Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          3N3Cl2yoFM48UA0IrZcSpssgKuv+krmQWdQZ/tuDrW4=
Subject key identifier:   6E:88:98:D5:2A:2B:67:04:90:02:70:41:89:63:15:A0:B5:6E:70:D7
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       019611A0E1BBFDFCED420469349A2DB9C62B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          0CE9
Signing time:             Mon 07 Apr 2025 19:01:18 +0000
Manifest this update:     Mon 07 Apr 2025 19:01:18 +0000
Manifest next update:     Tue 08 Apr 2025 19:01:18 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: dL7aeNdWZz8zDDG1r9seCiRKAfbnPnyjAzqwWrbUJbI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a0:e1:bb:fd:fc:ed:42:04:69:34:9a:2d:b9:c6:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Apr  7 19:01:18 2025 GMT
            Not After : Apr  8 19:01:18 2025 GMT
        Subject: CN=6e8898d52a2b670490027041896315a0b56e70d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:8a:66:ad:83:e6:39:90:ea:39:76:ca:b4:02:
                    91:85:1a:76:c8:5e:54:15:3f:48:ae:e4:1b:c5:30:
                    c4:25:84:5c:4b:13:56:d7:c0:de:ab:48:3e:5c:cd:
                    f9:ba:d9:09:79:99:18:f5:b3:eb:23:fa:29:9f:66:
                    7d:36:f3:6c:39:b4:da:77:e2:a5:7f:00:05:89:bc:
                    a4:ab:ca:a0:ce:a9:7c:92:fd:b4:49:5f:ed:3f:a5:
                    7a:c9:a4:85:8d:69:de:b4:29:e0:7b:74:9b:b3:b1:
                    64:5b:fa:e8:0c:18:02:52:5c:f0:f4:0c:47:a7:d9:
                    f6:b5:ef:9f:85:3a:9a:54:c6:de:d5:05:81:6f:4b:
                    ae:35:82:34:0d:bf:d2:cd:80:d2:e6:fb:88:b0:8f:
                    08:46:e4:d5:52:a8:de:dc:13:a1:bd:0c:6d:11:c6:
                    c5:eb:01:57:ec:46:04:ee:44:3a:d5:3f:2e:92:b9:
                    89:e5:0e:f9:a3:f5:11:ef:f0:6b:fc:52:a2:89:b2:
                    02:f7:85:18:f2:1d:26:f0:98:71:5e:87:4a:23:af:
                    66:54:e9:22:d8:9c:0e:44:65:b0:36:c9:6b:a3:b0:
                    3a:51:72:d8:70:39:4b:35:74:82:7a:3a:30:8a:a1:
                    41:4d:88:a3:bf:41:43:a3:d5:2f:2a:7f:66:19:e0:
                    f5:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:88:98:D5:2A:2B:67:04:90:02:70:41:89:63:15:A0:B5:6E:70:D7
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:10:43:ca:5d:52:eb:bd:99:db:b1:05:a3:54:81:d2:23:2c:
         f0:e6:c3:5e:8f:93:b2:8d:96:71:c5:c8:5c:0f:23:ea:69:3c:
         a0:fe:96:b4:f7:c7:65:5a:e9:aa:66:81:c8:86:ae:eb:c4:0c:
         e6:59:a8:6c:98:cc:b5:8b:68:a2:0d:68:b6:e0:be:e1:87:54:
         f7:bf:40:82:11:66:0d:f7:16:6e:b3:2e:a2:d3:f4:f2:ed:ca:
         1c:13:a4:34:37:1b:f4:55:69:d2:7f:99:33:fd:08:9f:9a:f0:
         f8:08:04:23:ac:da:84:e9:0c:3d:1f:b8:0d:57:52:be:8d:9b:
         a2:6a:22:81:d9:8e:01:37:6d:9e:8d:41:c9:46:f7:ba:4f:97:
         f4:2f:52:d8:4f:64:9a:2a:90:20:d3:37:8b:6a:db:b3:f1:ba:
         c5:2b:ff:37:89:38:3b:2c:53:dc:cf:81:33:bc:c0:19:a2:6e:
         b8:66:6a:00:89:21:c8:8e:88:d3:1c:c3:9d:c8:c0:c4:0b:6d:
         bd:5b:19:a4:dc:a1:f8:67:88:ed:3f:39:1d:a6:91:1d:5c:fe:
         b9:c1:61:99:70:08:2e:8f:8d:de:c8:56:6f:9e:d6:0a:82:54:
         86:42:5a:72:33:c5:7a:61:ee:d9:41:0c:d9:3e:45:37:91:7b:
         15:2d:35:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoOG7/fztQgRpNJotucYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjUwNDA3MTkwMTE4WhcNMjUwNDA4MTkwMTE4WjAzMTEwLwYDVQQD
Eyg2ZTg4OThkNTJhMmI2NzA0OTAwMjcwNDE4OTYzMTVhMGI1NmU3MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4pmrYPmOZDqOXbKtAKRhRp2yF5U
FT9IruQbxTDEJYRcSxNW18Deq0g+XM35utkJeZkY9bPrI/opn2Z9NvNsObTad+Kl
fwAFibykq8qgzql8kv20SV/tP6V6yaSFjWnetCnge3Sbs7FkW/roDBgCUlzw9AxH
p9n2te+fhTqaVMbe1QWBb0uuNYI0Db/SzYDS5vuIsI8IRuTVUqje3BOhvQxtEcbF
6wFX7EYE7kQ61T8ukrmJ5Q75o/UR7/Br/FKiibIC94UY8h0m8JhxXodKI69mVOki
2JwORGWwNslro7A6UXLYcDlLNXSCejowiqFBTYijv0FDo9UvKn9mGeD1rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6ImNUqK2cEkAJwQYljFaC1bnDXMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXRBDyl1S
672Z27EFo1SB0iMs8ObDXo+Tso2WccXIXA8j6mk8oP6WtPfHZVrpqmaByIau68QM
5lmobJjMtYtoog1otuC+4YdU979AghFmDfcWbrMuotP08u3KHBOkNDcb9FVp0n+Z
M/0In5rw+AgEI6zahOkMPR+4DVdSvo2bomoigdmOATdtno1ByUb3uk+X9C9S2E9k
miqQINM3i2rbs/G6xSv/N4k4OyxT3M+BM7zAGaJuuGZqAIkhyI6I0xzDncjAxAtt
vVsZpNyh+GeI7T85HaaRHVz+ucFhmXAILo+N3shWb57WCoJUhkJacjPFemHu2UEM
2T5FN5F7FS015w==
-----END CERTIFICATE-----