Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.mft
File:                     ndrXzlnL6NGaA0EfocbJug1CAqI.mft (raw, json)
Hash identifier:          9OnZ+hMZHNQU7K/6pmNAXlsywd8aLypESOeU0DcOI0s=
Subject key identifier:   D8:E8:BD:82:72:33:4B:B8:69:6A:93:A1:05:56:CA:01:3F:35:08:54
Authority key identifier: 9D:DA:D7:CE:59:CB:E8:D1:9A:03:41:1F:A1:C6:C9:BA:0D:42:02:A2
Certificate issuer:       /CN=9ddad7ce59cbe8d19a03411fa1c6c9ba0d4202a2
Certificate serial:       01976D3DC73DC58DB7DA6067B67D0F39251C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ndrXzlnL6NGaA0EfocbJug1CAqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.mft
Manifest number:          08FF
Signing time:             Sat 14 Jun 2025 07:00:54 +0000
Manifest this update:     Sat 14 Jun 2025 07:00:54 +0000
Manifest next update:     Sun 15 Jun 2025 07:00:54 +0000
Files and hashes:         1: ndrXzlnL6NGaA0EfocbJug1CAqI.crl (hash: 9XVJAyICJL/bND1aPGevwWRfbG43sEMCVgLSM5f0NPo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ndrXzlnL6NGaA0EfocbJug1CAqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:3d:c7:3d:c5:8d:b7:da:60:67:b6:7d:0f:39:25:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9ddad7ce59cbe8d19a03411fa1c6c9ba0d4202a2
        Validity
            Not Before: Jun 14 07:00:54 2025 GMT
            Not After : Jun 15 07:00:54 2025 GMT
        Subject: CN=d8e8bd8272334bb8696a93a10556ca013f350854
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:cd:ba:f9:92:d6:d3:06:91:2a:12:f6:f0:71:
                    6c:8e:23:e9:55:39:98:ff:2f:7d:9e:b2:6b:6e:ff:
                    f3:e2:65:90:0d:87:ca:bb:d2:37:45:48:6c:fe:9d:
                    77:b9:8a:7a:2f:f5:9f:f1:c6:1d:6d:95:d4:d2:1f:
                    2f:33:c8:49:cb:31:83:8f:d3:af:a4:2a:58:c3:0d:
                    39:1d:66:df:87:cb:33:2b:63:5c:1b:83:ae:bd:18:
                    ca:23:80:f3:f2:91:d5:17:ae:54:86:f0:4d:15:5d:
                    4b:3f:42:35:3f:75:d1:85:97:55:8d:5a:a7:d0:ea:
                    0f:1a:81:83:86:b3:1f:80:b9:52:40:c5:63:c8:f1:
                    22:d9:46:13:73:55:e1:e6:2c:44:f7:c7:2d:af:e6:
                    4b:4f:be:d1:4d:20:f1:42:1b:61:cc:7d:6b:15:15:
                    b7:d1:99:64:a5:f3:41:0d:fb:7d:d5:7f:f3:7f:69:
                    0f:a4:0c:f5:94:60:8e:d5:34:e9:b0:f1:a3:1e:61:
                    a7:ab:3d:fe:5a:9a:38:a9:21:d1:1e:13:09:7e:8c:
                    14:a7:e0:cb:ef:bf:24:33:b7:d3:8d:df:c4:bd:b3:
                    68:d8:4e:9b:a6:f5:2a:67:9c:f9:2a:84:dd:86:73:
                    5a:06:e2:f5:4e:e1:3f:e1:ca:55:6d:70:e3:d1:46:
                    1d:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:E8:BD:82:72:33:4B:B8:69:6A:93:A1:05:56:CA:01:3F:35:08:54
            X509v3 Authority Key Identifier:
                keyid:9D:DA:D7:CE:59:CB:E8:D1:9A:03:41:1F:A1:C6:C9:BA:0D:42:02:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndrXzlnL6NGaA0EfocbJug1CAqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/50635a-630d-4f64-ac43-cca3528e20e2/1/ndrXzlnL6NGaA0EfocbJug1CAqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:e0:5c:af:07:af:79:0c:2d:5b:0d:8c:9f:c2:b4:7f:5c:76:
         55:0b:c3:f8:8c:19:96:eb:c0:c3:72:68:c2:83:e4:88:19:47:
         ef:e4:8d:f8:bf:84:20:09:14:cd:2d:6b:4a:ac:43:b6:ff:84:
         7c:f6:46:58:c9:a5:cf:d9:15:12:62:0e:fc:d1:de:a2:61:9b:
         78:d0:4e:74:69:26:ba:e3:ef:f3:02:28:e8:28:1c:88:a0:e0:
         c7:68:18:b4:93:08:8d:90:2c:6b:42:d9:3d:81:ba:83:49:b9:
         82:e1:63:31:65:10:e0:c8:2a:7c:c0:1b:33:aa:bc:54:1c:45:
         3e:5c:b3:ea:3c:5e:0c:9a:f9:eb:4d:10:fd:dc:44:28:92:c6:
         81:2f:28:0b:23:59:fd:d6:6e:fa:d8:c4:3b:4b:e0:ed:d3:7c:
         00:92:42:49:d9:2b:9b:b9:86:54:a9:36:10:e2:e3:10:ee:1f:
         fe:52:a9:cc:24:48:09:94:16:a8:f0:ec:5f:84:b8:04:6a:67:
         55:c9:86:8d:cb:6b:17:c1:7f:7b:96:70:d7:5e:5b:74:30:0c:
         af:c1:4e:53:44:db:fa:5b:8a:d6:5f:fb:99:5f:c8:00:93:67:
         63:19:c7:4c:ce:61:0c:68:45:82:9f:86:74:7a:9e:27:65:d8:
         9c:20:c6:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtPcc9xY232mBntn0POSUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZGFkN2NlNTljYmU4ZDE5YTAzNDExZmExYzZjOWJhMGQ0
MjAyYTIwHhcNMjUwNjE0MDcwMDU0WhcNMjUwNjE1MDcwMDU0WjAzMTEwLwYDVQQD
EyhkOGU4YmQ4MjcyMzM0YmI4Njk2YTkzYTEwNTU2Y2EwMTNmMzUwODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu826+ZLW0waRKhL28HFsjiPpVTmY
/y99nrJrbv/z4mWQDYfKu9I3RUhs/p13uYp6L/Wf8cYdbZXU0h8vM8hJyzGDj9Ov
pCpYww05HWbfh8szK2NcG4OuvRjKI4Dz8pHVF65UhvBNFV1LP0I1P3XRhZdVjVqn
0OoPGoGDhrMfgLlSQMVjyPEi2UYTc1Xh5ixE98ctr+ZLT77RTSDxQhthzH1rFRW3
0ZlkpfNBDft91X/zf2kPpAz1lGCO1TTpsPGjHmGnqz3+Wpo4qSHRHhMJfowUp+DL
778kM7fTjd/EvbNo2E6bpvUqZ5z5KoTdhnNaBuL1TuE/4cpVbXDj0UYdFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNjovYJyM0u4aWqToQVWygE/NQhUMB8GA1UdIwQY
MBaAFJ3a185Zy+jRmgNBH6HGyboNQgKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRyWHpsbkw2TkdhQTBFZm9jYkp1ZzFDQXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MDYzNWEtNjMwZC00ZjY0LWFjNDMt
Y2NhMzUyOGUyMGUyLzEvbmRyWHpsbkw2TkdhQTBFZm9jYkp1ZzFDQXFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MDYzNWEtNjMwZC00ZjY0LWFjNDMtY2NhMzUyOGUyMGUy
LzEvbmRyWHpsbkw2TkdhQTBFZm9jYkp1ZzFDQXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAouBcrwev
eQwtWw2Mn8K0f1x2VQvD+IwZluvAw3JowoPkiBlH7+SN+L+EIAkUzS1rSqxDtv+E
fPZGWMmlz9kVEmIO/NHeomGbeNBOdGkmuuPv8wIo6CgciKDgx2gYtJMIjZAsa0LZ
PYG6g0m5guFjMWUQ4MgqfMAbM6q8VBxFPlyz6jxeDJr5600Q/dxEKJLGgS8oCyNZ
/dZu+tjEO0vg7dN8AJJCSdkrm7mGVKk2EOLjEO4f/lKpzCRICZQWqPDsX4S4BGpn
VcmGjctrF8F/e5Zw115bdDAMr8FOU0Tb+luK1l/7mV/IAJNnYxnHTM5hDGhFgp+G
dHqeJ2XYnCDGIg==
-----END CERTIFICATE-----