Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          qDhhVDUgNDWlyUuaM0nPjE4atl1ajtfoiP/F1fnc8XQ=
Subject key identifier:   BD:C2:9C:26:21:DB:1A:C7:EB:56:8C:68:CC:2E:5C:A3:88:4C:58:9A
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       01976F9991043F450F9D532AFD07EB70DFFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          158B
Signing time:             Sat 14 Jun 2025 18:00:24 +0000
Manifest this update:     Sat 14 Jun 2025 18:00:24 +0000
Manifest next update:     Sun 15 Jun 2025 18:00:24 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: 0Nba+AA9lq3cfxgzclFb2ZsbcabaAICm9K5tv13eUDk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 18:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6f:99:91:04:3f:45:0f:9d:53:2a:fd:07:eb:70:df:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Jun 14 18:00:24 2025 GMT
            Not After : Jun 15 18:00:24 2025 GMT
        Subject: CN=bdc29c2621db1ac7eb568c68cc2e5ca3884c589a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:7a:0d:1a:4c:5e:6e:a3:67:fd:2b:e4:53:39:
                    78:a5:1a:32:ff:57:af:f7:f3:b9:9f:61:49:30:4d:
                    f1:fb:78:32:db:2b:ed:21:e3:34:a0:35:ec:17:f9:
                    f3:b5:3b:4b:a0:f5:b7:4b:7e:d8:fa:96:b7:39:a2:
                    7d:c5:bd:68:c6:a7:25:b8:83:f1:39:61:ef:b5:d9:
                    93:c5:0c:14:71:4a:5b:04:36:27:d8:95:71:35:a0:
                    9a:8c:7c:2d:35:a2:2a:db:99:8b:c8:75:8a:f4:19:
                    fe:c7:8c:03:e1:90:4c:5b:52:32:a5:0f:73:e1:91:
                    2d:81:b7:18:29:62:8f:0f:ef:bb:10:7e:cc:1c:78:
                    01:4d:09:f9:82:43:55:75:61:3b:7d:d6:f1:25:18:
                    ca:08:c7:e9:04:04:7f:c2:bb:81:40:48:56:58:b8:
                    15:d5:a2:1f:d3:08:69:76:2d:9d:a9:69:9d:90:76:
                    c4:4c:d4:4e:b7:15:eb:a5:d9:24:3f:b6:52:73:1d:
                    93:4f:47:a2:8f:ba:9c:ab:d7:9e:5c:e1:42:ab:c3:
                    78:6b:5e:2d:84:65:6b:40:17:52:98:52:6e:a7:84:
                    7b:1e:67:84:1d:d1:bc:2e:c1:34:4b:03:86:94:47:
                    60:8f:a1:33:a1:d0:60:ef:ab:b6:0d:be:3f:8e:8f:
                    48:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:C2:9C:26:21:DB:1A:C7:EB:56:8C:68:CC:2E:5C:A3:88:4C:58:9A
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:e4:e8:f6:0d:39:3e:c7:fe:69:74:a7:80:0d:28:ac:c5:76:
         0f:bf:ad:14:24:3f:e4:75:73:2b:a6:c7:a5:20:ef:3f:2f:ca:
         55:9f:2a:f6:36:ef:1d:3e:b2:65:79:9e:46:36:10:5e:b3:0f:
         ed:5f:e2:61:05:44:25:3f:01:68:e0:76:b3:bf:79:3a:65:38:
         34:16:b9:8a:f8:21:c1:f8:15:99:e5:b6:51:d9:10:4f:91:93:
         ec:51:7d:aa:2e:3e:28:a8:2e:21:96:10:da:33:72:47:cd:0b:
         9b:01:3a:57:d3:00:bf:be:92:bb:cc:1a:96:0c:78:c3:5a:6e:
         37:18:5a:c4:06:77:0d:48:5d:76:c5:a8:2e:29:bb:ab:51:5c:
         1e:e7:b3:4c:27:bc:6d:a4:22:ce:85:4b:d8:0a:94:56:46:a3:
         45:28:08:52:35:37:37:89:43:d4:75:88:4a:f5:dc:d5:10:73:
         7d:c3:fa:3e:8c:2a:98:7a:9f:de:7b:fe:b6:d9:1f:dd:5c:c0:
         8f:e0:d2:32:49:68:d9:1e:45:48:cf:3c:b5:75:a0:3c:a6:1e:
         42:3f:8a:85:2e:b0:c3:3a:56:30:91:07:83:ac:83:0e:6e:62:
         99:13:8c:6c:40:05:6e:d7:3f:6d:cc:f2:0f:4e:e3:bf:28:85:
         bf:5c:91:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdvmZEEP0UPnVMq/QfrcN/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjUwNjE0MTgwMDI0WhcNMjUwNjE1MTgwMDI0WjAzMTEwLwYDVQQD
EyhiZGMyOWMyNjIxZGIxYWM3ZWI1NjhjNjhjYzJlNWNhMzg4NGM1ODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0noNGkxebqNn/SvkUzl4pRoy/1ev
9/O5n2FJME3x+3gy2yvtIeM0oDXsF/nztTtLoPW3S37Y+pa3OaJ9xb1oxqcluIPx
OWHvtdmTxQwUcUpbBDYn2JVxNaCajHwtNaIq25mLyHWK9Bn+x4wD4ZBMW1IypQ9z
4ZEtgbcYKWKPD++7EH7MHHgBTQn5gkNVdWE7fdbxJRjKCMfpBAR/wruBQEhWWLgV
1aIf0whpdi2dqWmdkHbETNROtxXrpdkkP7ZScx2TT0eij7qcq9eeXOFCq8N4a14t
hGVrQBdSmFJup4R7HmeEHdG8LsE0SwOGlEdgj6EzodBg76u2Db4/jo9INQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL3CnCYh2xrH61aMaMwuXKOITFiaMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYuTo9g05
Psf+aXSngA0orMV2D7+tFCQ/5HVzK6bHpSDvPy/KVZ8q9jbvHT6yZXmeRjYQXrMP
7V/iYQVEJT8BaOB2s795OmU4NBa5ivghwfgVmeW2UdkQT5GT7FF9qi4+KKguIZYQ
2jNyR80LmwE6V9MAv76Su8walgx4w1puNxhaxAZ3DUhddsWoLim7q1FcHuezTCe8
baQizoVL2AqUVkajRSgIUjU3N4lD1HWISvXc1RBzfcP6PowqmHqf3nv+ttkf3VzA
j+DSMklo2R5FSM88tXWgPKYeQj+KhS6wwzpWMJEHg6yDDm5imROMbEAFbtc/bczy
D07jvyiFv1yRDQ==
-----END CERTIFICATE-----