Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
File:                     nphC_lRy5id-eSB2x9OHcALi4lE.mft (raw, json)
Hash identifier:          Flrnd1swextzkKo07Jeezs1DVt7cL7VYuNUlCOnn+ak=
Subject key identifier:   D6:8F:AD:25:E0:42:16:48:8D:40:CD:DA:31:23:CE:36:EC:1F:5A:09
Authority key identifier: 9E:98:42:FE:54:72:E6:27:7E:79:20:76:C7:D3:87:70:02:E2:E2:51
Certificate issuer:       /CN=9e9842fe5472e6277e792076c7d3877002e2e251
Certificate serial:       01976BF415D00AACB1439ACA1E1F07990CF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
Manifest number:          8D
Signing time:             Sat 14 Jun 2025 01:00:47 +0000
Manifest this update:     Sat 14 Jun 2025 01:00:47 +0000
Manifest next update:     Sun 15 Jun 2025 01:00:47 +0000
Files and hashes:         1: nphC_lRy5id-eSB2x9OHcALi4lE.crl (hash: aTfB/epdbtsKR8ojMnmPNdzX6vNlgSAsZ93YIv+vwSM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6b:f4:15:d0:0a:ac:b1:43:9a:ca:1e:1f:07:99:0c:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e9842fe5472e6277e792076c7d3877002e2e251
        Validity
            Not Before: Jun 14 01:00:47 2025 GMT
            Not After : Jun 15 01:00:47 2025 GMT
        Subject: CN=d68fad25e04216488d40cdda3123ce36ec1f5a09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a4:9c:cf:fc:9d:39:1a:a5:eb:0d:75:fb:c4:
                    37:28:54:54:5c:01:e9:ab:74:80:5d:99:55:5f:bf:
                    06:15:04:5d:e9:68:e7:ea:54:21:07:83:33:c0:47:
                    0a:36:b4:06:70:d5:56:e7:12:20:16:27:50:0a:d7:
                    49:96:eb:36:cb:40:95:07:b2:81:fb:dc:ac:89:94:
                    df:17:5f:71:c6:f8:9f:36:e8:4f:73:a5:0c:73:cc:
                    fd:c2:b2:9c:27:e2:e1:ba:26:15:e3:24:14:23:fe:
                    87:6e:c7:8b:a3:5a:33:ca:8b:2b:36:78:9c:77:23:
                    8e:2e:38:bb:a4:03:8b:f9:51:64:d2:33:14:58:2e:
                    51:ff:8e:aa:e3:92:c6:6e:82:8f:ff:cb:5c:18:12:
                    93:b5:d1:db:3c:b6:10:cc:80:e2:66:c2:5d:31:7c:
                    fe:ea:33:73:aa:38:88:57:24:ea:2a:f4:32:0a:5e:
                    33:ae:b7:e4:b1:6f:9e:3a:43:8f:6f:57:c5:de:dd:
                    83:54:2e:88:13:b9:d7:12:a4:0c:f2:2c:5f:3f:f5:
                    d0:c5:53:5c:b8:70:27:8f:de:b3:3d:25:96:b4:71:
                    27:d5:22:f0:7c:6d:70:a6:a4:f0:35:f6:20:10:61:
                    8b:17:88:ce:15:db:ce:53:3d:fe:7d:3d:3f:d4:cf:
                    c1:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:8F:AD:25:E0:42:16:48:8D:40:CD:DA:31:23:CE:36:EC:1F:5A:09
