Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
File:                     NGbkl-i6koMIR7TYtnEDJdI72oU.mft (raw, json)
Hash identifier:          wsRNYYmIhqfBi7ocDZbbq0S+dwho6H/nfdmWq99SfFo=
Subject key identifier:   4B:75:5C:24:03:55:77:9F:4D:A9:6D:E2:65:80:5D:2C:45:CA:EA:25
Authority key identifier: 34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85
Certificate issuer:       /CN=3466e497e8ba92830847b4d8b6710325d23bda85
Certificate serial:       01976A05D665C7D5833A606796E72150BECD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
Manifest number:          05EC
Signing time:             Fri 13 Jun 2025 16:00:56 +0000
Manifest this update:     Fri 13 Jun 2025 16:00:56 +0000
Manifest next update:     Sat 14 Jun 2025 16:00:56 +0000
Files and hashes:         1: NGbkl-i6koMIR7TYtnEDJdI72oU.crl (hash: /m3IA2axuQCvPB/E4VKBKkrJr+++hzdXmJs6J6vKixM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6a:05:d6:65:c7:d5:83:3a:60:67:96:e7:21:50:be:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3466e497e8ba92830847b4d8b6710325d23bda85
        Validity
            Not Before: Jun 13 16:00:56 2025 GMT
            Not After : Jun 14 16:00:56 2025 GMT
        Subject: CN=4b755c240355779f4da96de265805d2c45caea25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:9e:6a:94:dd:b0:a7:28:bd:e7:99:6b:6e:ae:
                    92:31:f0:27:c3:d7:a9:a5:d1:92:dc:fe:95:39:e7:
                    97:b2:48:32:a6:08:eb:2a:b0:0b:ac:10:56:55:6e:
                    d8:db:1a:8b:8c:8b:1c:55:85:69:8a:c0:d6:44:84:
                    46:03:53:dd:6a:14:9e:b5:4a:49:36:2a:f9:63:f3:
                    f0:81:e6:ae:3b:9c:8d:f7:95:af:44:ca:ab:53:35:
                    20:73:53:df:65:46:7f:04:92:0b:6e:72:44:bc:60:
                    b5:45:a2:87:56:56:2a:e3:ba:fd:a6:e9:9e:a9:31:
                    83:6d:3a:48:05:72:1d:bd:d9:2f:16:5f:67:b9:08:
                    1b:19:31:cf:c2:57:b0:ad:9c:dd:50:48:9e:4d:27:
                    f3:c9:b4:09:1e:45:b4:eb:5f:27:6b:89:5f:5f:b3:
                    d2:c0:b6:dc:55:13:f2:d6:fc:01:0a:e1:33:9c:35:
                    30:e3:c3:0f:de:d0:bc:7a:ef:c1:84:50:4d:56:7e:
                    fc:b9:45:74:bf:a7:b5:fa:19:23:91:6d:82:8a:81:
                    52:77:6f:8c:71:b9:c1:34:46:30:eb:39:22:4b:9e:
                    dc:92:07:50:96:96:dc:14:e4:b2:41:42:03:88:6f:
                    2f:f6:f4:55:21:6a:e3:67:ab:d5:0c:55:70:f8:15:
                    55:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:75:5C:24:03:55:77:9F:4D:A9:6D:E2:65:80:5D:2C:45:CA:EA:25
            X509v3 Authority Key Identifier:
