Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
File:                     NSfzoow8WhVFLOxPVswmno6tnXI.mft (raw, json)
Hash identifier:          UrsGzHpzz/07AmFrpADfJ2ksswl5wfMiizk3WstC+lI=
Subject key identifier:   C9:47:3F:06:24:46:8C:9D:42:88:9A:53:E8:84:B3:34:C4:4C:67:4F
Authority key identifier: 35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72
Certificate issuer:       /CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
Certificate serial:       01965537ED984160D3B1C518A50DC5469E88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
Manifest number:          14F9
Signing time:             Sun 20 Apr 2025 22:00:50 +0000
Manifest this update:     Sun 20 Apr 2025 22:00:50 +0000
Manifest next update:     Mon 21 Apr 2025 22:00:50 +0000
Files and hashes:         1: NSfzoow8WhVFLOxPVswmno6tnXI.crl (hash: gdclh/NU9hbSG6HPyHlT4NZy/MxXd64d9hPfyR4n+WM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Apr 2025 22:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:55:37:ed:98:41:60:d3:b1:c5:18:a5:0d:c5:46:9e:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3527f3a28c3c5a15452cec4f56cc269e8ead9d72
        Validity
            Not Before: Apr 20 22:00:50 2025 GMT
            Not After : Apr 21 22:00:50 2025 GMT
        Subject: CN=c9473f0624468c9d42889a53e884b334c44c674f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:48:52:75:27:da:68:63:13:19:26:94:6f:67:
                    4f:32:ce:c2:eb:e8:14:f6:ea:bc:6b:33:49:d4:74:
                    d0:6e:32:dc:31:55:17:c4:ab:20:11:d9:5a:71:5d:
                    14:70:0d:db:b6:af:fa:4c:f5:23:1c:0f:a4:8d:00:
                    8b:b3:c3:c9:9a:dc:df:7b:71:5b:0e:d9:07:2a:17:
                    8a:b5:57:02:ca:ab:1a:8c:90:27:80:b0:c1:91:b4:
                    81:ec:77:9a:0a:59:06:76:31:2a:30:e0:60:ea:e1:
                    4a:58:f7:21:1e:27:89:8f:5e:62:08:a0:e4:ed:c6:
                    3a:fe:9c:3c:f3:e2:16:32:a0:0f:cd:6a:ec:2a:9a:
                    64:75:66:9b:15:5e:e3:a3:86:ce:9b:48:0d:3f:ed:
                    e2:f2:73:58:54:97:b1:87:28:b0:bd:b1:fb:40:18:
                    9e:3f:4c:d2:fb:36:06:18:f4:24:98:0c:f0:2a:72:
                    9b:65:93:94:34:87:4b:5c:9f:d5:78:c7:9e:2c:92:
                    ba:56:c8:b0:01:57:c3:5b:64:3b:6b:a2:26:2f:da:
                    42:42:e5:83:50:e0:7c:c7:42:65:7e:d7:d0:7f:4f:
                    95:a6:f9:09:b0:e0:17:0d:ef:22:06:dd:1b:82:26:
                    6d:b4:1e:e1:e8:cd:c6:fc:b9:b1:be:46:53:14:36:
                    a5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:47:3F:06:24:46:8C:9D:42:88:9A:53:E8:84:B3:34:C4:4C:67:4F
            X509v3 Authority Key Identifier:
