Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
File:                     nphC_lRy5id-eSB2x9OHcALi4lE.mft (raw, json)
Hash identifier:          0gQByLcOQHAwp517XSVs3qpnEgbNgpv4q6nAd4F2HY4=
Subject key identifier:   3E:CA:F7:0A:3F:4B:74:38:CE:91:0D:F9:19:ED:D1:D0:EA:E4:18:0A
Authority key identifier: 9E:98:42:FE:54:72:E6:27:7E:79:20:76:C7:D3:87:70:02:E2:E2:51
Certificate issuer:       /CN=9e9842fe5472e6277e792076c7d3877002e2e251
Certificate serial:       019676B0E1C32D32E2586DA22D136CB6A5AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
Manifest number:          0E
Signing time:             Sun 27 Apr 2025 10:00:25 +0000
Manifest this update:     Sun 27 Apr 2025 10:00:25 +0000
Manifest next update:     Mon 28 Apr 2025 10:00:25 +0000
Files and hashes:         1: nphC_lRy5id-eSB2x9OHcALi4lE.crl (hash: QiU697DxHHUnH6mt2VMgVMD11szl0GEvL3gJGEB33A0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 05:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:b0:e1:c3:2d:32:e2:58:6d:a2:2d:13:6c:b6:a5:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e9842fe5472e6277e792076c7d3877002e2e251
        Validity
            Not Before: Apr 27 10:00:25 2025 GMT
            Not After : Apr 28 10:00:25 2025 GMT
        Subject: CN=3ecaf70a3f4b7438ce910df919edd1d0eae4180a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:92:9f:75:f4:09:cf:46:63:a6:b6:5e:29:69:
                    a2:c5:e1:fa:3f:3d:81:d1:c2:8d:b8:fb:1d:80:4f:
                    23:71:38:cd:2c:6c:20:34:8e:a7:f3:75:b2:7e:21:
                    b8:a0:8d:70:52:ad:3d:d7:db:63:94:ca:5a:d9:a1:
                    2c:55:cc:21:de:cb:88:86:61:47:2e:c4:11:a9:2c:
                    66:2a:16:c9:03:0b:f2:03:db:b4:29:34:ba:ce:8b:
                    7a:0a:e5:e2:8f:6a:a5:d0:34:05:52:50:d7:93:50:
                    a6:bb:9f:fd:01:1f:3c:cc:81:51:38:7c:d1:e5:9e:
                    ae:5c:c0:d0:0f:38:c2:5c:1a:29:cc:9c:a2:66:58:
                    5c:2b:a7:6e:3e:f8:62:e0:d8:42:04:72:13:40:51:
                    10:35:13:89:c4:7e:1c:bb:47:98:50:7e:a2:dc:fa:
                    b3:19:c0:b1:f7:0b:db:13:8e:5e:54:1e:1c:9b:a1:
                    d1:e2:ae:07:ca:42:e5:4c:61:18:03:92:af:91:68:
                    42:91:90:68:b0:51:1d:7e:a9:1c:3a:38:14:d1:0e:
                    2e:71:d6:7a:18:e9:2b:c8:f8:dd:3f:e7:f8:48:a7:
                    8d:e6:27:62:b3:e0:7e:23:2f:dd:71:3b:38:ef:a4:
                    c9:47:a4:68:82:1b:2b:89:9f:84:b8:32:04:ac:b8:
                    8d:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:CA:F7:0A:3F:4B:74:38:CE:91:0D:F9:19:ED:D1:D0:EA:E4:18:0A
            X509v3 Authority Key Identifier:
                keyid:9E:98:42:FE:54:72:E6:27:7E:79:20:76:C7:D3:87:70:02:E2:E2:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nphC_lRy5id-eSB2x9OHcALi4lE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8f11b3-89c5-4b11-9c09-3a07f9224e21/1/nphC_lRy5id-eSB2x9OHcALi4lE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:b9:c9:61:a0:6f:8e:a4:d2:25:b2:dd:e2:e8:ae:2c:d2:38:
         6a:80:c5:f5:1d:2b:a7:81:f6:d3:fd:d5:7d:5c:81:33:9d:3a:
         ba:b5:0b:67:14:70:26:35:4b:cf:d9:0c:ea:89:6a:47:3a:09:
         b2:7f:9f:02:ad:fd:37:21:b2:79:65:fb:6a:da:8e:ce:2a:a2:
         c7:c8:67:89:c0:d2:62:b8:f1:35:31:21:4e:24:c7:4c:f2:1b:
         9e:f9:7e:90:75:ad:8b:e0:4d:fe:a3:cd:ae:70:ab:76:f5:f3:
         46:dc:88:e9:4a:33:fc:e2:6f:2b:25:f3:a0:98:99:16:8f:4e:
         44:df:78:bf:33:d8:9b:8f:6e:94:93:0b:ca:5a:c8:9f:2e:94:
         2c:6f:23:97:d3:0b:cd:7c:45:fb:27:fc:29:29:51:d7:50:29:
         62:ba:27:88:e4:53:ad:b9:4b:cf:97:8c:50:21:7b:25:74:a7:
         b8:6a:74:17:8d:3e:81:12:0b:3d:fe:54:4d:65:a9:5d:1f:f6:
         53:40:8b:51:72:5a:e8:02:c3:ad:86:31:c9:23:ac:8e:6b:b9:
         e1:cb:99:4d:1e:59:9d:92:4c:9e:c2:57:35:f7:3c:c3:b1:10:
         9b:e2:a6:cf:f8:ee:0d:ff:f5:01:4b:42:f0:61:5c:fa:82:1c:
         89:3e:45:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ2sOHDLTLiWG2iLRNstqWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTg0MmZlNTQ3MmU2Mjc3ZTc5MjA3NmM3ZDM4NzcwMDJl
MmUyNTEwHhcNMjUwNDI3MTAwMDI1WhcNMjUwNDI4MTAwMDI1WjAzMTEwLwYDVQQD
EygzZWNhZjcwYTNmNGI3NDM4Y2U5MTBkZjkxOWVkZDFkMGVhZTQxODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJKfdfQJz0ZjprZeKWmixeH6Pz2B
0cKNuPsdgE8jcTjNLGwgNI6n83WyfiG4oI1wUq0919tjlMpa2aEsVcwh3suIhmFH
LsQRqSxmKhbJAwvyA9u0KTS6zot6CuXij2ql0DQFUlDXk1Cmu5/9AR88zIFROHzR
5Z6uXMDQDzjCXBopzJyiZlhcK6duPvhi4NhCBHITQFEQNROJxH4cu0eYUH6i3Pqz
GcCx9wvbE45eVB4cm6HR4q4HykLlTGEYA5KvkWhCkZBosFEdfqkcOjgU0Q4ucdZ6
GOkryPjdP+f4SKeN5idis+B+Iy/dcTs476TJR6RoghsriZ+EuDIErLiN/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD7K9wo/S3Q4zpEN+Rnt0dDq5BgKMB8GA1UdIwQY
MBaAFJ6YQv5UcuYnfnkgdsfTh3AC4uJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84ZjExYjMtODljNS00YjExLTljMDkt
M2EwN2Y5MjI0ZTIxLzEvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84ZjExYjMtODljNS00YjExLTljMDktM2EwN2Y5MjI0ZTIx
LzEvbnBoQ19sUnk1aWQtZVNCMng5T0hjQUxpNGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABLnJYaBv
jqTSJbLd4uiuLNI4aoDF9R0rp4H20/3VfVyBM506urULZxRwJjVLz9kM6olqRzoJ
sn+fAq39NyGyeWX7atqOziqix8hnicDSYrjxNTEhTiTHTPIbnvl+kHWti+BN/qPN
rnCrdvXzRtyI6Uoz/OJvKyXzoJiZFo9ORN94vzPYm49ulJMLylrIny6ULG8jl9ML
zXxF+yf8KSlR11ApYroniORTrblLz5eMUCF7JXSnuGp0F40+gRILPf5UTWWpXR/2
U0CLUXJa6ALDrYYxySOsjmu54cuZTR5ZnZJMnsJXNfc8w7EQm+Kmz/juDf/1AUtC
8GFc+oIciT5F/w==
-----END CERTIFICATE-----