Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
File:                     nSBC44DWR2UTrMCPtU-8xzYm7D0.mft (raw, json)
Hash identifier:          1Q5FfmoJMHyvGyj7t+xW6GP8Q0dy+se66XtVxt4rim8=
Subject key identifier:   D0:8D:A5:10:37:77:00:02:F5:36:49:08:99:F1:AA:DD:5A:DB:C5:6A
Authority key identifier: 9D:20:42:E3:80:D6:47:65:13:AC:C0:8F:B5:4F:BC:C7:36:26:EC:3D
Certificate issuer:       /CN=9d2042e380d6476513acc08fb54fbcc73626ec3d
Certificate serial:       019749D5DDD54228CDEBED9C9F183A508B8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
Manifest number:          AB
Signing time:             Sat 07 Jun 2025 10:00:42 +0000
Manifest this update:     Sat 07 Jun 2025 10:00:42 +0000
Manifest next update:     Sun 08 Jun 2025 10:00:42 +0000
Files and hashes:         1: nSBC44DWR2UTrMCPtU-8xzYm7D0.crl (hash: pdf/+khVL4A1ggRGcTnfexmKR8NhUy7LrlE8Y+RenBU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 09:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:49:d5:dd:d5:42:28:cd:eb:ed:9c:9f:18:3a:50:8b:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d2042e380d6476513acc08fb54fbcc73626ec3d
        Validity
            Not Before: Jun  7 10:00:42 2025 GMT
            Not After : Jun  8 10:00:42 2025 GMT
        Subject: CN=d08da51037770002f536490899f1aadd5adbc56a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:53:ce:dc:1d:a6:92:56:60:af:7d:5c:19:be:
                    a0:35:c5:ec:d7:c4:b3:7b:77:44:04:a9:7a:37:d1:
                    c0:39:47:2e:86:8b:a7:32:ee:84:05:8b:b0:84:36:
                    16:f1:7c:95:fe:5b:d5:44:d0:49:51:45:75:dc:ce:
                    52:2f:3b:c5:97:a4:9d:ea:65:6f:81:c4:12:de:df:
                    87:e5:f7:c1:2f:47:8b:b3:42:8d:88:0d:38:85:07:
                    a9:dc:a5:e0:7f:70:60:db:6d:0e:ba:5c:76:57:76:
                    7c:4d:08:9d:7a:af:53:2d:61:50:82:7a:6b:2d:d7:
                    e1:d8:78:6e:8e:68:1a:6c:8e:c3:e9:ce:79:e9:1b:
                    39:ac:76:b9:5d:fa:17:0e:42:52:9f:b9:31:2a:39:
                    d2:55:bd:19:c5:b3:47:cc:e3:8a:95:cd:79:7b:a4:
                    d6:6f:b1:90:c5:ef:6d:04:3a:36:78:10:46:7d:c2:
                    91:0f:91:b5:81:78:01:33:d4:e7:7b:57:1f:7f:c6:
                    89:7c:0c:f7:ee:b9:b2:9c:34:23:de:de:77:7b:56:
                    29:cd:38:6e:c1:2b:ee:09:26:54:24:a5:a8:f6:ce:
                    3c:4a:9b:f2:78:89:87:0b:64:1b:d7:0a:4b:a0:10:
                    8a:d4:ac:fb:83:40:db:7a:72:58:9a:7a:f2:ed:ce:
                    71:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:8D:A5:10:37:77:00:02:F5:36:49:08:99:F1:AA:DD:5A:DB:C5:6A
            X509v3 Authority Key Identifier:
                keyid:9D:20:42:E3:80:D6:47:65:13:AC:C0:8F:B5:4F:BC:C7:36:26:EC:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSBC44DWR2UTrMCPtU-8xzYm7D0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/002716-a257-4568-bf07-ded3862b7631/1/nSBC44DWR2UTrMCPtU-8xzYm7D0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:a5:68:46:5c:01:d2:a2:bd:58:08:bc:64:3c:5c:b6:cd:18:
         d2:c9:24:84:b0:b9:90:73:95:b5:95:b1:a5:4e:da:14:df:3c:
         38:b2:68:fc:5f:5c:bc:97:94:cc:23:79:8c:b0:56:74:39:9c:
         59:15:6a:2c:02:61:7e:09:40:a4:55:21:96:27:8b:ff:25:8e:
         37:dd:c1:9b:be:79:10:8a:27:ba:34:34:8c:e6:bb:15:7a:8e:
         e3:04:51:25:8e:a6:27:b4:b6:0a:ce:12:dc:85:f3:dc:4d:10:
         ed:8a:b9:da:de:b6:23:0c:a6:4f:b9:ee:db:de:ef:e9:31:06:
         39:90:c7:fa:0a:e1:33:17:7c:13:31:39:55:95:fd:e4:ee:60:
         05:42:c0:64:7b:bb:e0:c0:b2:35:46:5d:aa:00:a0:85:73:7d:
         db:d6:3f:0c:7a:5b:68:ca:4e:16:7d:f9:0d:82:03:a4:72:65:
         25:18:93:c7:64:97:5f:86:a9:cd:2e:d7:f0:78:5d:44:f7:c0:
         58:5a:d5:15:a9:0e:5f:c0:3b:dc:16:79:5d:68:9a:c2:4e:0d:
         92:ae:bd:fb:30:13:20:14:de:c6:cd:ac:32:b7:55:63:50:b5:
         a5:85:07:92:14:32:e1:14:3d:af:a6:17:68:aa:e8:20:ae:fa:
         1d:17:b5:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdJ1d3VQijN6+2cnxg6UIuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjA0MmUzODBkNjQ3NjUxM2FjYzA4ZmI1NGZiY2M3MzYy
NmVjM2QwHhcNMjUwNjA3MTAwMDQyWhcNMjUwNjA4MTAwMDQyWjAzMTEwLwYDVQQD
EyhkMDhkYTUxMDM3NzcwMDAyZjUzNjQ5MDg5OWYxYWFkZDVhZGJjNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1PO3B2mklZgr31cGb6gNcXs18Sz
e3dEBKl6N9HAOUcuhounMu6EBYuwhDYW8XyV/lvVRNBJUUV13M5SLzvFl6Sd6mVv
gcQS3t+H5ffBL0eLs0KNiA04hQep3KXgf3Bg220Oulx2V3Z8TQideq9TLWFQgnpr
Ldfh2HhujmgabI7D6c556Rs5rHa5XfoXDkJSn7kxKjnSVb0ZxbNHzOOKlc15e6TW
b7GQxe9tBDo2eBBGfcKRD5G1gXgBM9Tne1cff8aJfAz37rmynDQj3t53e1YpzThu
wSvuCSZUJKWo9s48SpvyeImHC2Qb1wpLoBCK1Kz7g0DbenJYmnry7c5xXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCNpRA3dwAC9TZJCJnxqt1a28VqMB8GA1UdIwQY
MBaAFJ0gQuOA1kdlE6zAj7VPvMc2Juw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMDI3MTYtYTI1Ny00NTY4LWJmMDct
ZGVkMzg2MmI3NjMxLzEvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMDI3MTYtYTI1Ny00NTY4LWJmMDctZGVkMzg2MmI3NjMx
LzEvblNCQzQ0RFdSMlVUck1DUHRVLTh4elltN0QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMqVoRlwB
0qK9WAi8ZDxcts0Y0skkhLC5kHOVtZWxpU7aFN88OLJo/F9cvJeUzCN5jLBWdDmc
WRVqLAJhfglApFUhlieL/yWON93Bm755EIonujQ0jOa7FXqO4wRRJY6mJ7S2Cs4S
3IXz3E0Q7Yq52t62IwymT7nu297v6TEGOZDH+grhMxd8EzE5VZX95O5gBULAZHu7
4MCyNUZdqgCghXN929Y/DHpbaMpOFn35DYIDpHJlJRiTx2SXX4apzS7X8HhdRPfA
WFrVFakOX8A73BZ5XWiawk4Nkq69+zATIBTexs2sMrdVY1C1pYUHkhQy4RQ9r6YX
aKroIK76HRe1AQ==
-----END CERTIFICATE-----