ac:b3:b0:38:dd:39:2f:35:38:06:cd:7d:30:ab:
                    8d:5b:19:4f:13:ba:26:21:11:e7:1e:65:aa:a7:d1:
                    f0:f7:ca:06:88:56:5a:95:67:d6:1d:1e:25:2a:56:
                    e4:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:7B:14:DA:F9:EC:99:F3:1F:24:DE:67:FF:C2:59:96:B6:52:2D:66
            X509v3 Authority Key Identifier:
                keyid:9E:F9:C3:1E:1E:CC:BA:19:02:B3:F6:22:59:3D:E9:72:CA:71:8B:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nvnDHh7MuhkCs_YiWT3pcspxi1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/2fa7b8-a484-47df-b1c2-972c0fae67b8/1/nvnDHh7MuhkCs_YiWT3pcspxi1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:f8:60:82:f6:24:d0:10:e9:4c:24:14:fa:9b:ab:19:2c:f8:
         06:54:4f:f0:67:bc:16:03:5d:cd:15:de:9e:58:5c:a0:b9:97:
         09:57:c9:36:5e:b7:67:a2:3a:8c:a2:79:fb:4d:25:41:ac:4b:
         a2:1d:3c:c7:48:4b:f5:8f:e7:e8:2c:e4:22:6e:8f:45:d2:70:
         99:bb:5e:54:51:8f:21:5a:a6:0a:0d:7b:63:00:a5:ee:bd:3f:
         ee:a8:c9:fc:38:a1:c4:19:cc:c1:eb:33:5a:e5:ad:b0:3a:a2:
         15:f8:7f:21:ef:fd:eb:51:a4:f2:ea:44:a3:fc:c7:37:b6:91:
         e5:92:ce:ab:b7:4e:7e:22:99:a8:a4:60:08:20:65:90:0d:54:
         3f:a1:d4:4a:1b:3d:eb:7a:ce:f2:a5:4e:77:17:a1:f2:79:83:
         1a:d6:02:85:27:41:f9:73:8b:97:6d:a5:6c:47:bd:42:97:6d:
         72:0b:f6:6f:84:9a:8a:9e:57:90:76:cc:bd:b9:6a:71:46:19:
         78:e9:b0:49:6c:1f:7b:8e:8b:90:eb:6a:73:d4:80:cc:0b:76:
         6f:f3:8a:93:e3:b2:7c:b2:07:6e:3a:cb:d9:9e:1a:46:76:d1:
         e8:f8:4c:67:59:5d:7d:3c:44:23:02:9f:d0:25:53:93:25:17:
         c1:22:fe:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdNRIMdCRbMIoX1bKZei2dAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZjljMzFlMWVjY2JhMTkwMmIzZjYyMjU5M2RlOTcyY2E3
MThiNWMwHhcNMjUwNjA4MDIwMDI1WhcNMjUwNjA5MDIwMDI1WjAzMTEwLwYDVQQD
EygzNjdiMTRkYWY5ZWM5OWYzMWYyNGRlNjdmZmMyNTk5NmI2NTIyZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWarpKikjZMAvr725YdQJoPm/DTo
oluDN6PQbKfVKIW0eYcjiIOzuyepqMhiQ/QTTHrZQgAWjAxgMPjNyawN5uBlKbEw
biejgWaNn+XcfqaUT1BSprE+eEFYq2Ja5zXT/lfJmBOGXFCdwRMLAZ+cJeWkIQcX
eCTvh8xH6iCHYFP1em8LSXGPzO29a5Xf/YSGtKKckYDZz9U+jTGdsdPljiRud1Ue
+u3zQPt8HhIyZILz042MBPZsACgrPG3M0oHwK8U0NwNEwOaNJ7foQn6sKwcxrLOw
ON05LzU4Bs19MKuNWxlPE7omIRHnHmWqp9Hw98oGiFZalWfWHR4lKlbkFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZ7FNr57JnzHyTeZ//CWZa2Ui1mMB8GA1UdIwQY
MBaAFJ75wx4ezLoZArP2Ilk96XLKcYtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yZmE3YjgtYTQ4NC00N2RmLWIxYzIt
OTcyYzBmYWU2N2I4LzEvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yZmE3YjgtYTQ4NC00N2RmLWIxYzItOTcyYzBmYWU2N2I4
LzEvbnZuREhoN011aGtDc19ZaVdUM3Bjc3B4aTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi/hggvYk
0BDpTCQU+purGSz4BlRP8Ge8FgNdzRXenlhcoLmXCVfJNl63Z6I6jKJ5+00lQaxL
oh08x0hL9Y/n6CzkIm6PRdJwmbteVFGPIVqmCg17YwCl7r0/7qjJ/DihxBnMwesz
WuWtsDqiFfh/Ie/961Gk8upEo/zHN7aR5ZLOq7dOfiKZqKRgCCBlkA1UP6HUShs9
63rO8qVOdxeh8nmDGtYChSdB+XOLl22lbEe9Qpdtcgv2b4Saip5XkHbMvblqcUYZ
eOmwSWwfe46LkOtqc9SAzAt2b/OKk+OyfLIHbjrL2Z4aRnbR6PhMZ1ldfTxEIwKf
0CVTkyUXwSL+yg==
-----END CERTIFICATE-----