Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File:                     nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier:          sZBXx7BqyxTjJPd1c/NeEQ/yO5aSR4ouChclgtnXPhg=
Subject key identifier:   3C:87:08:29:C1:BC:CA:C8:42:83:32:FF:DC:BC:63:29:3C:D4:0B:E7
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer:       /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial:       01974BC420CBE175317C7D91AC760FAFB08A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number:          120E
Signing time:             Sat 07 Jun 2025 19:00:33 +0000
Manifest this update:     Sat 07 Jun 2025 19:00:33 +0000
Manifest next update:     Sun 08 Jun 2025 19:00:33 +0000
Files and hashes:         1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: fUpIL9WIHs61QZxw0mpzy9GEboga3h0sau/FGO/q+y0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4b:c4:20:cb:e1:75:31:7c:7d:91:ac:76:0f:af:b0:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
        Validity
            Not Before: Jun  7 19:00:33 2025 GMT
            Not After : Jun  8 19:00:33 2025 GMT
        Subject: CN=3c870829c1bccac8428332ffdcbc63293cd40be7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:60:99:2b:1e:e4:d6:e4:8b:0c:93:ef:86:4f:
                    74:f9:38:e8:12:e9:2a:b3:1e:9d:b2:91:35:12:ee:
                    28:c6:55:e6:c6:b0:24:59:43:9c:df:52:4f:7e:ca:
                    71:88:4e:16:df:35:89:b7:90:d7:cd:cf:b1:7f:23:
                    a5:5f:d8:d0:fd:96:9c:f1:6c:0c:0b:6f:b6:dd:8f:
                    e1:88:c6:a4:e7:1d:9b:2d:aa:d0:82:08:06:5d:39:
                    3f:e1:bc:ad:9b:07:a4:52:5e:2b:1d:d3:5a:13:1a:
                    d0:b1:ee:11:4a:96:34:f2:ac:f8:81:a6:8a:9d:4b:
                    c4:ee:90:b0:e3:5b:09:d1:2b:64:5e:c0:5e:f5:7e:
                    7c:f3:85:06:9e:4a:19:49:6f:8e:b2:08:5d:a0:35:
                    df:18:24:40:91:4a:45:71:04:3d:96:73:f6:2c:17:
                    30:75:f9:55:72:fc:44:41:24:8f:57:ef:44:50:3c:
                    7a:7e:08:e7:00:9c:d6:b5:84:d9:7c:1b:20:83:4b:
                    25:74:19:ab:34:d2:f7:ba:d5:ad:65:07:9b:51:e5:
                    48:40:a0:1d:4a:eb:4a:d8:76:00:33:2a:45:78:e3:
                    31:33:b9:b7:6c:5e:cc:ba:ae:81:05:86:5f:10:58:
                    49:31:40:59:bb:28:b3:e9:ce:50:4b:85:cc:cf:64:
                    61:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:87:08:29:C1:BC:CA:C8:42:83:32:FF:DC:BC:63:29:3C:D4:0B:E7
            X509v3 Authority Key Identifier:
                keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:b9:52:88:35:5a:4e:0b:ab:6e:78:30:99:4f:f6:28:3b:2e:
         17:1e:66:fb:8f:2b:d3:99:41:b1:23:39:f4:12:96:63:8f:43:
         c4:b9:a1:39:49:0b:83:53:b1:4d:a3:8b:37:39:af:f2:2b:9f:
         84:2e:8b:eb:ed:90:15:3d:86:75:c8:6c:9a:10:1b:85:d4:cd:
         25:4e:0b:36:54:e2:07:44:01:62:6a:f6:63:e0:6a:9e:44:e1:
         5c:60:d3:48:3c:50:b6:6a:ff:a4:72:14:4c:68:6c:94:80:9f:
         de:2d:43:21:68:89:c2:dd:72:a4:a5:9e:36:13:5d:e2:0b:58:
         0b:db:10:71:6f:76:a8:3f:f8:8d:82:5f:09:3b:21:6e:fb:63:
         5d:7a:37:01:90:32:b3:c2:f0:9e:72:98:ab:bb:44:a1:5c:3f:
         f9:16:77:f9:8e:5b:ee:0d:32:31:09:9f:c8:67:e6:d3:48:f9:
         24:cf:f5:6e:2b:86:6a:12:d3:e8:eb:8c:d4:86:c8:ca:13:ef:
         7c:87:7a:de:62:96:ea:ed:10:07:34:71:2d:c1:e9:e1:df:09:
         fc:85:ab:48:84:99:66:68:d7:8f:4d:39:77:35:f0:ed:a5:58:
         e3:44:3c:34:1a:7d:20:23:73:57:a7:8c:62:98:97:19:7b:f2:
         42:9b:1f:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdLxCDL4XUxfH2RrHYPr7CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjUwNjA3MTkwMDMzWhcNMjUwNjA4MTkwMDMzWjAzMTEwLwYDVQQD
EygzYzg3MDgyOWMxYmNjYWM4NDI4MzMyZmZkY2JjNjMyOTNjZDQwYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA82CZKx7k1uSLDJPvhk90+TjoEukq
sx6dspE1Eu4oxlXmxrAkWUOc31JPfspxiE4W3zWJt5DXzc+xfyOlX9jQ/Zac8WwM
C2+23Y/hiMak5x2bLarQgggGXTk/4bytmwekUl4rHdNaExrQse4RSpY08qz4gaaK
nUvE7pCw41sJ0StkXsBe9X5884UGnkoZSW+OsghdoDXfGCRAkUpFcQQ9lnP2LBcw
dflVcvxEQSSPV+9EUDx6fgjnAJzWtYTZfBsgg0sldBmrNNL3utWtZQebUeVIQKAd
SutK2HYAMypFeOMxM7m3bF7Muq6BBYZfEFhJMUBZuyiz6c5QS4XMz2RhxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDyHCCnBvMrIQoMy/9y8Yyk81AvnMB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYLlSiDVa
TgurbngwmU/2KDsuFx5m+48r05lBsSM59BKWY49DxLmhOUkLg1OxTaOLNzmv8iuf
hC6L6+2QFT2GdchsmhAbhdTNJU4LNlTiB0QBYmr2Y+BqnkThXGDTSDxQtmr/pHIU
TGhslICf3i1DIWiJwt1ypKWeNhNd4gtYC9sQcW92qD/4jYJfCTshbvtjXXo3AZAy
s8LwnnKYq7tEoVw/+RZ3+Y5b7g0yMQmfyGfm00j5JM/1biuGahLT6OuM1IbIyhPv
fId63mKW6u0QBzRxLcHp4d8J/IWrSISZZmjXj005dzXw7aVY40Q8NBp9ICNzV6eM
YpiXGXvyQpsfJA==
-----END CERTIFICATE-----