Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
File:                     nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft (raw, json)
Hash identifier:          Tx+xYVh4wzE0iQEIcRfVRvCPUXmcG+3e9pXA9ygChdQ=
Subject key identifier:   01:6D:2D:14:8E:2B:2C:72:91:03:17:D8:23:B8:13:8C:A5:6F:57:21
Authority key identifier: 9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E
Certificate issuer:       /CN=9d3627d9766514578942420050bf83a8b129166e
Certificate serial:       01967756024DD28B19C2214AFE38585EBF4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
Manifest number:          11A0
Signing time:             Sun 27 Apr 2025 13:00:47 +0000
Manifest this update:     Sun 27 Apr 2025 13:00:47 +0000
Manifest next update:     Mon 28 Apr 2025 13:00:47 +0000
Files and hashes:         1: nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl (hash: kecbPpkzllYqXztXHdmnNEo4OtnPxiDQxPpMAT5W0BY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 13:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:77:56:02:4d:d2:8b:19:c2:21:4a:fe:38:58:5e:bf:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d3627d9766514578942420050bf83a8b129166e
        Validity
            Not Before: Apr 27 13:00:47 2025 GMT
            Not After : Apr 28 13:00:47 2025 GMT
        Subject: CN=016d2d148e2b2c72910317d823b8138ca56f5721
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:7c:90:53:cc:96:92:7a:05:2f:90:14:c7:17:
                    42:09:9d:42:fc:4a:b6:bf:88:41:4c:1c:fd:c4:09:
                    45:6b:49:23:78:d0:24:58:ed:96:a5:39:42:47:92:
                    e4:9f:df:f4:d1:eb:f2:4e:45:00:3a:04:99:f1:07:
                    ac:a3:85:4b:39:69:a6:da:21:34:72:9a:d6:bf:1c:
                    a0:40:4a:32:61:68:f9:f9:63:ad:86:ea:c0:af:0e:
                    9d:7f:d7:9b:b7:32:1f:18:a2:c1:6b:b7:46:75:19:
                    ae:32:95:52:09:ea:f9:87:37:e8:d3:00:d2:28:01:
                    1b:62:42:bb:6e:6e:65:c6:e1:cb:f5:13:14:41:f2:
                    cb:7f:ed:97:e4:bd:ab:6c:d3:a8:05:1d:2d:c8:fe:
                    e6:d6:21:82:79:cc:2b:b3:1b:db:fe:d4:85:dc:d0:
                    4a:57:49:78:6e:e4:d4:cb:7a:91:72:5d:94:b6:c4:
                    8b:be:a8:f2:f3:d0:a8:d8:69:f8:84:2c:0f:78:e9:
                    bf:09:bf:d8:a7:2f:93:c3:ce:32:18:35:ed:ab:ab:
                    42:f3:c4:02:6a:3d:2c:73:b2:1f:1a:d1:b0:2a:15:
                    28:fe:a6:47:c7:a1:fc:f1:83:66:61:6a:bf:ce:23:
                    d3:15:c1:83:22:90:7c:21:6b:a9:2d:eb:5d:47:c3:
                    67:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:6D:2D:14:8E:2B:2C:72:91:03:17:D8:23:B8:13:8C:A5:6F:57:21
            X509v3 Authority Key Identifier:
                keyid:9D:36:27:D9:76:65:14:57:89:42:42:00:50:BF:83:A8:B1:29:16:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTYn2XZlFFeJQkIAUL-DqLEpFm4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38b8ba-df6c-486d-b6cd-1d5dd2258c4e/1/nTYn2XZlFFeJQkIAUL-DqLEpFm4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         28:f5:81:7f:7c:35:2f:5c:f1:1e:f6:5c:92:5b:87:db:16:63:
         3d:e1:0f:da:2e:7f:13:a6:12:ad:e2:6e:73:b2:a2:e0:d2:5d:
         2f:82:61:37:96:cb:3a:58:98:4f:53:57:98:fc:90:46:42:a1:
         e4:05:01:d1:30:69:80:b9:6d:f9:1b:f5:8b:2e:cf:88:3a:c6:
         10:81:ab:09:66:6e:f2:27:41:4f:33:5b:74:96:78:ba:72:2d:
         c3:d2:51:ba:7d:74:6d:9b:25:ca:e6:a7:92:21:b0:a3:53:fb:
         5c:a2:8d:76:4e:56:97:01:c1:e0:7d:ff:38:41:f4:72:68:0b:
         f2:d3:40:93:e8:ae:02:4d:ae:89:36:3d:65:33:be:f4:cb:c3:
         c6:85:de:cc:18:e2:aa:d1:bc:ae:8e:57:56:71:e6:b7:36:f5:
         42:08:04:d8:cc:ec:57:55:de:60:76:f7:db:41:77:02:6d:0a:
         c3:ab:48:a3:7b:31:6c:22:55:bb:c1:4d:f9:7d:b2:8f:ef:68:
         bc:b0:f9:4a:38:d3:af:2c:6a:a8:de:a0:db:c1:08:1d:2d:0d:
         7a:ef:48:55:61:9c:62:31:67:a2:5d:58:09:0e:c0:76:bc:94:
         7e:0f:c1:fc:e7:55:a5:43:6b:22:53:83:75:d0:2a:da:8a:c1:
         f6:0d:46:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ3VgJN0osZwiFK/jhYXr9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMzYyN2Q5NzY2NTE0NTc4OTQyNDIwMDUwYmY4M2E4YjEy
OTE2NmUwHhcNMjUwNDI3MTMwMDQ3WhcNMjUwNDI4MTMwMDQ3WjAzMTEwLwYDVQQD
EygwMTZkMmQxNDhlMmIyYzcyOTEwMzE3ZDgyM2I4MTM4Y2E1NmY1NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HyQU8yWknoFL5AUxxdCCZ1C/Eq2
v4hBTBz9xAlFa0kjeNAkWO2WpTlCR5Lkn9/00evyTkUAOgSZ8Qeso4VLOWmm2iE0
cprWvxygQEoyYWj5+WOthurArw6df9ebtzIfGKLBa7dGdRmuMpVSCer5hzfo0wDS
KAEbYkK7bm5lxuHL9RMUQfLLf+2X5L2rbNOoBR0tyP7m1iGCecwrsxvb/tSF3NBK
V0l4buTUy3qRcl2UtsSLvqjy89Co2Gn4hCwPeOm/Cb/Ypy+Tw84yGDXtq6tC88QC
aj0sc7IfGtGwKhUo/qZHx6H88YNmYWq/ziPTFcGDIpB8IWupLetdR8NnEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFtLRSOKyxykQMX2CO4E4ylb1chMB8GA1UdIwQY
MBaAFJ02J9l2ZRRXiUJCAFC/g6ixKRZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2Qt
MWQ1ZGQyMjU4YzRlLzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zOGI4YmEtZGY2Yy00ODZkLWI2Y2QtMWQ1ZGQyMjU4YzRl
LzEvblRZbjJYWmxGRmVKUWtJQVVMLURxTEVwRm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKPWBf3w1
L1zxHvZckluH2xZjPeEP2i5/E6YSreJuc7Ki4NJdL4JhN5bLOliYT1NXmPyQRkKh
5AUB0TBpgLlt+Rv1iy7PiDrGEIGrCWZu8idBTzNbdJZ4unItw9JRun10bZslyuan
kiGwo1P7XKKNdk5WlwHB4H3/OEH0cmgL8tNAk+iuAk2uiTY9ZTO+9MvDxoXezBji
qtG8ro5XVnHmtzb1QggE2MzsV1XeYHb320F3Am0Kw6tIo3sxbCJVu8FN+X2yj+9o
vLD5SjjTryxqqN6g28EIHS0Neu9IVWGcYjFnol1YCQ7AdryUfg/B/OdVpUNrIlOD
ddAq2orB9g1GJw==
-----END CERTIFICATE-----