            X509v3 Authority Key Identifier:
                keyid:9E:98:42:FE:54:72:E6:27:7E:79:20:76:C7:D3:87:70:02:E2:E2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:12:96:93:d7:f7:db:0e:67:6f:ac:4a:9d:78:40:b5:69:45:
         33:c3:2d:7b:6d:3b:9b:e8:db:0b:55:1b:4a:cf:cb:b4:39:4b:
         78:bb:cd:43:58:83:e7:53:cf:56:db:de:d5:4b:0f:6e:03:51:
         34:d9:ca:1f:cf:9d:59:26:35:f6:d5:af:b3:08:96:88:be:f4:
         7b:47:05:55:d0:f2:de:00:b7:fc:84:df:76:95:a5:43:f8:c0:
         99:c5:66:2d:f3:b3:6e:f7:ee:f7:d2:5f:10:70:a7:e0:8a:e3:
         bf:74:82:5e:f8:78:47:e2:6b:58:4e:49:6e:10:99:cf:8d:77:
         e0:21:1c:3c:63:1d:66:fe:09:64:40:d4:1c:b1:ed:dc:24:35:
         83:37:bd:79:37:8f:eb:16:cc:ed:14:18:7c:b5:99:e3:09:59:
         d4:04:a3:a6:76:02:eb:40:e6:e2:5c:a1:16:41:c6:3b:80:91:
         5f:dc:95:a3:28:1a:2a:ad:62:8b:d7:c0:0f:87:6e:6d:8a:de:
         c0:45:e6:b3:98:d6:46:36:b9:0c:95:08:59:7b:60:ec:e7:8d:
         84:51:92:df:c5:b2:ab:4f:cf:30:81:6a:29:28:45:8d:cb:30:
         92:e4:1d:08:81:a0:62:89:21:98:51:70:ef:32:f0:b2:bd:e2:
         5e:db:14:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdr9BXQCqyxQ5rKHh8HmQz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTg0MmZlNTQ3MmU2Mjc3ZTc5MjA3NmM3ZDM4NzcwMDJl
MmUyNTEwHhcNMjUwNjE0MDEwMDQ3WhcNMjUwNjE1MDEwMDQ3WjAzMTEwLwYDVQQD
EyhkNjhmYWQyNWUwNDIxNjQ4OGQ0MGNkZGEzMTIzY2UzNmVjMWY1YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqScz/ydORql6w11+8Q3KFRUXAHp
q3SAXZlVX78GFQRd6Wjn6lQhB4MzwEcKNrQGcNVW5xIgFidQCtdJlus2y0CVB7KB
+9ysiZTfF19xxvifNuhPc6UMc8z9wrKcJ+LhuiYV4yQUI/6HbseLo1ozyosrNnic
dyOOLji7pAOL+VFk0jMUWC5R/46q45LGboKP/8tcGBKTtdHbPLYQzIDiZsJdMXz+
6jNzqjiIVyTqKvQyCl4zrrfksW+eOkOPb1fF3t2DVC6IE7nXEqQM8ixfP/XQxVNc
uHAnj96zPSWWtHEn1SLwfG1wpqTwNfYgEGGLF4jOFdvOUz3+fT0/1M/BeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaPrSXgQhZIjUDN2jEjzjbsH1oJMB8GA1UdIwQY
MBaAFJ6YQv5UcuYnfnkgdsfTh3AC4uJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84ZjExYjMtODljNS00YjExLTljMDkt
M2EwN2Y5MjI0ZTIxLzEvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84ZjExYjMtODljNS00YjExLTljMDktM2EwN2Y5MjI0ZTIx
LzEvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVBKWk9f3
2w5nb6xKnXhAtWlFM8Mte207m+jbC1UbSs/LtDlLeLvNQ1iD51PPVtve1UsPbgNR
NNnKH8+dWSY19tWvswiWiL70e0cFVdDy3gC3/ITfdpWlQ/jAmcVmLfOzbvfu99Jf
EHCn4Irjv3SCXvh4R+JrWE5JbhCZz4134CEcPGMdZv4JZEDUHLHt3CQ1gze9eTeP
6xbM7RQYfLWZ4wlZ1ASjpnYC60Dm4lyhFkHGO4CRX9yVoygaKq1ii9fAD4dubYre
wEXms5jWRja5DJUIWXtg7OeNhFGS38Wyq0/PMIFqKShFjcswkuQdCIGgYokhmFFw
7zLwsr3iXtsUhA==
-----END CERTIFICATE-----