Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
File:                     nckgfnB-NQXfaLmlvXCtKM1N04U.mft (raw, json)
Hash identifier:          oF/wqQaR1iO4SolznpXCDHLA4+o5Lx5DX3jwg01js9o=
Subject key identifier:   41:AE:85:CF:24:F2:93:04:EC:6C:EF:08:7A:EA:D6:52:28:CB:6B:B0
Authority key identifier: 9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85
Certificate issuer:       /CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
Certificate serial:       019769CF1AB606E24D7D86F33C993AAFC68F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
Manifest number:          158A
Signing time:             Fri 13 Jun 2025 15:01:09 +0000
Manifest this update:     Fri 13 Jun 2025 15:01:09 +0000
Manifest next update:     Sat 14 Jun 2025 15:01:09 +0000
Files and hashes:         1: nckgfnB-NQXfaLmlvXCtKM1N04U.crl (hash: 0ionxKSoKXteB/8QMkLmT3r21StTbUlsWYVQE9cFDHw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:cf:1a:b6:06:e2:4d:7d:86:f3:3c:99:3a:af:c6:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dc9207e707e3505df68b9a5bd70ad28cd4dd385
        Validity
            Not Before: Jun 13 15:01:09 2025 GMT
            Not After : Jun 14 15:01:09 2025 GMT
        Subject: CN=41ae85cf24f29304ec6cef087aead65228cb6bb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:e2:d0:7d:c5:22:20:79:6a:1e:46:3c:98:d1:
                    a0:2f:b0:b9:5d:31:06:3c:1b:6a:9f:05:39:2b:91:
                    f5:74:7b:ad:8e:7f:61:93:da:04:95:3f:f0:59:30:
                    67:0a:59:98:48:f8:de:6b:4b:a5:ac:ac:d6:69:9f:
                    37:01:fe:58:f2:48:3c:1c:85:23:47:e4:46:77:5d:
                    82:ad:51:e3:6e:22:8d:60:12:4c:bc:42:2d:c1:db:
                    f5:3b:50:7b:20:90:7a:fc:ae:ab:fb:1b:51:ea:08:
                    6f:02:04:bf:c2:2c:06:d6:5c:13:93:d0:0a:85:cb:
                    28:47:29:38:6f:12:ac:25:e3:fa:95:b1:4c:db:b2:
                    33:44:1f:86:6c:0f:4d:74:3a:55:fe:ab:17:1e:7b:
                    18:c4:70:85:7f:74:23:7d:30:6f:be:80:04:ce:2a:
                    d3:44:44:91:53:d7:f1:ab:fb:1a:b0:97:1f:02:d0:
                    e6:d0:3d:e6:63:e7:c6:d5:6c:a9:11:51:5a:18:c5:
                    28:cb:c0:0c:2b:e2:83:c0:6f:5d:54:23:ab:53:b4:
                    38:83:64:32:b2:cd:17:b4:14:ee:e1:bf:06:66:ec:
                    ce:88:30:66:08:bb:04:b8:69:10:b6:95:70:e7:86:
                    b6:9b:d7:e0:24:b2:26:61:d6:19:51:05:2c:57:bb:
                    d1:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:AE:85:CF:24:F2:93:04:EC:6C:EF:08:7A:EA:D6:52:28:CB:6B:B0
            X509v3 Authority Key Identifier:
                keyid:9D:C9:20:7E:70:7E:35:05:DF:68:B9:A5:BD:70:AD:28:CD:4D:D3:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nckgfnB-NQXfaLmlvXCtKM1N04U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/916d0e-7683-41a6-96f0-ff6a1f41d1f8/1/nckgfnB-NQXfaLmlvXCtKM1N04U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:e6:ae:7b:83:fe:f5:b0:79:72:31:fa:6b:b1:99:5f:64:c9:
         8a:5f:de:d9:7d:c0:b8:01:66:c2:47:8d:e9:e3:c3:16:1c:4f:
         a4:7a:a4:17:36:c9:b0:3b:36:a7:ac:2f:fa:51:54:2e:25:36:
         aa:44:16:7d:45:be:6e:8f:0f:66:77:ed:6f:b5:71:aa:ba:29:
         92:cc:6a:55:56:87:41:d7:45:73:1d:f6:9f:7f:c2:2a:51:4d:
         6a:bb:84:95:9b:af:41:2c:af:ae:93:33:23:39:e1:5e:e7:60:
         b9:74:2f:1a:09:69:e8:15:c4:6d:b1:b4:6e:42:e7:32:f3:5f:
         b5:c8:9f:20:81:d8:8a:4b:b6:1d:69:c9:48:7e:36:50:b5:e7:
         64:ab:82:54:79:65:16:e7:a1:4f:fa:62:e3:98:20:8a:ef:51:
         89:9a:ee:07:54:df:67:28:e6:cf:a9:c9:6a:03:0b:07:7e:5b:
         3b:08:b1:a7:d4:71:a0:89:c1:aa:03:c8:69:c8:7e:41:4b:37:
         7e:7d:3e:ce:a1:fa:f0:e2:ce:96:e7:ad:29:24:27:73:98:24:
         53:54:84:25:0f:11:c7:4c:bd:ef:0c:b9:b0:2a:4f:20:cb:6c:
         5e:4e:85:06:a3:e7:51:24:42:53:50:5c:f0:10:ee:24:9f:07:
         a4:3f:18:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzxq2BuJNfYbzPJk6r8aPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzkyMDdlNzA3ZTM1MDVkZjY4YjlhNWJkNzBhZDI4Y2Q0
ZGQzODUwHhcNMjUwNjEzMTUwMTA5WhcNMjUwNjE0MTUwMTA5WjAzMTEwLwYDVQQD
Eyg0MWFlODVjZjI0ZjI5MzA0ZWM2Y2VmMDg3YWVhZDY1MjI4Y2I2YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uLQfcUiIHlqHkY8mNGgL7C5XTEG
PBtqnwU5K5H1dHutjn9hk9oElT/wWTBnClmYSPjea0ulrKzWaZ83Af5Y8kg8HIUj
R+RGd12CrVHjbiKNYBJMvEItwdv1O1B7IJB6/K6r+xtR6ghvAgS/wiwG1lwTk9AK
hcsoRyk4bxKsJeP6lbFM27IzRB+GbA9NdDpV/qsXHnsYxHCFf3QjfTBvvoAEzirT
RESRU9fxq/sasJcfAtDm0D3mY+fG1WypEVFaGMUoy8AMK+KDwG9dVCOrU7Q4g2Qy
ss0XtBTu4b8GZuzOiDBmCLsEuGkQtpVw54a2m9fgJLImYdYZUQUsV7vRzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEGuhc8k8pME7GzvCHrq1lIoy2uwMB8GA1UdIwQY
MBaAFJ3JIH5wfjUF32i5pb1wrSjNTdOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAt
ZmY2YTFmNDFkMWY4LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MTZkMGUtNzY4My00MWE2LTk2ZjAtZmY2YTFmNDFkMWY4
LzEvbmNrZ2ZuQi1OUVhmYUxtbHZYQ3RLTTFOMDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJeaue4P+
9bB5cjH6a7GZX2TJil/e2X3AuAFmwkeN6ePDFhxPpHqkFzbJsDs2p6wv+lFULiU2
qkQWfUW+bo8PZnftb7VxqropksxqVVaHQddFcx32n3/CKlFNaruElZuvQSyvrpMz
IznhXudguXQvGglp6BXEbbG0bkLnMvNftcifIIHYiku2HWnJSH42ULXnZKuCVHll
FuehT/pi45ggiu9RiZruB1TfZyjmz6nJagMLB35bOwixp9RxoInBqgPIach+QUs3
fn0+zqH68OLOluetKSQnc5gkU1SEJQ8Rx0y97wy5sCpPIMtsXk6FBqPnUSRCU1Bc
8BDuJJ8HpD8YbQ==
-----END CERTIFICATE-----