                keyid:35:27:F3:A2:8C:3C:5A:15:45:2C:EC:4F:56:CC:26:9E:8E:AD:9D:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSfzoow8WhVFLOxPVswmno6tnXI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/943903-bee9-4dd7-84c2-a48fec1fcb70/1/NSfzoow8WhVFLOxPVswmno6tnXI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:ce:24:73:31:35:55:81:86:c2:53:71:0e:d0:cf:84:87:ed:
         64:0b:df:f5:83:16:a3:71:93:6d:af:5c:42:1c:53:38:20:0b:
         13:bf:03:44:76:ac:b2:72:c6:85:d2:f4:76:3e:58:33:98:8f:
         b2:35:b8:b5:b4:40:16:33:a5:5b:9e:35:d5:cf:83:89:5d:bf:
         58:42:0f:30:4c:4e:e3:d1:b4:3f:80:0c:d7:94:b4:a6:1d:11:
         f3:cc:f3:fa:40:a5:6a:53:ae:f2:3f:ce:ac:bb:a3:40:44:6c:
         2e:95:ed:1a:d6:ea:e2:a7:4b:c9:b7:28:48:6f:98:05:eb:eb:
         00:3f:d2:d3:de:38:25:4c:07:e3:97:00:3d:e6:b4:99:2b:54:
         2f:bf:6e:2f:18:cd:fc:d0:a6:25:e6:b6:bb:4e:83:07:8c:ca:
         78:6b:74:da:68:6e:c0:51:ca:27:88:30:ae:f3:83:b6:79:41:
         80:57:b2:e2:7b:5c:c1:d5:00:dd:e9:5d:79:fb:a4:da:8a:ef:
         7b:3f:82:9b:70:b3:58:93:6a:40:0b:3c:d3:57:35:18:71:bc:
         4f:6a:cb:87:83:fc:a3:62:c9:bd:e2:09:99:84:fe:f8:05:a0:
         aa:c8:8d:ff:c4:40:57:de:2f:7b:60:d1:a1:1d:85:b8:37:2a:
         92:e6:2d:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZVN+2YQWDTscUYpQ3FRp6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjdmM2EyOGMzYzVhMTU0NTJjZWM0ZjU2Y2MyNjllOGVh
ZDlkNzIwHhcNMjUwNDIwMjIwMDUwWhcNMjUwNDIxMjIwMDUwWjAzMTEwLwYDVQQD
EyhjOTQ3M2YwNjI0NDY4YzlkNDI4ODlhNTNlODg0YjMzNGM0NGM2NzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0hSdSfaaGMTGSaUb2dPMs7C6+gU
9uq8azNJ1HTQbjLcMVUXxKsgEdlacV0UcA3btq/6TPUjHA+kjQCLs8PJmtzfe3Fb
DtkHKheKtVcCyqsajJAngLDBkbSB7HeaClkGdjEqMOBg6uFKWPchHieJj15iCKDk
7cY6/pw88+IWMqAPzWrsKppkdWabFV7jo4bOm0gNP+3i8nNYVJexhyiwvbH7QBie
P0zS+zYGGPQkmAzwKnKbZZOUNIdLXJ/VeMeeLJK6VsiwAVfDW2Q7a6ImL9pCQuWD
UOB8x0JlftfQf0+VpvkJsOAXDe8iBt0bgiZttB7h6M3G/LmxvkZTFDal3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMlHPwYkRoydQoiaU+iEszTETGdPMB8GA1UdIwQY
MBaAFDUn86KMPFoVRSzsT1bMJp6OrZ1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzIt
YTQ4ZmVjMWZjYjcwLzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS85NDM5MDMtYmVlOS00ZGQ3LTg0YzItYTQ4ZmVjMWZjYjcw
LzEvTlNmem9vdzhXaFZGTE94UFZzd21ubzZ0blhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMc4kczE1
VYGGwlNxDtDPhIftZAvf9YMWo3GTba9cQhxTOCALE78DRHassnLGhdL0dj5YM5iP
sjW4tbRAFjOlW5411c+DiV2/WEIPMExO49G0P4AM15S0ph0R88zz+kClalOu8j/O
rLujQERsLpXtGtbq4qdLybcoSG+YBevrAD/S0944JUwH45cAPea0mStUL79uLxjN
/NCmJea2u06DB4zKeGt02mhuwFHKJ4gwrvODtnlBgFey4ntcwdUA3eldefuk2orv
ez+Cm3CzWJNqQAs801c1GHG8T2rLh4P8o2LJveIJmYT++AWgqsiN/8RAV94ve2DR
oR2FuDcqkuYtQQ==
-----END CERTIFICATE-----