Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
File:                     NhIf0uc0bus8H451uTyE-VhB9EY.mft (raw, json)
Hash identifier:          ohZiCW3TQRj9ikIY60rgAaVYyWeIvc5bewSHNtlOfSY=
Subject key identifier:   A6:CD:0D:DC:A5:92:8F:96:68:5F:D1:65:3E:CF:91:10:0D:A0:57:8F
Authority key identifier: 36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46
Certificate issuer:       /CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
Certificate serial:       0197722CCC14D56D70D372E6A1008DF3FD0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
Manifest number:          02A8
Signing time:             Sun 15 Jun 2025 06:00:27 +0000
Manifest this update:     Sun 15 Jun 2025 06:00:27 +0000
Manifest next update:     Mon 16 Jun 2025 06:00:27 +0000
Files and hashes:         1: NhIf0uc0bus8H451uTyE-VhB9EY.crl (hash: 7he8zg3AOsm8rWgDT+pZ8ZHGjtpE7AY0SOT3DLhJtdg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Jun 2025 04:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:72:2c:cc:14:d5:6d:70:d3:72:e6:a1:00:8d:f3:fd:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36121fd2e7346eeb3c1f8e75b93c84f95841f446
        Validity
            Not Before: Jun 15 06:00:27 2025 GMT
            Not After : Jun 16 06:00:27 2025 GMT
        Subject: CN=a6cd0ddca5928f96685fd1653ecf91100da0578f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:83:cd:c3:d2:be:c4:36:48:c5:1a:cd:33:69:
                    87:cf:b4:55:49:e6:77:a1:b2:75:68:44:4f:cc:22:
                    1e:a9:3e:44:71:c0:da:c1:53:b6:b3:5e:cb:e9:ad:
                    1c:0f:f6:01:38:87:43:0b:bb:4a:24:33:67:6f:c1:
                    f5:a3:3c:f7:bb:45:3d:45:e3:0f:eb:82:c3:b0:94:
                    2c:ad:95:dc:1e:06:5e:9f:0e:15:f9:94:90:20:d9:
                    43:4d:b9:85:25:85:95:bc:87:8d:4e:3c:1c:87:3b:
                    58:42:89:b9:13:b5:c3:ee:85:e0:81:5f:16:b0:f6:
                    a7:a8:7e:87:84:35:61:af:68:81:3f:22:ff:5f:91:
                    94:91:2e:e6:fe:5d:65:7f:4d:49:5b:4d:89:5f:63:
                    9f:1a:f5:a2:d8:cc:fa:cf:b5:01:08:ad:3a:24:cc:
                    9b:aa:84:78:26:ca:4f:f1:d7:4d:f3:f6:3a:7d:81:
                    94:d1:9d:79:a1:9c:c9:68:5c:a7:50:f6:0e:d7:7d:
                    a8:b1:1d:6c:3d:d3:34:fa:82:c2:f8:d5:58:8a:c9:
                    4f:83:f8:fd:bc:ca:1c:21:c9:d0:19:eb:3b:72:c7:
                    e9:aa:29:52:de:e3:3b:7b:d3:53:e5:35:79:f9:0a:
                    1c:fe:8d:dc:91:f0:9c:1a:1d:15:74:9a:95:29:47:
                    43:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:CD:0D:DC:A5:92:8F:96:68:5F:D1:65:3E:CF:91:10:0D:A0:57:8F
            X509v3 Authority Key Identifier:
                keyid:36:12:1F:D2:E7:34:6E:EB:3C:1F:8E:75:B9:3C:84:F9:58:41:F4:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhIf0uc0bus8H451uTyE-VhB9EY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/21d560-cb15-46c3-af34-a89e937e29d1/1/NhIf0uc0bus8H451uTyE-VhB9EY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:3b:71:36:b1:dc:13:64:49:89:d8:bc:7b:7f:4f:25:20:80:
         97:86:e0:18:d0:fa:ad:f5:a8:0f:80:ef:5c:7c:a6:63:5c:b8:
         58:31:28:75:a9:c4:4a:f8:1c:83:f4:76:80:0d:bd:5c:3f:86:
         3a:e2:ea:6c:1d:4b:20:13:6c:0b:9e:22:b7:b4:11:8c:51:10:
         2a:91:00:e0:a6:05:a6:cf:85:b0:14:69:49:c0:89:4a:ae:f3:
         40:99:d1:14:35:a4:74:8b:2d:ff:35:2e:a3:b7:8a:7a:3a:29:
         2e:e9:a6:bb:42:1b:2a:4e:5c:10:47:a3:34:85:5a:e8:eb:11:
         ca:a2:c7:11:02:77:b0:b0:3f:48:46:22:5d:02:70:23:eb:51:
         b9:ea:df:d5:20:9b:f9:7b:51:83:10:83:ca:e9:92:63:4d:04:
         34:99:6e:81:fc:2c:e6:41:5e:1a:91:cd:22:fb:6d:6a:af:54:
         2f:5f:29:6f:84:3f:80:28:f8:be:f5:75:26:b7:cd:3b:ba:ae:
         ed:3b:21:c4:c9:89:92:41:9e:e6:64:11:f3:ea:83:60:1e:ac:
         81:fc:f5:18:87:e8:77:45:e5:cb:6c:4e:e8:c8:40:ce:a5:09:
         5c:10:cf:bc:b1:69:40:04:ad:c1:93:77:5e:35:6d:da:e8:a6:
         2d:cd:0d:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdyLMwU1W1w03LmoQCN8/0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MTIxZmQyZTczNDZlZWIzYzFmOGU3NWI5M2M4NGY5NTg0
MWY0NDYwHhcNMjUwNjE1MDYwMDI3WhcNMjUwNjE2MDYwMDI3WjAzMTEwLwYDVQQD
EyhhNmNkMGRkY2E1OTI4Zjk2Njg1ZmQxNjUzZWNmOTExMDBkYTA1NzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4PNw9K+xDZIxRrNM2mHz7RVSeZ3
obJ1aERPzCIeqT5EccDawVO2s17L6a0cD/YBOIdDC7tKJDNnb8H1ozz3u0U9ReMP
64LDsJQsrZXcHgZenw4V+ZSQINlDTbmFJYWVvIeNTjwchztYQom5E7XD7oXggV8W
sPanqH6HhDVhr2iBPyL/X5GUkS7m/l1lf01JW02JX2OfGvWi2Mz6z7UBCK06JMyb
qoR4JspP8ddN8/Y6fYGU0Z15oZzJaFynUPYO132osR1sPdM0+oLC+NVYislPg/j9
vMocIcnQGes7csfpqilS3uM7e9NT5TV5+Qoc/o3ckfCcGh0VdJqVKUdDrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKbNDdylko+WaF/RZT7PkRANoFePMB8GA1UdIwQY
MBaAFDYSH9LnNG7rPB+Odbk8hPlYQfRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQt
YTg5ZTkzN2UyOWQxLzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yMWQ1NjAtY2IxNS00NmMzLWFmMzQtYTg5ZTkzN2UyOWQx
LzEvTmhJZjB1YzBidXM4SDQ1MXVUeUUtVmhCOUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcjtxNrHc
E2RJidi8e39PJSCAl4bgGND6rfWoD4DvXHymY1y4WDEodanESvgcg/R2gA29XD+G
OuLqbB1LIBNsC54it7QRjFEQKpEA4KYFps+FsBRpScCJSq7zQJnRFDWkdIst/zUu
o7eKejopLummu0IbKk5cEEejNIVa6OsRyqLHEQJ3sLA/SEYiXQJwI+tRuerf1SCb
+XtRgxCDyumSY00ENJlugfws5kFeGpHNIvttaq9UL18pb4Q/gCj4vvV1JrfNO7qu
7TshxMmJkkGe5mQR8+qDYB6sgfz1GIfod0Xly2xO6MhAzqUJXBDPvLFpQAStwZN3
XjVt2uimLc0N8w==
-----END CERTIFICATE-----