Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
File:                     Nir0h5VMm5am51wljQQ3o4RJupA.mft (raw, json)
Hash identifier:          oq2WNAYZbVPgu/Ajle+0KboK2M+YIvD69p/8s7T/GA0=
Subject key identifier:   26:10:7F:AF:4E:1D:87:88:E4:EB:B8:D3:2F:B2:B4:7E:18:2D:DD:32
Authority key identifier: 36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90
Certificate issuer:       /CN=362af487954c9b96a6e75c258d0437a38449ba90
Certificate serial:       019689C9FEABF441FBB9FB288833330D8585
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
Manifest number:          13C5
Signing time:             Thu 01 May 2025 03:00:38 +0000
Manifest this update:     Thu 01 May 2025 03:00:38 +0000
Manifest next update:     Fri 02 May 2025 03:00:38 +0000
Files and hashes:         1: Nir0h5VMm5am51wljQQ3o4RJupA.crl (hash: jPWi+mD6bZNsUFPGtPjQk/0bA1qGH0X/qgw0nOx3LAQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 21:27:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:89:c9:fe:ab:f4:41:fb:b9:fb:28:88:33:33:0d:85:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=362af487954c9b96a6e75c258d0437a38449ba90
        Validity
            Not Before: May  1 03:00:38 2025 GMT
            Not After : May  2 03:00:38 2025 GMT
        Subject: CN=26107faf4e1d8788e4ebb8d32fb2b47e182ddd32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:bb:6a:00:61:02:5c:06:d3:f3:4a:f4:c2:c0:
                    ca:7c:34:7c:80:6f:2b:41:d7:2e:59:a0:47:8f:56:
                    c6:f1:50:24:52:be:bd:f5:c1:19:29:9b:0c:5a:01:
                    c3:c9:a1:34:7e:9c:35:0f:93:38:f0:ea:2f:26:cb:
                    0d:30:60:f5:10:70:0e:f2:fd:2d:4a:6e:47:53:33:
                    c3:72:c0:14:57:82:8e:ba:b9:4f:4e:81:01:c0:47:
                    d4:cd:13:04:12:b5:69:9c:fb:d6:be:95:4b:64:1a:
                    81:d4:04:94:ee:d5:7c:61:cf:9e:41:dc:e0:1e:52:
                    23:56:09:17:64:8a:c5:3a:91:2a:a9:19:b6:48:34:
                    ae:d7:f3:e8:99:07:04:56:eb:e9:f2:e3:3c:6e:28:
                    f0:6c:91:e1:c5:71:3b:8f:14:41:3a:18:f5:13:0b:
                    68:d5:5b:a2:f9:e9:6a:6d:4f:d0:3e:7f:96:87:01:
                    2a:9d:73:30:34:40:be:7d:61:20:fb:73:c3:22:af:
                    07:c1:83:00:29:c6:99:6e:15:a9:47:47:f6:e6:0c:
                    dd:54:95:d2:aa:68:35:a0:26:73:63:dd:94:7e:98:
                    45:9a:d8:80:19:68:36:f1:a5:ba:54:a8:d1:b4:d6:
                    10:ba:4f:e4:fa:db:fe:57:9b:51:1f:b2:e5:08:bf:
                    88:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:10:7F:AF:4E:1D:87:88:E4:EB:B8:D3:2F:B2:B4:7E:18:2D:DD:32
            X509v3 Authority Key Identifier:
                keyid:36:2A:F4:87:95:4C:9B:96:A6:E7:5C:25:8D:04:37:A3:84:49:BA:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nir0h5VMm5am51wljQQ3o4RJupA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ba20ed-e70f-4733-9545-5113b7429f86/1/Nir0h5VMm5am51wljQQ3o4RJupA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3e:4c:88:35:60:1d:89:29:0d:23:b5:3a:00:3b:96:c4:70:ae:
         96:79:6f:73:7d:4e:6e:5c:7c:61:5f:fe:ab:3e:eb:33:cf:a5:
         07:5c:03:7d:df:0e:e1:71:bf:7b:e8:f5:13:b2:9c:10:de:ee:
         86:54:89:2d:13:77:de:4d:14:dd:95:bf:94:db:bf:51:fd:6d:
         cc:26:31:8b:ac:f7:c8:9b:11:ac:33:18:3b:3b:a9:14:a3:fb:
         82:8e:d8:4c:f3:0b:8d:b0:2f:6b:c7:25:74:d6:b0:c9:db:1b:
         4f:c2:4b:c4:1a:78:f9:1b:ae:c0:87:95:a1:db:20:d7:22:e7:
         a2:6c:ba:d1:cb:01:84:bd:92:fa:b6:4d:ea:6c:98:30:d8:25:
         bc:50:a1:78:fb:27:d9:14:1d:63:14:34:aa:44:50:66:9d:d2:
         a1:02:d0:38:dc:0a:ec:c5:11:9a:af:74:5e:d8:e0:c7:a9:2a:
         e7:f4:ca:21:12:6b:cc:3f:8b:a6:42:0c:22:31:fe:fc:c7:ff:
         26:a2:1e:f2:22:1c:b0:63:bc:14:9b:fd:16:2a:f1:ce:a9:9a:
         11:7a:f0:d7:24:51:5f:b3:53:a4:9b:e3:fb:74:81:f6:f8:68:
         cd:94:8d:97:aa:fc:71:a2:73:1b:d7:7a:27:59:9d:5a:af:63:
         0b:fe:d3:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaJyf6r9EH7ufsoiDMzDYWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MmFmNDg3OTU0YzliOTZhNmU3NWMyNThkMDQzN2EzODQ0
OWJhOTAwHhcNMjUwNTAxMDMwMDM4WhcNMjUwNTAyMDMwMDM4WjAzMTEwLwYDVQQD
EygyNjEwN2ZhZjRlMWQ4Nzg4ZTRlYmI4ZDMyZmIyYjQ3ZTE4MmRkZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrtqAGECXAbT80r0wsDKfDR8gG8r
QdcuWaBHj1bG8VAkUr699cEZKZsMWgHDyaE0fpw1D5M48OovJssNMGD1EHAO8v0t
Sm5HUzPDcsAUV4KOurlPToEBwEfUzRMEErVpnPvWvpVLZBqB1ASU7tV8Yc+eQdzg
HlIjVgkXZIrFOpEqqRm2SDSu1/PomQcEVuvp8uM8bijwbJHhxXE7jxRBOhj1Ewto
1Vui+elqbU/QPn+WhwEqnXMwNEC+fWEg+3PDIq8HwYMAKcaZbhWpR0f25gzdVJXS
qmg1oCZzY92UfphFmtiAGWg28aW6VKjRtNYQuk/k+tv+V5tRH7LlCL+INQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYQf69OHYeI5Ou40y+ytH4YLd0yMB8GA1UdIwQY
MBaAFDYq9IeVTJuWpudcJY0EN6OESbqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUt
NTExM2I3NDI5Zjg2LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9iYTIwZWQtZTcwZi00NzMzLTk1NDUtNTExM2I3NDI5Zjg2
LzEvTmlyMGg1Vk1tNWFtNTF3bGpRUTNvNFJKdXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPkyINWAd
iSkNI7U6ADuWxHCulnlvc31Oblx8YV/+qz7rM8+lB1wDfd8O4XG/e+j1E7KcEN7u
hlSJLRN33k0U3ZW/lNu/Uf1tzCYxi6z3yJsRrDMYOzupFKP7go7YTPMLjbAva8cl
dNawydsbT8JLxBp4+RuuwIeVodsg1yLnomy60csBhL2S+rZN6myYMNglvFChePsn
2RQdYxQ0qkRQZp3SoQLQONwK7MURmq90Xtjgx6kq5/TKIRJrzD+LpkIMIjH+/Mf/
JqIe8iIcsGO8FJv9FirxzqmaEXrw1yRRX7NTpJvj+3SB9vhozZSNl6r8caJzG9d6
J1mdWq9jC/7T7A==
-----END CERTIFICATE-----