Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          j19g4b+BTOv2gW1tzd+HkJ8jtb+OTyPHfbbipxczadw=
Subject key identifier:   34:88:F0:7C:A4:59:B2:F3:A1:AC:29:F5:11:EF:13:B9:B2:DB:EA:D2
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       0197523498666AB4252F99A958A31FCCED96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          0D8F
Signing time:             Mon 09 Jun 2025 01:01:07 +0000
Manifest this update:     Mon 09 Jun 2025 01:01:07 +0000
Manifest next update:     Tue 10 Jun 2025 01:01:07 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: 2PEcLhU1Xdcvn0pOAck0kIQajYHnhE2lEalTbjSs/1w=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:34:98:66:6a:b4:25:2f:99:a9:58:a3:1f:cc:ed:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Jun  9 01:01:07 2025 GMT
            Not After : Jun 10 01:01:07 2025 GMT
        Subject: CN=3488f07ca459b2f3a1ac29f511ef13b9b2dbead2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:dc:a9:a2:23:83:bf:dc:1b:90:15:d9:8a:48:
                    95:91:27:eb:a1:22:d1:7c:22:c0:c5:40:f8:8c:39:
                    ff:e8:0f:f0:2e:33:5c:e3:fa:b4:30:eb:63:25:69:
                    4a:0c:1f:6c:60:1b:d2:83:c4:e2:55:1d:a7:6c:06:
                    04:37:bb:a7:e7:4d:b9:35:1f:5d:4b:0b:7e:97:d2:
                    54:5c:fb:1d:9a:a3:ad:2f:b8:48:2d:09:1d:92:ca:
                    d0:cd:7e:fb:ca:53:28:e8:c3:df:57:61:db:1a:88:
                    40:43:87:f1:62:12:4c:2f:16:5f:5b:0c:1f:c4:b9:
                    b5:4b:74:53:e0:49:8b:17:c8:aa:47:48:b3:56:0c:
                    11:39:a1:00:23:0e:cd:c5:54:79:a6:e0:fc:d6:62:
                    7a:ef:8b:bf:35:10:3b:5c:b9:aa:df:04:86:ce:a9:
                    b2:dd:35:ea:ef:e7:0e:95:d1:75:14:8b:a9:63:45:
                    cc:8b:7e:f9:bb:c1:50:5f:36:e5:c4:6f:78:93:73:
                    a1:c1:f6:01:7b:c4:33:13:c3:f9:a0:80:5e:8d:41:
                    d5:88:13:8f:4d:ed:df:8e:7c:1c:79:89:07:b7:02:
                    d7:fe:95:23:ee:e6:92:f2:9f:1e:0a:06:2f:94:0b:
                    bc:ee:1c:91:67:06:2d:c1:72:8e:9c:43:93:85:a4:
                    52:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:88:F0:7C:A4:59:B2:F3:A1:AC:29:F5:11:EF:13:B9:B2:DB:EA:D2
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:97:73:ca:af:ec:b1:f6:8d:94:12:e0:2b:38:cc:dc:94:d9:
         a1:0d:99:dd:96:c9:9e:44:21:d8:3c:f1:d2:e1:37:cb:eb:64:
         ed:95:ee:e1:14:0c:07:17:6d:cd:20:86:a2:36:bb:a8:4c:ef:
         83:b3:bd:cc:18:28:fa:5d:8f:09:7c:44:ee:b4:4c:12:c9:b8:
         5b:b2:73:c4:dd:b2:73:b4:05:9a:c5:e2:05:f0:56:e3:8d:c2:
         e0:50:62:ee:b1:d1:99:83:31:20:76:db:94:5b:c4:5b:33:7c:
         43:80:73:8c:4d:35:4d:4c:2b:3e:7c:bb:f3:63:3b:5d:09:1b:
         a1:c6:cd:a0:c1:cc:a0:1a:26:cc:90:d9:4e:a9:75:9c:f2:7a:
         88:f6:97:29:07:eb:ca:7e:bd:a4:02:7c:18:b8:a2:8f:4d:de:
         b9:16:da:07:a5:c9:e4:0f:ed:60:9e:fb:c0:e6:10:f2:ca:d3:
         30:0e:d6:36:c9:d0:bb:df:61:29:7d:9d:50:25:43:9c:80:84:
         cc:bc:81:f5:f2:72:fe:85:bd:c7:67:f8:ed:f9:30:fb:59:87:
         5d:3f:6e:3c:89:0d:24:5b:af:5a:01:8d:1b:f1:98:e1:a8:99:
         23:11:09:5b:d3:15:8e:a4:cd:1f:90:78:68:80:d7:83:05:06:
         a4:f9:65:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSNJhmarQlL5mpWKMfzO2WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjUwNjA5MDEwMTA3WhcNMjUwNjEwMDEwMTA3WjAzMTEwLwYDVQQD
EygzNDg4ZjA3Y2E0NTliMmYzYTFhYzI5ZjUxMWVmMTNiOWIyZGJlYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59ypoiODv9wbkBXZikiVkSfroSLR
fCLAxUD4jDn/6A/wLjNc4/q0MOtjJWlKDB9sYBvSg8TiVR2nbAYEN7un5025NR9d
Swt+l9JUXPsdmqOtL7hILQkdksrQzX77ylMo6MPfV2HbGohAQ4fxYhJMLxZfWwwf
xLm1S3RT4EmLF8iqR0izVgwROaEAIw7NxVR5puD81mJ674u/NRA7XLmq3wSGzqmy
3TXq7+cOldF1FIupY0XMi375u8FQXzblxG94k3OhwfYBe8QzE8P5oIBejUHViBOP
Te3fjnwceYkHtwLX/pUj7uaS8p8eCgYvlAu87hyRZwYtwXKOnEOThaRSWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDSI8HykWbLzoawp9RHvE7my2+rSMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATpdzyq/s
sfaNlBLgKzjM3JTZoQ2Z3ZbJnkQh2Dzx0uE3y+tk7ZXu4RQMBxdtzSCGoja7qEzv
g7O9zBgo+l2PCXxE7rRMEsm4W7JzxN2yc7QFmsXiBfBW443C4FBi7rHRmYMxIHbb
lFvEWzN8Q4BzjE01TUwrPny782M7XQkbocbNoMHMoBomzJDZTql1nPJ6iPaXKQfr
yn69pAJ8GLiij03euRbaB6XJ5A/tYJ77wOYQ8srTMA7WNsnQu99hKX2dUCVDnICE
zLyB9fJy/oW9x2f47fkw+1mHXT9uPIkNJFuvWgGNG/GY4aiZIxEJW9MVjqTNH5B4
aIDXgwUGpPllGw==
-----END CERTIFICATE-----