Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          fLelS9pgevM9R9B2Q8ALzZPvPb2BXR1/K94PhxJSQWc=
Subject key identifier:   67:C1:79:B8:3B:BC:02:24:48:09:6E:17:3B:01:71:C1:A1:29:2E:40
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       01974AE836AACA55ECA37A4E94FCCCE94C2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          1578
Signing time:             Sat 07 Jun 2025 15:00:21 +0000
Manifest this update:     Sat 07 Jun 2025 15:00:21 +0000
Manifest next update:     Sun 08 Jun 2025 15:00:21 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: SuBTRuGPp+TThas7ztTORmeldnjoo7/y80wDsCKPtCM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 08 Jun 2025 11:24:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:4a:e8:36:aa:ca:55:ec:a3:7a:4e:94:fc:cc:e9:4c:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Jun  7 15:00:21 2025 GMT
            Not After : Jun  8 15:00:21 2025 GMT
        Subject: CN=67c179b83bbc022448096e173b0171c1a1292e40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:06:34:70:49:8f:5b:49:40:bd:c6:dc:42:9b:
                    f5:d1:7d:11:b9:1b:c1:c6:ef:b2:ce:af:4c:33:d6:
                    45:89:68:af:e9:36:e4:e8:31:14:a9:a2:67:3c:e8:
                    99:e1:15:48:a1:24:35:45:f6:f8:a1:8f:fb:d2:dc:
                    2a:0a:4b:50:1b:ba:e6:8a:77:bf:25:27:24:a1:3c:
                    a6:31:0a:e3:40:12:75:ff:71:58:08:c3:a1:c5:72:
                    54:13:2e:71:f9:0d:5d:72:20:a2:cc:0f:7b:a6:92:
                    a7:0d:cd:35:4d:ec:9d:2e:1e:9d:03:4b:64:c5:5c:
                    05:fc:70:b5:e2:08:2f:e5:28:bf:d7:89:69:f5:e2:
                    27:d5:39:d4:4f:db:f5:62:f3:df:2d:0d:e8:3e:4a:
                    c1:df:47:ab:05:69:27:5a:6b:c1:4c:ed:17:e4:28:
                    63:66:f9:7b:e0:26:f2:e2:0f:e8:48:e7:49:54:57:
                    fc:b0:bb:03:25:48:a7:de:bf:b8:b8:34:e2:dd:23:
                    cc:87:d6:7c:f1:c7:93:5c:dd:99:1b:fa:aa:00:1f:
                    5b:3b:ff:0f:3f:33:1a:b3:53:ea:e5:a1:b5:97:d0:
                    d2:35:77:80:93:4c:93:79:a0:0f:a1:f3:c3:1e:50:
                    f4:3e:da:b7:4d:89:0b:5d:90:0b:4e:c7:1a:60:24:
                    16:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C1:79:B8:3B:BC:02:24:48:09:6E:17:3B:01:71:C1:A1:29:2E:40
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:fa:4d:85:12:04:b9:81:4d:c0:c3:04:8a:29:4a:ac:a1:30:
         ff:fc:52:f3:7d:a0:1d:89:bd:d4:e3:f9:b0:ae:95:a0:29:d0:
         94:ae:53:65:08:c6:85:ee:77:6b:db:64:58:57:0b:63:8f:17:
         d4:47:5c:69:c0:04:c4:8d:d0:33:d5:61:4a:99:57:21:28:0c:
         03:5f:26:10:15:fd:ef:c0:ed:c0:0d:06:7f:cd:55:c1:78:44:
         ef:c8:08:5a:0d:13:a0:eb:9c:c5:b6:84:3f:33:32:14:55:56:
         69:32:10:5c:c7:22:6d:6d:be:27:67:76:66:a2:cd:fa:c9:cf:
         67:1a:c3:1b:4d:ef:d2:f2:7e:c9:24:21:99:a8:66:8d:8a:02:
         2d:93:dd:18:40:94:b8:c3:bc:dd:dc:c5:4f:d1:d0:5d:59:a4:
         31:ed:17:33:a7:33:4f:b3:8f:17:9f:1c:fe:7a:c7:23:62:dc:
         94:9a:e2:68:9b:4b:d9:a1:eb:c8:56:5b:c5:d3:be:76:b8:e9:
         51:f8:8c:83:96:07:bb:4e:6f:78:28:3c:66:ed:57:18:eb:17:
         12:bc:fd:8b:b6:30:c4:1c:9e:c0:e1:44:55:fd:17:36:d6:68:
         1a:1f:ee:68:cb:4c:a0:f4:80:db:5d:70:87:35:d0:6b:cc:92:
         1d:2f:3f:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdK6DaqylXso3pOlPzM6UwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjUwNjA3MTUwMDIxWhcNMjUwNjA4MTUwMDIxWjAzMTEwLwYDVQQD
Eyg2N2MxNzliODNiYmMwMjI0NDgwOTZlMTczYjAxNzFjMWExMjkyZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwY0cEmPW0lAvcbcQpv10X0RuRvB
xu+yzq9MM9ZFiWiv6Tbk6DEUqaJnPOiZ4RVIoSQ1Rfb4oY/70twqCktQG7rmine/
JSckoTymMQrjQBJ1/3FYCMOhxXJUEy5x+Q1dciCizA97ppKnDc01TeydLh6dA0tk
xVwF/HC14ggv5Si/14lp9eIn1TnUT9v1YvPfLQ3oPkrB30erBWknWmvBTO0X5Chj
Zvl74Cby4g/oSOdJVFf8sLsDJUin3r+4uDTi3SPMh9Z88ceTXN2ZG/qqAB9bO/8P
PzMas1Pq5aG1l9DSNXeAk0yTeaAPofPDHlD0Ptq3TYkLXZALTscaYCQW3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfBebg7vAIkSAluFzsBccGhKS5AMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAevpNhRIE
uYFNwMMEiilKrKEw//xS832gHYm91OP5sK6VoCnQlK5TZQjGhe53a9tkWFcLY48X
1EdcacAExI3QM9VhSplXISgMA18mEBX978DtwA0Gf81VwXhE78gIWg0ToOucxbaE
PzMyFFVWaTIQXMcibW2+J2d2ZqLN+snPZxrDG03v0vJ+ySQhmahmjYoCLZPdGECU
uMO83dzFT9HQXVmkMe0XM6czT7OPF58c/nrHI2LclJriaJtL2aHryFZbxdO+drjp
UfiMg5YHu05veCg8Zu1XGOsXErz9i7YwxByewOFEVf0XNtZoGh/uaMtMoPSA211w
hzXQa8ySHS8/7w==
-----END CERTIFICATE-----