Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          us/THFbTvnzTvkj1oCRPSBV53PCd5VVcubW66NXVh6A=
Subject key identifier:   99:23:64:35:E7:17:A8:41:65:C3:BF:06:19:42:69:AF:88:24:48:14
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       019752A282A8DFF7B7ED02522E94037014DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          142D
Signing time:             Mon 09 Jun 2025 03:01:11 +0000
Manifest this update:     Mon 09 Jun 2025 03:01:11 +0000
Manifest next update:     Tue 10 Jun 2025 03:01:11 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: k2VgHQHNXYZC/gBFDRBflH96U3PCNGaIoQKPBD5xYwo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 09 Jun 2025 21:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:52:a2:82:a8:df:f7:b7:ed:02:52:2e:94:03:70:14:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: Jun  9 03:01:11 2025 GMT
            Not After : Jun 10 03:01:11 2025 GMT
        Subject: CN=99236435e717a84165c3bf06194269af88244814
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:15:c7:59:8e:70:b6:36:87:92:02:05:7b:f6:
                    5c:64:49:3d:55:41:97:62:6d:13:c6:e9:c1:2b:98:
                    0e:5b:f8:b7:6c:d8:22:27:c9:7b:23:03:36:d4:00:
                    1e:78:e9:d5:73:99:31:ee:3f:cc:4c:f0:6a:ce:4b:
                    b9:1b:5b:6c:10:4c:f2:3b:af:94:5b:21:05:c6:d8:
                    6a:0c:f9:92:77:3b:6f:2d:e5:6e:98:35:b4:20:91:
                    3c:29:1c:55:95:42:19:b5:f1:07:c9:77:cf:ea:ce:
                    d3:50:b4:a0:02:2c:51:85:b0:db:a0:a8:d7:6c:91:
                    68:03:ea:99:15:a9:25:56:09:7d:1c:a1:0b:7d:49:
                    b4:4c:77:77:d3:50:c5:f8:b1:12:4a:ca:ef:66:2e:
                    71:d1:c6:a4:a4:86:b2:96:cb:28:58:1d:8d:6a:3b:
                    b0:e7:99:cd:17:14:60:92:62:bd:36:54:39:bc:65:
                    c4:d3:21:4a:7d:d8:5b:7e:10:7c:87:4d:47:2d:dd:
                    f3:3a:01:cc:5d:41:4f:95:6d:14:a0:9c:50:f3:41:
                    8d:3f:33:d0:7d:d8:4f:60:4f:f5:43:29:b1:02:cb:
                    65:43:a9:0b:2b:8d:3f:52:80:cd:44:96:0f:92:14:
                    fa:d2:06:81:b9:99:62:ed:e1:76:4f:5a:9f:fe:96:
                    b6:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:23:64:35:E7:17:A8:41:65:C3:BF:06:19:42:69:AF:88:24:48:14
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:a6:18:f0:23:f6:16:55:01:dc:c1:cb:28:7f:2f:d5:5b:18:
         67:b8:b6:24:75:60:97:26:ae:12:18:d3:2f:f3:74:fe:e6:d4:
         5a:e7:57:5e:33:62:00:71:f2:dd:1c:45:85:f9:87:9c:30:5b:
         ba:2f:e2:2a:e7:34:b1:e2:33:04:c0:86:84:3c:3c:27:c7:52:
         65:2f:96:dc:dc:d2:05:da:a2:79:63:ca:ac:d5:5c:40:3f:38:
         5d:07:c2:77:ef:63:b5:c0:9a:f0:44:37:60:fe:fc:08:95:9a:
         7d:86:a1:99:11:ea:af:2d:5a:69:9b:ec:db:84:f3:2d:2f:53:
         ff:8e:36:ff:8b:2b:93:18:e6:12:7d:5e:2d:d2:46:c9:bc:8e:
         14:76:6f:82:8c:b4:f8:e0:1b:44:20:d5:28:36:0c:e7:41:db:
         c7:8b:2e:c4:b0:c8:ab:fe:06:9e:b6:84:14:bd:3d:b7:b8:56:
         10:be:fa:2d:53:80:59:7a:16:58:db:b8:22:54:03:93:01:87:
         1a:82:b2:fa:34:ee:ce:df:c4:17:1d:02:5c:e1:7e:d7:3e:92:
         cc:cb:8c:d5:8a:17:ba:81:f6:43:37:54:a7:2e:00:51:20:de:
         bf:b5:32:9d:51:20:a6:14:2e:fd:40:f2:a7:1d:fb:57:f9:ce:
         3c:24:3c:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdSooKo3/e37QJSLpQDcBTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUwNjA5MDMwMTExWhcNMjUwNjEwMDMwMTExWjAzMTEwLwYDVQQD
Eyg5OTIzNjQzNWU3MTdhODQxNjVjM2JmMDYxOTQyNjlhZjg4MjQ0ODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9RXHWY5wtjaHkgIFe/ZcZEk9VUGX
Ym0TxunBK5gOW/i3bNgiJ8l7IwM21AAeeOnVc5kx7j/MTPBqzku5G1tsEEzyO6+U
WyEFxthqDPmSdztvLeVumDW0IJE8KRxVlUIZtfEHyXfP6s7TULSgAixRhbDboKjX
bJFoA+qZFaklVgl9HKELfUm0THd301DF+LESSsrvZi5x0cakpIaylssoWB2Najuw
55nNFxRgkmK9NlQ5vGXE0yFKfdhbfhB8h01HLd3zOgHMXUFPlW0UoJxQ80GNPzPQ
fdhPYE/1QymxAstlQ6kLK40/UoDNRJYPkhT60gaBuZli7eF2T1qf/pa21wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJkjZDXnF6hBZcO/BhlCaa+IJEgUMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALaYY8CP2
FlUB3MHLKH8v1VsYZ7i2JHVglyauEhjTL/N0/ubUWudXXjNiAHHy3RxFhfmHnDBb
ui/iKuc0seIzBMCGhDw8J8dSZS+W3NzSBdqieWPKrNVcQD84XQfCd+9jtcCa8EQ3
YP78CJWafYahmRHqry1aaZvs24TzLS9T/442/4srkxjmEn1eLdJGybyOFHZvgoy0
+OAbRCDVKDYM50Hbx4suxLDIq/4GnraEFL09t7hWEL76LVOAWXoWWNu4IlQDkwGH
GoKy+jTuzt/EFx0CXOF+1z6SzMuM1YoXuoH2QzdUpy4AUSDev7UynVEgphQu/UDy
px37V/nOPCQ8HQ==
-----END CERTIFICATE-----