Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          94oShcy8rwjHJ5YCWGiGs8m4NJ8smlAbRDjquqMmpow=
Subject key identifier:   5B:76:0C:17:34:94:B7:DA:BB:E9:4F:69:5D:0F:CF:B0:9F:B3:93:46
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       01964FDA20EBDED306E13BB72E84DCD99BC0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          14F6
Signing time:             Sat 19 Apr 2025 21:00:17 +0000
Manifest this update:     Sat 19 Apr 2025 21:00:17 +0000
Manifest next update:     Sun 20 Apr 2025 21:00:17 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: PFktTRyLiCmN61RuejMt9Siz4bZguaLKDygRoiR917Q=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 20 Apr 2025 16:41:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:4f:da:20:eb:de:d3:06:e1:3b:b7:2e:84:dc:d9:9b:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Apr 19 21:00:17 2025 GMT
            Not After : Apr 20 21:00:17 2025 GMT
        Subject: CN=5b760c173494b7dabbe94f695d0fcfb09fb39346
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:21:ff:30:cd:44:21:ce:63:e3:60:8e:4f:bc:
                    90:67:a4:0c:c2:38:ee:c4:a7:7c:ca:df:b7:ae:30:
                    8b:1e:69:b5:62:ca:b6:6b:4f:df:05:b6:81:84:3b:
                    51:24:9e:9a:fd:60:6a:7f:cb:55:83:c3:98:08:56:
                    35:98:cd:a2:00:1e:64:6e:1b:a2:35:bc:c4:1c:6c:
                    38:7e:73:f9:40:23:63:b9:ce:5f:fe:49:91:0c:be:
                    6e:34:2c:0c:b7:72:c1:ab:0a:ae:34:61:1c:34:74:
                    d7:48:ae:e5:b4:f1:bf:6a:0c:e6:3a:ba:de:82:e3:
                    cd:01:56:0a:3f:79:5b:d3:d8:9a:15:2c:f8:10:65:
                    c9:e5:da:1d:87:d8:e3:b6:55:74:b1:66:35:b5:c3:
                    e4:28:8e:04:76:92:fb:41:46:33:41:2f:49:80:96:
                    6d:c1:b1:7f:b2:b5:49:fd:bf:08:07:b2:d5:0c:c9:
                    aa:cf:82:00:ca:e4:4d:12:88:15:98:cf:f5:fc:78:
                    f2:24:c4:df:a8:35:d1:15:1c:a7:13:c9:c1:94:bd:
                    fb:1a:06:55:5c:32:87:bd:fd:5f:7d:9a:38:e2:54:
                    27:dd:f5:69:e5:2e:92:ca:45:e6:ea:39:bd:0c:7a:
                    73:e1:d2:c4:1b:44:74:18:62:d7:6b:3f:12:e7:1e:
                    3a:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:76:0C:17:34:94:B7:DA:BB:E9:4F:69:5D:0F:CF:B0:9F:B3:93:46
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:a3:90:6b:02:b4:a8:f7:13:08:98:62:3e:34:88:0f:37:ea:
         5e:8b:9d:a2:23:4a:29:39:0a:5d:9c:e9:78:b0:fd:56:bc:b5:
         a9:3e:8e:2d:a3:b7:3a:d7:29:e1:1d:42:73:c1:48:6f:ee:46:
         46:49:83:27:c3:ce:1a:ba:ea:1d:d6:7d:9b:b1:61:4d:d8:b8:
         66:29:73:f3:35:ac:98:3a:fd:01:dc:14:af:6f:a2:40:c3:50:
         15:33:9e:fa:f1:30:4f:24:20:71:29:dd:03:50:92:68:b4:d1:
         44:8d:b5:3d:ba:54:4b:2d:3b:8e:83:da:3a:e6:d3:75:11:8f:
         e7:89:6d:6d:ef:a2:73:c5:55:63:46:91:15:f0:aa:3b:49:e1:
         84:54:3f:26:29:f0:98:4c:17:8e:91:70:63:82:17:87:34:c6:
         d8:ff:e5:81:17:8f:7b:5e:08:b0:7b:ab:7a:f8:e8:94:fb:41:
         16:74:6d:69:21:73:c9:ee:a8:81:c4:4f:df:99:13:4b:ea:7c:
         22:78:d2:53:d2:d2:82:d7:f8:9a:e3:95:83:32:63:70:93:e2:
         c5:32:4a:96:99:9e:68:73:90:e9:fd:97:f0:47:d7:e6:c4:d2:
         95:ec:99:52:9b:05:a0:64:e2:e1:bd:2e:c9:7e:de:15:de:34:
         0c:e0:07:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZP2iDr3tMG4Tu3LoTc2ZvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjUwNDE5MjEwMDE3WhcNMjUwNDIwMjEwMDE3WjAzMTEwLwYDVQQD
Eyg1Yjc2MGMxNzM0OTRiN2RhYmJlOTRmNjk1ZDBmY2ZiMDlmYjM5MzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SH/MM1EIc5j42COT7yQZ6QMwjju
xKd8yt+3rjCLHmm1Ysq2a0/fBbaBhDtRJJ6a/WBqf8tVg8OYCFY1mM2iAB5kbhui
NbzEHGw4fnP5QCNjuc5f/kmRDL5uNCwMt3LBqwquNGEcNHTXSK7ltPG/agzmOrre
guPNAVYKP3lb09iaFSz4EGXJ5dodh9jjtlV0sWY1tcPkKI4EdpL7QUYzQS9JgJZt
wbF/srVJ/b8IB7LVDMmqz4IAyuRNEogVmM/1/HjyJMTfqDXRFRynE8nBlL37GgZV
XDKHvf1ffZo44lQn3fVp5S6SykXm6jm9DHpz4dLEG0R0GGLXaz8S5x46FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFt2DBc0lLfau+lPaV0Pz7Cfs5NGMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkKOQawK0
qPcTCJhiPjSIDzfqXoudoiNKKTkKXZzpeLD9Vry1qT6OLaO3Otcp4R1Cc8FIb+5G
RkmDJ8POGrrqHdZ9m7FhTdi4Zilz8zWsmDr9AdwUr2+iQMNQFTOe+vEwTyQgcSnd
A1CSaLTRRI21PbpUSy07joPaOubTdRGP54ltbe+ic8VVY0aRFfCqO0nhhFQ/Jinw
mEwXjpFwY4IXhzTG2P/lgRePe14IsHurevjolPtBFnRtaSFzye6ogcRP35kTS+p8
InjSU9LSgtf4muOVgzJjcJPixTJKlpmeaHOQ6f2X8EfX5sTSleyZUpsFoGTi4b0u
yX7eFd40DOAHLA==
-----END CERTIFICATE-----