Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
File:                     nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft (raw, json)
Hash identifier:          F2/AOOkY5kVdlJ7leRjB0rVTIkZVIulePAxEXRagvxw=
Subject key identifier:   D2:6C:A8:0F:0A:23:72:BD:FF:68:7A:F1:BE:76:88:C1:0C:8F:60:8F
Authority key identifier: 9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF
Certificate issuer:       /CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
Certificate serial:       019686242F769697E7541147E83326D1BF87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
Manifest number:          14A5
Signing time:             Wed 30 Apr 2025 10:00:40 +0000
Manifest this update:     Wed 30 Apr 2025 10:00:40 +0000
Manifest next update:     Thu 01 May 2025 10:00:40 +0000
Files and hashes:         1: nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl (hash: BJFT04uDbR/GGxMwwnn5GrV0elQ+1EmNJT+7sRmuX3A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 10:00:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:86:24:2f:76:96:97:e7:54:11:47:e8:33:26:d1:bf:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f39966863d82fa8bd1ca3936905fa1e24a9a0bf
        Validity
            Not Before: Apr 30 10:00:40 2025 GMT
            Not After : May  1 10:00:40 2025 GMT
        Subject: CN=d26ca80f0a2372bdff687af1be7688c10c8f608f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:d6:ae:b8:3c:a8:a1:54:e5:2d:29:f6:bc:5b:
                    cb:dc:6d:ce:ce:82:47:b9:81:50:63:16:02:30:34:
                    da:a8:c8:53:4e:36:48:fc:46:26:68:cd:e8:fa:f1:
                    35:24:64:24:2c:c2:3f:9d:f1:58:dc:68:e2:48:b8:
                    6c:0a:cf:15:c3:07:73:3f:62:0c:7f:88:47:be:50:
                    7a:66:01:78:68:48:aa:c7:8d:6e:8a:6e:12:64:1d:
                    10:ca:5a:a1:63:47:29:1e:52:9e:fd:9c:72:07:aa:
                    06:dc:fa:90:38:10:9b:f9:a3:d3:ac:b2:70:21:49:
                    c9:11:82:07:c2:cb:0b:c0:27:0a:8b:7e:81:ea:5c:
                    59:c2:b9:57:b2:b8:28:89:11:70:4e:b1:9b:c7:21:
                    c7:1d:cc:6a:0e:cb:86:03:72:58:a8:f8:21:8d:1e:
                    d3:ca:06:4f:ae:44:9c:63:5a:12:e5:59:4a:b7:59:
                    89:3c:b5:52:12:8b:88:83:1a:96:7a:a0:51:54:58:
                    e4:3f:8b:3d:4a:dc:c9:3c:12:1d:dc:18:f2:91:c4:
                    75:2f:b5:23:09:00:90:7f:61:42:f2:95:06:d5:7b:
                    7f:1b:35:18:1e:3f:f5:e4:ee:41:6b:88:88:a8:96:
                    af:58:c5:19:90:4a:7a:75:93:4e:a1:e3:51:cb:07:
                    46:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:6C:A8:0F:0A:23:72:BD:FF:68:7A:F1:BE:76:88:C1:0C:8F:60:8F
            X509v3 Authority Key Identifier:
                keyid:9F:39:96:68:63:D8:2F:A8:BD:1C:A3:93:69:05:FA:1E:24:A9:A0:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzmWaGPYL6i9HKOTaQX6HiSpoL8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c3e3ad-51eb-4e96-98b2-0b1d09498534/1/nzmWaGPYL6i9HKOTaQX6HiSpoL8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:e7:70:c8:4f:77:db:a6:02:20:72:4b:53:1f:57:c2:ea:45:
         1b:53:80:88:99:6c:9e:2b:e7:1d:3e:a4:72:30:85:aa:cb:f8:
         19:34:10:4d:c8:88:57:e3:45:6f:f5:3e:35:23:a5:23:0c:38:
         c0:98:bf:07:73:e8:5b:ec:86:ce:9c:5b:64:9e:04:16:20:ae:
         71:1c:ea:33:20:7c:63:44:06:0d:0a:ea:92:30:ff:1e:c4:2a:
         77:c2:e0:dc:e0:d6:34:30:fc:99:93:97:ea:2f:08:33:7a:25:
         a6:c1:2e:e4:70:7e:6e:78:e7:dc:c4:ce:26:bc:1b:de:3c:46:
         7e:b8:78:53:9a:01:c4:50:d1:e8:d1:a9:d2:fc:68:7f:75:a1:
         7d:6f:70:c7:79:a6:7a:ab:ec:20:4c:ac:de:9e:8e:1e:63:87:
         45:a3:0a:13:3c:00:0e:c7:9e:38:ce:13:ec:6e:27:86:90:6c:
         b5:ce:71:fe:71:f0:3c:ba:f1:0f:25:75:d7:70:f4:ec:fa:f3:
         9e:e7:f5:84:80:e2:0e:6f:b0:c0:bd:08:f9:b7:9f:c9:13:a5:
         49:c8:05:ae:ab:3c:dd:fa:54:97:84:65:e9:68:c4:82:e9:b1:
         60:6a:77:0e:86:93:1f:ae:02:da:06:a5:4d:68:65:dd:1e:97:
         ef:92:72:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaGJC92lpfnVBFH6DMm0b+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzk5NjY4NjNkODJmYThiZDFjYTM5MzY5MDVmYTFlMjRh
OWEwYmYwHhcNMjUwNDMwMTAwMDQwWhcNMjUwNTAxMTAwMDQwWjAzMTEwLwYDVQQD
EyhkMjZjYTgwZjBhMjM3MmJkZmY2ODdhZjFiZTc2ODhjMTBjOGY2MDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdauuDyooVTlLSn2vFvL3G3OzoJH
uYFQYxYCMDTaqMhTTjZI/EYmaM3o+vE1JGQkLMI/nfFY3GjiSLhsCs8VwwdzP2IM
f4hHvlB6ZgF4aEiqx41uim4SZB0QylqhY0cpHlKe/ZxyB6oG3PqQOBCb+aPTrLJw
IUnJEYIHwssLwCcKi36B6lxZwrlXsrgoiRFwTrGbxyHHHcxqDsuGA3JYqPghjR7T
ygZPrkScY1oS5VlKt1mJPLVSEouIgxqWeqBRVFjkP4s9StzJPBId3BjykcR1L7Uj
CQCQf2FC8pUG1Xt/GzUYHj/15O5Ba4iIqJavWMUZkEp6dZNOoeNRywdG9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNJsqA8KI3K9/2h68b52iMEMj2CPMB8GA1UdIwQY
MBaAFJ85lmhj2C+ovRyjk2kF+h4kqaC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjIt
MGIxZDA5NDk4NTM0LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jM2UzYWQtNTFlYi00ZTk2LTk4YjItMGIxZDA5NDk4NTM0
LzEvbnptV2FHUFlMNmk5SEtPVGFRWDZIaVNwb0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfudwyE93
26YCIHJLUx9XwupFG1OAiJlsnivnHT6kcjCFqsv4GTQQTciIV+NFb/U+NSOlIww4
wJi/B3PoW+yGzpxbZJ4EFiCucRzqMyB8Y0QGDQrqkjD/HsQqd8Lg3ODWNDD8mZOX
6i8IM3olpsEu5HB+bnjn3MTOJrwb3jxGfrh4U5oBxFDR6NGp0vxof3WhfW9wx3mm
eqvsIEys3p6OHmOHRaMKEzwADseeOM4T7G4nhpBstc5x/nHwPLrxDyV113D07Prz
nuf1hIDiDm+wwL0I+befyROlScgFrqs83fpUl4Rl6WjEgumxYGp3DoaTH64C2gal
TWhl3R6X75Jy9g==
-----END CERTIFICATE-----