                keyid:34:66:E4:97:E8:BA:92:83:08:47:B4:D8:B6:71:03:25:D2:3B:DA:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NGbkl-i6koMIR7TYtnEDJdI72oU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/44846d-55d0-4a20-bd11-dcad08f2f23f/1/NGbkl-i6koMIR7TYtnEDJdI72oU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:db:66:c3:2e:fd:f9:b9:eb:a6:91:54:a1:77:25:ad:0e:73:
         56:eb:bd:2b:ff:fa:9f:e8:e2:7e:b0:52:8f:f7:97:9d:36:95:
         4b:73:d9:27:cc:52:bc:60:01:2b:d1:90:cf:f1:72:3d:3d:6c:
         68:23:85:21:4d:7b:59:31:24:d4:79:37:03:18:08:1a:40:ff:
         86:79:75:5d:cf:73:79:65:2f:3b:d7:0e:45:b1:fc:d4:be:53:
         6d:f6:ee:22:0b:10:06:e4:0e:c8:81:9c:27:64:19:c1:fd:53:
         6a:dd:04:4f:4f:1e:f4:ae:ec:09:75:0b:eb:ce:30:8e:fb:5c:
         60:e5:b6:9e:03:d0:d9:32:c9:b4:1a:a4:ee:20:44:d5:f6:a6:
         00:56:e1:c3:aa:75:c2:b2:e0:53:55:37:dc:9b:87:f0:16:27:
         ed:dc:be:08:d2:51:2d:23:f0:c5:06:e8:cc:05:ab:d6:26:46:
         98:7b:52:69:0d:87:1c:b0:59:f4:a4:f8:2e:08:47:de:f6:90:
         20:15:8d:57:c7:01:eb:7b:b7:43:4f:13:a7:0a:c4:38:37:36:
         b6:b4:b3:08:64:37:cf:ba:29:e6:32:6f:a6:81:e3:f7:87:9b:
         13:e2:f4:dd:1e:f3:d1:72:e5:82:be:9b:a7:44:d3:42:6a:1b:
         fd:af:09:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdqBdZlx9WDOmBnluchUL7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NjZlNDk3ZThiYTkyODMwODQ3YjRkOGI2NzEwMzI1ZDIz
YmRhODUwHhcNMjUwNjEzMTYwMDU2WhcNMjUwNjE0MTYwMDU2WjAzMTEwLwYDVQQD
Eyg0Yjc1NWMyNDAzNTU3NzlmNGRhOTZkZTI2NTgwNWQyYzQ1Y2FlYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi55qlN2wpyi955lrbq6SMfAnw9ep
pdGS3P6VOeeXskgypgjrKrALrBBWVW7Y2xqLjIscVYVpisDWRIRGA1PdahSetUpJ
Nir5Y/PwgeauO5yN95WvRMqrUzUgc1PfZUZ/BJILbnJEvGC1RaKHVlYq47r9pume
qTGDbTpIBXIdvdkvFl9nuQgbGTHPwlewrZzdUEieTSfzybQJHkW0618na4lfX7PS
wLbcVRPy1vwBCuEznDUw48MP3tC8eu/BhFBNVn78uUV0v6e1+hkjkW2CioFSd2+M
cbnBNEYw6zkiS57ckgdQlpbcFOSyQUIDiG8v9vRVIWrjZ6vVDFVw+BVV2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEt1XCQDVXefTalt4mWAXSxFyuolMB8GA1UdIwQY
MBaAFDRm5JfoupKDCEe02LZxAyXSO9qFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEt
ZGNhZDA4ZjJmMjNmLzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80NDg0NmQtNTVkMC00YTIwLWJkMTEtZGNhZDA4ZjJmMjNm
LzEvTkdia2wtaTZrb01JUjdUWXRuRURKZEk3Mm9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW9tmwy79
+bnrppFUoXclrQ5zVuu9K//6n+jifrBSj/eXnTaVS3PZJ8xSvGABK9GQz/FyPT1s
aCOFIU17WTEk1Hk3AxgIGkD/hnl1Xc9zeWUvO9cORbH81L5TbfbuIgsQBuQOyIGc
J2QZwf1Tat0ET08e9K7sCXUL684wjvtcYOW2ngPQ2TLJtBqk7iBE1famAFbhw6p1
wrLgU1U33JuH8BYn7dy+CNJRLSPwxQbozAWr1iZGmHtSaQ2HHLBZ9KT4LghH3vaQ
IBWNV8cB63u3Q08TpwrEODc2trSzCGQ3z7op5jJvpoHj94ebE+L03R7z0XLlgr6b
p0TTQmob/a8JXw==
-----END CERTIFICATE-----