Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
File:                     NKh-9PEuNt_cafTUydRQ7us_9tU.mft (raw, json)
Hash identifier:          SidJoxwlCsSyEZzVCzouWRY8BlqoroIhTfyjUuxQDIc=
Subject key identifier:   0B:02:67:BB:46:0C:43:CB:C5:C0:1E:0A:A2:C6:AD:CB:E2:3D:2D:98
Authority key identifier: 34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5
Certificate issuer:       /CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
Certificate serial:       019510C752EF5B3BBE70B5FF9C020B134413
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
Manifest number:          0B4D
Signing time:             Sun 16 Feb 2025 22:00:53 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:53 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:53 +0000
Files and hashes:         1: NKh-9PEuNt_cafTUydRQ7us_9tU.crl (hash: u4HJLv8EsWXerqY1mpcCNE4A41aXwBCnz2dngTz7ByU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:52:ef:5b:3b:be:70:b5:ff:9c:02:0b:13:44:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34a87ef4f12e36dfdc69f4d4c9d450eeeb3ff6d5
        Validity
            Not Before: Feb 16 22:00:53 2025 GMT
            Not After : Feb 17 22:00:53 2025 GMT
        Subject: CN=0b0267bb460c43cbc5c01e0aa2c6adcbe23d2d98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:a7:7e:24:c3:25:d3:49:31:98:99:82:e5:a5:
                    fe:7c:99:a7:be:f9:fa:30:dc:08:73:4f:ee:1c:46:
                    87:19:76:a5:7e:80:b8:e3:1d:39:d7:7c:65:c7:c0:
                    6f:79:0c:05:99:d9:91:e7:83:dd:db:e5:e3:bf:27:
                    9b:4d:b3:25:e5:bc:90:9c:ec:c1:d7:e3:81:e8:c3:
                    78:77:c2:d2:d7:11:18:de:fb:a5:e5:f7:bc:2b:32:
                    13:a4:7c:fa:9a:2d:69:82:7b:b2:85:20:ca:d1:8b:
                    e0:83:7d:7c:b6:d7:71:bc:f7:40:dc:5a:96:55:02:
                    2e:21:99:86:22:e9:57:ee:00:9b:70:fd:41:70:56:
                    76:56:01:24:23:94:c5:b4:e9:5e:8a:47:84:76:16:
                    81:5e:8f:96:1f:ec:52:a3:89:68:82:38:5b:4f:92:
                    66:7b:88:af:fc:be:61:3c:c7:f9:26:0f:fb:95:0f:
                    a4:e8:31:e9:a4:ea:43:dd:d2:4a:d5:11:38:01:a6:
                    d8:af:fc:bc:8e:31:9f:08:dc:09:db:98:01:38:5e:
                    e5:ab:56:8a:c5:2f:87:e9:49:ad:6b:3f:c1:05:ec:
                    5d:69:32:e4:d4:fd:7b:84:9e:75:80:83:1c:03:fe:
                    45:c7:09:79:78:08:3e:6e:84:e3:c6:0c:9e:c4:50:
                    97:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:02:67:BB:46:0C:43:CB:C5:C0:1E:0A:A2:C6:AD:CB:E2:3D:2D:98
            X509v3 Authority Key Identifier:
                keyid:34:A8:7E:F4:F1:2E:36:DF:DC:69:F4:D4:C9:D4:50:EE:EB:3F:F6:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKh-9PEuNt_cafTUydRQ7us_9tU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8c19ff-a757-41b4-83fd-d490b815503b/1/NKh-9PEuNt_cafTUydRQ7us_9tU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:c4:50:e9:f0:d5:13:f6:fe:d5:0b:4c:c3:a1:2f:57:b1:11:
         4c:b7:b1:be:9b:11:86:cb:74:11:12:86:d3:f9:21:32:3b:19:
         9d:ff:c2:5a:3b:da:03:fe:bf:c2:61:2b:7f:70:fc:20:0f:1a:
         b9:f3:c4:1b:a9:89:74:5b:b8:e6:96:1f:2b:a4:17:e0:db:cf:
         23:5b:ab:5b:1f:65:0f:39:5f:fa:93:b1:bb:8f:5a:ad:16:57:
         97:ee:38:3b:ad:e7:c5:ac:72:5d:10:63:77:a7:47:31:60:75:
         67:45:f1:b8:e5:98:4e:fd:39:f2:4a:50:57:44:64:ee:3a:83:
         5b:ad:08:8f:f0:df:ee:6e:69:38:0e:24:06:87:68:c8:2e:7f:
         73:d6:0e:2e:98:94:00:d3:8e:3b:1d:c4:c3:d9:d7:b4:28:4d:
         34:f9:7a:f4:22:1e:a6:e0:16:32:49:87:42:ce:b6:9e:eb:a5:
         51:9b:ce:89:9c:00:32:bf:91:f2:8b:37:4e:03:67:da:57:fb:
         47:7f:04:b5:f7:70:f7:b8:2c:db:a8:9c:9a:98:22:71:eb:f8:
         33:31:b4:ef:d3:45:24:cc:88:4b:3c:d4:7a:3d:7f:9d:78:ff:
         82:2c:c9:26:af:67:d3:89:05:5b:81:f8:17:70:2c:3a:9e:ca:
         bf:4b:84:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx1LvWzu+cLX/nAILE0QTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTg3ZWY0ZjEyZTM2ZGZkYzY5ZjRkNGM5ZDQ1MGVlZWIz
ZmY2ZDUwHhcNMjUwMjE2MjIwMDUzWhcNMjUwMjE3MjIwMDUzWjAzMTEwLwYDVQQD
EygwYjAyNjdiYjQ2MGM0M2NiYzVjMDFlMGFhMmM2YWRjYmUyM2QyZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56d+JMMl00kxmJmC5aX+fJmnvvn6
MNwIc0/uHEaHGXalfoC44x0513xlx8BveQwFmdmR54Pd2+XjvyebTbMl5byQnOzB
1+OB6MN4d8LS1xEY3vul5fe8KzITpHz6mi1pgnuyhSDK0Yvgg318ttdxvPdA3FqW
VQIuIZmGIulX7gCbcP1BcFZ2VgEkI5TFtOleikeEdhaBXo+WH+xSo4logjhbT5Jm
e4iv/L5hPMf5Jg/7lQ+k6DHppOpD3dJK1RE4AabYr/y8jjGfCNwJ25gBOF7lq1aK
xS+H6Umtaz/BBexdaTLk1P17hJ51gIMcA/5Fxwl5eAg+boTjxgyexFCXSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAsCZ7tGDEPLxcAeCqLGrcviPS2YMB8GA1UdIwQY
MBaAFDSofvTxLjbf3Gn01MnUUO7rP/bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQt
ZDQ5MGI4MTU1MDNiLzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC84YzE5ZmYtYTc1Ny00MWI0LTgzZmQtZDQ5MGI4MTU1MDNi
LzEvTktoLTlQRXVOdF9jYWZUVXlkUlE3dXNfOXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxcRQ6fDV
E/b+1QtMw6EvV7ERTLexvpsRhst0ERKG0/khMjsZnf/CWjvaA/6/wmErf3D8IA8a
ufPEG6mJdFu45pYfK6QX4NvPI1urWx9lDzlf+pOxu49arRZXl+44O63nxaxyXRBj
d6dHMWB1Z0XxuOWYTv058kpQV0Rk7jqDW60Ij/Df7m5pOA4kBodoyC5/c9YOLpiU
ANOOOx3Ew9nXtChNNPl69CIepuAWMkmHQs62nuulUZvOiZwAMr+R8os3TgNn2lf7
R38Etfdw97gs26icmpgicev4MzG079NFJMyISzzUej1/nXj/gizJJq9n04kFW4H4
F3AsOp7Kv0uEpw==
-----END CERTIFICATE-----