Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          eJPWpiUBozjIvIWPI/ZAyoquYRdqlynVz0QKf+8MUKg=
Subject key identifier:   81:63:89:99:FD:40:4A:61:B5:39:06:E8:91:A8:88:C3:18:55:51:08
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       01968EB917B7547650CCFF54F4B23EADD750
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          02D9
Signing time:             Fri 02 May 2025 02:00:16 +0000
Manifest this update:     Fri 02 May 2025 02:00:16 +0000
Manifest next update:     Sat 03 May 2025 02:00:16 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: /R3Tr75q4aQdNEPEj3UvAPTdQKxThPqdixmZ/T5i/Qk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 03 May 2025 02:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:8e:b9:17:b7:54:76:50:cc:ff:54:f4:b2:3e:ad:d7:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: May  2 02:00:16 2025 GMT
            Not After : May  3 02:00:16 2025 GMT
        Subject: CN=81638999fd404a61b53906e891a888c318555108
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:bf:63:86:38:ae:56:0a:20:fd:09:be:95:62:
                    b0:0c:60:33:45:24:d7:a3:2c:7d:36:cd:af:da:68:
                    de:25:da:1d:ff:96:55:ae:5a:d9:d3:d2:02:92:54:
                    ad:00:f1:8f:8d:58:ff:c7:17:0e:10:3e:81:f9:97:
                    a8:e3:ba:cb:e4:38:3e:a0:c2:cd:a4:45:27:f2:3d:
                    e4:f7:50:6f:bf:ec:cf:06:a2:d1:b9:fe:14:6b:d1:
                    72:43:54:5d:72:fd:c7:38:27:21:c4:29:13:45:e7:
                    85:79:46:97:db:08:f1:07:c8:f5:72:f4:bf:d1:73:
                    43:bf:9a:46:af:a7:ee:d6:b3:83:33:6d:02:35:a3:
                    70:29:0e:55:d1:10:85:fd:3c:89:60:4c:49:e8:3f:
                    47:b3:c7:b9:7f:a2:4b:0e:e3:ce:45:fa:82:f9:d7:
                    04:1b:36:51:ad:3d:5c:42:0d:37:2d:ef:fa:1f:b7:
                    77:bb:87:c2:4d:b9:e0:0d:eb:d3:b9:61:ec:e2:9e:
                    9e:59:32:90:c5:03:98:60:cc:2c:0c:fd:dc:1d:49:
                    7a:cc:10:79:15:0c:b3:f6:6c:2a:db:d5:e0:57:4d:
                    9f:b6:4b:7e:8c:c2:09:73:88:38:e5:ae:a7:6a:db:
                    e6:8d:b4:12:87:86:26:d9:ab:f6:97:f6:cf:15:92:
                    80:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:63:89:99:FD:40:4A:61:B5:39:06:E8:91:A8:88:C3:18:55:51:08
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:24:d1:08:5c:49:32:9f:e0:aa:0c:3b:70:91:24:44:c7:7c:
         f2:73:cf:19:56:2a:f4:e6:1c:c2:7f:ff:6b:8e:14:1b:57:e9:
         63:7f:61:82:7f:06:be:b6:a9:3d:b1:54:c0:c7:03:58:e8:63:
         60:7a:6f:3f:31:93:3a:d0:9e:86:6e:c6:1a:97:ba:4b:a3:89:
         b0:94:88:a5:4a:8d:7a:75:b3:dd:51:81:e2:05:ea:57:5f:3c:
         65:4e:6a:84:ed:93:e5:01:d3:76:77:ff:dd:8a:13:25:a5:73:
         3e:0d:05:4f:66:97:58:cb:fa:ef:d6:5d:e0:7c:c1:b5:7d:89:
         2e:d4:4f:7d:f7:2e:b7:42:93:fc:f1:98:02:a4:d7:14:4c:3b:
         ea:99:46:2d:3e:91:31:8e:2b:d4:44:3d:1f:b4:26:c7:e9:24:
         0c:89:1b:a6:a2:e7:b4:d8:a9:4a:9a:69:40:e4:23:62:db:6d:
         38:53:79:14:92:f1:0f:76:19:2f:9c:0d:41:dd:be:d0:7e:40:
         a9:22:70:5b:4c:00:dc:79:19:54:d7:0f:93:01:88:8d:28:85:
         c3:bb:fb:ed:ff:79:54:4b:ed:42:62:f9:e7:83:05:11:f7:ef:
         9f:7c:93:d5:bd:1a:7f:7f:f9:07:ad:81:49:30:9e:d5:16:6d:
         70:04:81:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaOuRe3VHZQzP9U9LI+rddQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjUwNTAyMDIwMDE2WhcNMjUwNTAzMDIwMDE2WjAzMTEwLwYDVQQD
Eyg4MTYzODk5OWZkNDA0YTYxYjUzOTA2ZTg5MWE4ODhjMzE4NTU1MTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL9jhjiuVgog/Qm+lWKwDGAzRSTX
oyx9Ns2v2mjeJdod/5ZVrlrZ09ICklStAPGPjVj/xxcOED6B+Zeo47rL5Dg+oMLN
pEUn8j3k91Bvv+zPBqLRuf4Ua9FyQ1Rdcv3HOCchxCkTReeFeUaX2wjxB8j1cvS/
0XNDv5pGr6fu1rODM20CNaNwKQ5V0RCF/TyJYExJ6D9Hs8e5f6JLDuPORfqC+dcE
GzZRrT1cQg03Le/6H7d3u4fCTbngDevTuWHs4p6eWTKQxQOYYMwsDP3cHUl6zBB5
FQyz9mwq29XgV02ftkt+jMIJc4g45a6natvmjbQSh4Ym2av2l/bPFZKATwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIFjiZn9QEphtTkG6JGoiMMYVVEIMB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMSTRCFxJ
Mp/gqgw7cJEkRMd88nPPGVYq9OYcwn//a44UG1fpY39hgn8GvrapPbFUwMcDWOhj
YHpvPzGTOtCehm7GGpe6S6OJsJSIpUqNenWz3VGB4gXqV188ZU5qhO2T5QHTdnf/
3YoTJaVzPg0FT2aXWMv679Zd4HzBtX2JLtRPffcut0KT/PGYAqTXFEw76plGLT6R
MY4r1EQ9H7Qmx+kkDIkbpqLntNipSpppQOQjYtttOFN5FJLxD3YZL5wNQd2+0H5A
qSJwW0wA3HkZVNcPkwGIjSiFw7v77f95VEvtQmL554MFEffvn3yT1b0af3/5B62B
STCe1RZtcASBeg==
-----END CERTIFICATE-----